Release Notes · SFTP Gateway Support

Note: This page applies to SFTP Gateway version 2.x. Visit Here for documentation on version 3.x.

Version `2.001.07` - 2022-4-1

Fixes the Pwnkit, CVE-2021-4034, vulnerability found on version 2.001.04.
Removes the deprecated Click here link from the getting started page when you initially set up your VM.
Changes the SSL certificate expiration to 10 years as opposed to one.
Updates Azure SDK from 12.3.1 to 12.7.0

Fixes an issue where using uppercase letters in the VM name breaks SFTP Gateway after the first reboot.
Fixes an issue where large files (over 2.5 GB) are copied to Blob storage, but are not deleted from the uploads folder (and therefore get perpetually uploaded).
Updates some body copy in the web admin UI so that it refers to Blob storage rather than S3.
Dynamically determines the Blob storage endpoint for the AzCopy command (the Blob storage endpoint is different when using GovCloud).

Fixes an issue where resetting a user's password prevents other users from logging in using password authentication.
Changes the default user folder scan frequency from every minute to every 5 minutes. This is to improve the performance and stability of servers with many SFTP users.
Adds a systemd-tmpfiles configuration to clear out temp files that could fill up disk space over time.

Fixes an intermittent issue where the swap partition was not getting created prior to self configuration on first launch, resulting in LDAP and Java not communicating.
Fixes an issue where the readme file was not getting uploaded to an SFTP user's downloads directory.
Fixes some documentation in the swagger page.
Fixes an issue with the sshldap command so that it no longer hard-codes the domain component (DC).

We're now using CentOS 7 instead of Ubuntu 18. This means you need to migrate in order to upgrade.
Audit logging is available and enabled by default.
You can now use the web admin page to manage password authentication, in addition to SSH key auth.
Default folders (uploads and local) can now be disabled on a per-user basis.
You can now use the web admin page to set the Storage Account name and key
You can set an expiration date on an SFTP user's account
You can authenticate to the web admin page using AAD credentials

Fixes an issue where private keys were improperly formatted when downloaded from certain web browsers.
Fixes an issue where the SFTP user is taken to the root of the file system, when SFTP Gateway is deployed in certain enterprise environments.
Fixes an issue where files were being uploaded to Blob prematurely, when installing vsftp and using the FTP/S protocol.
Fixes an issue where you are unable to access the sftpgw.sh CLI using sudo.
Fixes an issue where TLS 1.0 was enabled on Nginx (this setting gets flagged during vulnerability scans).
The web admin password is now set to a random string, which is stored in the root user's home directory. Previously, it was set to the VM's Computer Name by default.
Fixes an issue where the self-signed SSL was rejected by Google Chrome on Mac OS Catalina.
Fixes an issue where SFTP login would hang when the user has a lot of subdirectories under their uploads folder.
A swap partition is now created for you by default.
Fixes an issue where the login spinner button would hang if an incorrect password was entered.
Fixes an issue where AzCopy was not deleting files in the destination after it was removed from the source