June 2021 – Syncplify Developers Blog

Syncplify Devs
June 30, 2021

Dropping Windows User/Group support

Syncplify.me Server! v1.0 was released back in Q1-2014. Since then, and all the way up to now, nobody (not a single one of our customers) has ever used profiles of type “Windows User” or “Windows Group”.

We have plenty of customers who rely on “Active Directory User” and/or “Active Directory Group” profiles, that’s obvious and expected, and the most common user profile is the so-called “Normal” user, which is a basic user profile saved in the software’s own internal database. But nobody has ever used the local operating system user profiles.

Therefore, given the security implications involved, the fact that with v6 we’re going fully cross-platform, and the fact that no one seems to even want to use this kind of profiles, we decided to drop them.

Syncplify Server! v6.0 will then feature the following user profile types:

Normal (local to the server, saved in Syncplify Server!’s own internal database)
LDAP User (which includes Active Directory)
LDAP Group (which includes Active Directory)

Later, probably with the release of v6.1, we will also add support for SAML2.0 user profiles.

Leave a comment InSyncplify Server!

Syncplify Devs
June 28, 2021

Syncplify.me Server! v5.1.19 released

We have released version 5.1.19 of our flagship product, Syncplify.me Server!
This update features the following improvements:

Fixed: small bug that occasionally prevented the WebClient! component from correctly activating its own license
Fixed: service status report when adding/removing services is now updated correctly every time

Thank you.

Greatly simplified Active Directory (LDAP) integration

More good news regarding Syncplify Server! version 6.0: we have greatly simplified the management of users (and even groups) profiles.

In all previous versions the Admin had to specify the type of LDAP query (UPN/sAMAccountName) and the desired order in case of multiple query types, but groups would only allow the use of UPNs; this, occasionally, led to some confusion.

As of version 6.0, Syncplify Server! is capable of gracefully handling both UPN and sAMAccountName logins, for both LDAP user and group profiles, no questions asked, no special configuration needed.

What you see in the picture here above is the same user, logging in twice, the first time using their UPN, and then using their sAMAccountName.

But wait… there’s more!

In the example above, what you see is not a user profile in Syncplify Server!… it’s an LDAP Group profile! The “sftptest” (or “sftptest@ad9.local”) user was able to log in simply because it’s part of the “sftpusers” LDAP group in the underlying Active Directory. And the session logs make it very clear:

nodeId="peaceful-booth"
sender="ssh2_sftp-handler"
sessionId="e6G8PrHp2KRjQrqCS3SDSn"
clientIp="127.0.0.1"
serverIp="127.0.0.1"
serverPort=22 
protocol="ssh2_sftp"
username="sftptest@ad9.local |&gt; sftpusers"
method="SESSION-START"
uriStem=""
uriQuery=""
status=200
cliToSrvBytes=0
srvToCliBytes=0
latencyMillisec=0
latencyHuman="4.197µs"
userAgent="SSH-2.0-OpenSSH_8.4p1 Ubuntu-5ubuntu1"

This user profile simultaneously represents the user itself, as well as the group profile it belongs to, and from which it inherits its configuration, permissions, virtual folders, etc…

Leave a comment InSyncplify Server!

Syncplify Devs
June 21, 2021

V6 is safer than ever

We just ran the full suite of updated metasploit tests against the latest Syncplify Server! V6 alpha, and we’re happy to announce that our new version withstood all attacks without even breaking a sweat.

The new and improved Protector^TM was able to identify all known and unknown attacks, add all attacking IP addresses to the block-list, without ever using more than 0.28% of the VM’s combined vCPU core capacity.

Leave a comment InSyncplify Server!

Syncplify Devs
June 18, 2021

JSON structured logs

Log files are system administrators’ best friends. Well, they are if they are understandable and useful. The problem with most log files, including most of the so-called “human-readable” ones, are very badly structured, and ultimately only truly understandable by a machine.

For that reason, in the past few years JSON-structured log files have become all the rage. Because they are easily understandable by a human being, and extremely fast to parse for a computerized log analyzer.

So, yes, in Syncplify Server! v6 you will find JSON-structured logs that look pretty much like this:

{
    "time":"2021-06-18 13:31:46.781",
    "level":"info",
    "nodeId":"peaceful-booth",
    "sender":"ssh2_sftp-handler",
    "sessionId":"bCrx5QKuNao73CB9UQTURU",
    "clientIp":"127.0.0.1",
    "serverIp":"127.0.0.1",
    "serverPort":22,
    "protocol":"ssh2_sftp",
    "username":"test",
    "method":"SESSION-START",
    "uriStem":"",
    "uriQuery":"",
    "status":200,
    "cliToSrvBytes":0,
    "srvToCliBytes":0,
    "userAgent":"SSH-2.0-FileZilla_3.52.2"
 }{
    "time":"2021-06-18 13:31:46.786",
    "level":"info",
    "nodeId":"peaceful-booth",
    "sender":"ssh2_sftp-handler",
    "sessionId":"bCrx5QKuNao73CB9UQTURU",
    "clientIp":"127.0.0.1",
    "serverIp":"127.0.0.1",
    "serverPort":22,
    "protocol":"ssh2_sftp",
    "username":"test",
    "method":"LIST",
    "uriStem":"/",
    "uriQuery":"",
    "status":200,
    "cliToSrvBytes":0,
    "srvToCliBytes":0,
    "userAgent":"SSH-2.0-FileZilla_3.52.2"
 }{
    "time":"2021-06-18 13:31:48.257",
    "level":"info",
    "nodeId":"peaceful-booth",
    "sender":"ssh2_sftp-handler",
    "sessionId":"bCrx5QKuNao73CB9UQTURU",
    "clientIp":"127.0.0.1",
    "serverIp":"127.0.0.1",
    "serverPort":22,
    "protocol":"ssh2_sftp",
    "username":"test",
    "method":"SESSION-END",
    "uriStem":"",
    "uriQuery":"",
    "status":200,
    "cliToSrvBytes":0,
    "srvToCliBytes":0,
    "userAgent":"SSH-2.0-FileZilla_3.52.2"
 }

In addition to that, while older versions of our software only supported logging to file or syslog, the next major version will support 4 log targets: file, syslog, database, or stdout.

Leave a comment InSyncplify Server!

Syncplify Devs
June 17, 2021

Yes! Notifications… and emails!

Just a few quick lines to share these days’ progress with you guys.

We have just finished implementing a whole new notification subsystem. So, we can now confirm that Syncplify Server! v6 will feature (for the first time in our product lifespan) automatic notifications for important events that happen in the software itself.

There are 3 types of notifications:

Information: things like “the service is starting” or “an update is available”
Warning: things like “your SSL/TLS certificate will expire in 15 days”
Error: things like “the service cannot start because the license is invalid”

Notifications will be available in the web interfaces (both SuperAdmin UI and Admin UI) and, optionally, each SuperAdmin and each Admin may elect to receive some of them (by category) also via email.

Leave a comment InSyncplify Server!

Syncplify Devs
June 13, 2021

Heterogeneous (cross-system) high-availability

Just a quick update to let everyone know that Syncplify Server! v6 is going to support heterogeneous high-availability deployments.

What’s that?

That’s when you have two or more nodes (machines or VMs) running Syncplify Server!, all acting as a single larger SFTP server… and they are heterogeneous because (unlike most competitors) in our design each node can have a different operating system.

Yes, you got that right: you can have, for example, a 2-node high-availability (HA) set with one node running on Windows and the other node running on Linux.

Leave a comment InSyncplify Server!

Syncplify Devs
June 13, 2021

PowerShell over SSH-2 with full colors and autocomplete

In Syncplify.me Server! versions 1 through 5, we used a pseudo-shell self-contained process that would work as a host for a “cmd.exe” sub-process to provide shell access to system administrators via SSH-2. This was very limited, didn’t implement an actual pty, didn’t support colors, and the pipelining between main and sub process was fixed.

The new version 6, instead, we support both PowerShell (including PowerShell 7) and CMD, and we export an actual pty with full support for terminal colors and even auto-complete.

Here’s a sneak-peek to show the progress:

This is PowerShell 7, over SSH-2, from a Linux VM to a Windows VM, via Syncplify Server! v6.

Leave a comment InSyncplify Server!

Archives: June 30, 2021