Importance of this update: [OPTIONAL]
What’s changed?
- Restored support for PKI authentication (SSH2/SCP/SFTP) using insecure RSA keys (SHA1 signature, insecure moduli, …), while secure RSA keys have never been dropped. We understand that transitioning to secure keys can be a challenge for some users. While we’ve provided resources and recommendations for dropping RSA keys for PKI authentication and switching to more secure keys (ECDSA, Ed25519, …), we recognize that some users may require more time, hence the choice to re-enable PKI auth support for these insecure keys. This does not make our server software less secure, it simply means it may allow certain insecure algorithms, but security-conscious users will simply configure our server software not to use them, thus keeping it completely safe and secure
IMPORTANT NOTE: those who are running the “worker” system service under a different account (not System or LocalSystem) will need to re-configure the service to run under such account after upgrading from any version number <= 6.1.12)
Upgrading from v6.x.y is a simple and fairly automatic process: simply download the latest version from the official download page, and install it over the existing version, all of your settings and license will be kept.
If, instead, you’re upgrading from an older (v4/v5) version, you find the upgrade instructions in our knowledge base.
Thank you all for trusting our software with your secure file transfers!