Syncplify Server! v6.2.26 released

Importance of this update: [HIGH]
What’s changed?
  • Upgraded the compiler to the latest version, which comes with many fixes in the compiler’s standard library
  • Huge improvement in Protector(TM) performance, strikes are now counted up to 1000x faster than before
  • Added STSPreload to the global configuration in the SuperAdmin UI
  • Slightly relaxed RSA key security requirements to restore functionality of PKI authentication using old and insecure RSA keys (only when already known to the server prior to the changes made to prevent Terrapin)
  • Upgraded back-end SyngoDB database server to v4.11.0

IMPORTANT NOTE: those who are running the “worker” system service under a different account (not System or LocalSystem) will need to re-configure the service to run under such account after upgrading from any version number <= 6.1.12)

Upgrading from v6.x.y is a simple and fairly automatic process: simply download the latest version from the official download page, and install it over the existing version, all of your settings and license will be kept.

If, instead, you’re upgrading from an older (v4/v5) version, you find the upgrade instructions in our knowledge base.

Thank you all for trusting our software with your secure file transfers!


Syncplify Server! v6.2.22 released

Importance of this update: NORMAL
What’s changed?
  • The Golang compiler was updated to the most recent version, and a full rebuild was performed
  • Auto-generation of one 4,096 bit RSA host key for the SSH/SFTP protocol handler is back in (by popular demand)
  • Tiny minor/cosmetic bug-fixes here and there in the web UIs

IMPORTANT NOTE: those who are running the “worker” system service under a different account (not System or LocalSystem) will need to re-configure the service to run under such account after upgrading from any version number <= 6.1.12)

Upgrading from v6.x.y is a simple and fairly automatic process: simply download the latest version from the official download page, and install it over the existing version, all of your settings and license will be kept.

If, instead, you’re upgrading from an older (v4/v5) version, you find the upgrade instructions in our knowledge base.

Thank you all for trusting our software with your secure file transfers!


Syncplify Server! v6.2.18 released

Importance of this update: NORMAL
What’s changed?
  • On new installs the setup process does not create an RSA host key anymore, upgrades and restores from backups will not remove your existing RSA keys though
  • The repairhttp command-line verb now uses better defaults for HTTPS/WebClient! configuration
  • Better HTTPS/WebClient! default values are also used now when creating a new Virtual Site
  • Fixed the list of host key algorithms returned to SSH/SFTP clients, now it won’t include algorithms for keys your server doesn’t have
  • Upgraded the compiler to the most recent version to capture several fixes and improvements in its standard library

Read More


This is why you should use RSA host keys carefully, or just stop using them altogether

An extremely interesting research paper published in 2023 by Keegan Ryan, Kaiwen He, George A. Sullivan, and Nadia Heninger, mathematically proves yet another weakness with RSA keys – often used as host keys by/for SSH/SFTP servers – and this time it has to do with the way they are generated.

Without delving into the math itself, which is not the purpose of this blog, we would like to take this occasion to advise our customers to use stronger keys, like ECDSA or Ed25519, instead of RSA for their host keys.

Read More