RSA, DSA and ECDSA host keys

Syncplify.me Server! version: 4.0.0+

Our users are aware that old Syncplify.me Server! versions (from 1.0 to 3.x) used to support only a single host key, and it had to be an RSA key.

As of version 4.0, though, Syncplify.me Server! supports RSA, DSA, and ECDSA host keys, and it support multiple (unlimited) host keys per virtual server.

The addition of DSA keys was mostly driven by the fact that some of our customers possess legacy DSA host/server keys that they are required to use, in order for certain client applications to work properly. The addition of ECDSA host keys instead is a truly remarkable new feature, and to understand why just check out the comparison table here below: Continue reading

How to protect your backups from ransomware (Cryptolocker, WannaCry, and the like…)

Syncplify.me Server! version: 4.0.0+

Ransomware is a type of malware that restricts access to the infected computer system, and demands that the user pay a ransom to the malware operators to remove the restriction. Probably the most famous ransomware is Cryptolocker, and it’s definitely something you don’t want to deal with.

Regardless of the strenuous efforts put in place by Antivirus developers, the rate of infection is appalling. And what is worse is that such ransomware can also access all the shared folders on your NAS/SAN, so if you backup to a network drive your backups will be compromised too. The ransomware objectives include, in fact, preventing you from being able to restore your old (healthy) data from a backup.

Managing such situation with permissions and ACL (access-control lists) is a nightmare, and it’s hard to reach a true WORM (write once read many) situation which is the only truly secure way to prevent the ransomware from modifying the backups you’ve already stored. And if you have healthy backups the ransomware is “de facto” already defeated.

So what can you do to store your backups somewhere else in a truly WORM way? Continue reading

How to install Syncplify.me Server! v4

Syncplify.me Server! version: 4.0.0+

If you are already running an older version (v3.x) of Syncplify.me Server! and you wish to upgrade, then please carefully review this other KB article.

This article is intended only for new installations of Syncplify.me Server! v4.x onto systems where no other version of the software has ever been installed. The video below shows in detail the entire procedure:

 

Parametric home directories

Syncplify.me Server! version: 4.0.26+

Another highly requested feature that we introduced in Syncplify.me Server! v4 is parametric home directories.

Some of our customers, in fact, need to isolate every user in their own directory under a general “container”, the directory name being the same as the user’s username. They also requested that if a particular user’s home dir does not exist, it is automatically created when the user logs in.

A structure like this:
C:\SFTPData
+----------\user_one
+----------\user_two

This is how you do it in Syncplify.me Server! v4. Continue reading

Customizing SFTP and FTP(E/S) greetings and banners

Syncplify.me Server! version: 4.0.17+

Another improvement coming with version 4.0 of Syncplify.me Server! is the possibility to customize greetings and banners with variable fields that are automatically processed by the software when a client connects. Here’s a basic example of what you can write:

greetingconf Continue reading

Syncplify.me Server!: upgrading to version 4.x

Syncplify.me Server! version: 4.0.0+

Syncplify.me Server! v4 is more than just a major release. The software was totally redesigned and nearly entirely rewritten. The back-end database is new, both in structure (JSON) and with regards to the engine (MongoDB). The virtual file system (VFS) implements a true separation of the file transfer engine and the storage. Management is now entirely based on a rich set of REST API, to which we provide 2 front-ends: a modern Boorstrap/AngularJS secure web interface, and a completely redesigned CLI (command-line interface). For all these reasons, in order to upgrade to version 4 and keep your configuration and user database, you will have to carefully follow the procedures explained in this article, and especially in the VIDEO here below. Continue reading

How to increase the speed of SFTP downloads

Syncplify.me Server! version: 3.0.0+

If you run Syncplify.me Server! hosted on a VM in the cloud or at some co-location provider, you are probably aware that your ISP uses traffic shapers to optimize the transfer speed and to prevent malicious users from abusing network resources.

In some cases, though, such strategy (packet/traffic shaping) clashes against the very nature of the SSH/SFTP protocol, in which both control and data packets are sent on the same connection. In particular, you may experience issues between the requested SSH socket buffer and the advertised buffer size on the network. If that happens, we got you covered! As of version 4.0, in fact, you can use a special Registry key to force Syncplify.me Server! to use a socket buffer size that matches the one advertised by your network. Continue reading

Why didn’t I receive a reply to my support request email?

Here at Syncplify we take your support requests very seriously, and we always reply. Usually within 2-4 hours, and never beyond the second business day.

Sometimes, though, the requester does not receive our reply. Here’s a list of some of the most common causes:

1) Wrong requester e-mail address

Believe it or not, the most common reason for not receiving a reply from our support team is that you have mistyped your own email address while filling in the support request form. If you type john.doe@gmil.com (instead of gmail.com) we hit the “reply” button, and then get an “undeliverable” back from the server.

2) Your antispam rejects our reply

Sometimes we spend a lot of time typing a reply, just to find out that when we finally hit “send”, we receive an error like this:

554 5.7.1 <support@syncplify.me>: Sender address rejected: Blocked by this recipient

If you send us a support request, and wish to receive our reply back, please, make sure your antispam is not rejecting emails coming from the syncplify.me domain name. We never spam anyone, so whitelisting our domain name is a safe choice. Continue reading

Can I run Syncplify.me Server!’s HTTP REST API on port 443?

Syncplify.me Server! version: 4.0.0+

During the installation process of Syncplify.me Server! v4.x (or greater) you will be asked the IP address and port to which the new HTTP REST API service should bind. While in most cases 0.0.0.0 (all interfaces) is a safe choice for the IP address, it is important to carefully choose a port.

In order to help you choose, we have prepared a very easy diagram. Just answer the questions on the diagram, and you’ll know which port (not) to use.

HTTPS Port Choice

This said, in order to limit automatic probes (bots), choosing a non-standard port is probably always the safest way to go.