How secure is the SFTP protocol?

Many of our users know the FTP protocol very well, and they are aware that FTPS is the same protocol protected by a SSL/TLS connection. But when it comes to SFTP, we’re challenged pretty frequently with the question “how secure is SFTP?“.

The easy one-line answer would be: SFTP is very secure. But that is obviously not a real answer, therefore if you want to know more (and why/how it is secure), please, read on.

Continue reading

Syncplify.me Server!: more on Active Directory authentication

This article covers the interaction between the client and Syncplify.me Server! in case of Active Directory authentication, and explains how auth-data sent by the client is interpreted by the server.

For the sake of our example we have set up a Windows Server 2012 R2 virtual machine, and created the “syncplify.local” domain (totally made up, you can use your own domain name of course). We have then created an AD group called “SFTP Users” (again you can create your own groups) and a couple users: “testuser” and “groupuser”. The testuser profile is only member of the “Domain Users” group, while the groupuser profile is member of “Domain Users” as well as of “SFTP Users”.

Important: if you’re using Syncplify.me Server! v4.0 or greater, please make sure you also carefully read this article before you continue.

Then we have created the two virtual profiles in Syncplify.me Server! with the usernames exactly as you see them in the picture here below:

2012R2-AD-1

Continue reading

How to: use Syncplify.me Server! to keep your Android devices in sync

Some of our users are asking how to use Syncplify.me Server! as a shared repository to keep files/folders on their Android devices always in sync.

There are various Android FTP(S)/SFTP clients that work smoothly with Syncplify.me Server! but, in this case, we need more: we need one that doesn’t just transfer files between Android and FTP(S)/SFTP, but can also keep them in sync.

Continue reading

Syncplify.me Server!: why so many “ports” to configure?

Some of our users have been asking why there are so many “ports” to configure in Syncplify.me Server! and if configuring them is really necessary.

First of all, let’s say that Syncplify.me Server! is designed to work out-of-the-box, without the need for any special reconfiguration. In fact, by default, it uses the ports defined in each protocol standard (21 and 20 for FTP, 990 and 989 for FTPS, and 22 for SFTP) plus the widest possible port-range for passive FTP(S) connections.

Continue reading

RSA or DSA keys for public-key authentication with Syncplify.me Server!?

Some SFTP clients have the ability to generate key-pairs for SSH2 public-key authentication, and – in some cases – our users are presented with the question: do you want to generate RSA or DSA keys?

When you want to authenticate against a Syncplify.me Server!, please, always use RSA keys. If you use DSA keys you may not be able to successfully authenticate.

How does the new blacklist automatic trigger work?

In Syncplify.me Server! version 1.1.6.16 we have introduced an additional automatic triggering method for the blacklist, and several users asked us to explain how it works with more detail.

The previous versions, in fact, were already able to trigger the automatic blacklisting of a client IP address upon a certain number (configurable) of failed authentication attempts.

Continue reading

FtpScripter acquired by syncplify.me

Dear friends and fellow FtpScripter users, it’s our pleasure to announce that today FtpScripter has joined the syncplify.me family.

We will keep developing FtpScripter in the new company and with the brand new name of Ftp Script! Today we have released version 2.0.2.22 which is the first re-branded version with the new logo and slightly revisited GUI.