How to: fix a white-list or safe-list suddenly empty

Syncplify.me Server! version: 4.0.0-4.1.4

Occasionally users report that their white-list or safe-list in the web management interface suddenly shows up as “empty” and they cannot add any more IP addresses or networks to it. That bug was already previously documented in our knowledge base, and has been resolved/fixed as of version 4.1.5.

The misbehavior is caused by the fact that an Admin has added the same IP or network twice to the list(s).
Upgrading to the latest version will prevent Admins from adding any more duplicates… but it does not sanitize the existing lists, so you will still have to “clean” your lists manually before you can see them again. Continue reading

Making Syncplify.me Server! work with SSHFS/WebEx

Syncplify.me Server! version: 4.0.19+

SSHFS is a FUSE-based filesystem client for the SSH File Transfer Protocol (SFTP); it’s very common among Linux users to mount SFTP targets as local directories. WebEx is a well-known teamwork collaboration tool by Cisco that uses SSHFS to back-up its data to a remote SFTP server.

Unfortunately, the coupling of SSHFS/WebEx – at the time this article is being written – has at least two problems that can cause serious issues to servers that implement the SFTP protocol and its extensions correctly. Continue reading

Firewalls and FTP external IP address for PASV

Yesterday we came across what, at first, seemed to be a pretty odd case, and we think it’s worth sharing it with our users.

Most firewalls (we’d say all the ones we know) have NAT/PAT capabilities, and many are able to perform protocol-level inspection when the connection is not encrypted. SSH (and SFTP) are always encrypted, but FTP can be either encrypted or not; yet, theoretically protocol inspection should only prevent protocol-related attacks, not modify client requests or server responses.

Yet, yesterday a customer with a perfectly configured instance of Syncplify.me Server! was experiencing a weird behavior: FTPS/FTPES (encrypted) sessions were working perfectly, while plain FTP sessions were dropped upon every attempt to open a data connection to transfer files. Continue reading

CloudBerry Backup and Syncplify.me Server! Free (SFTP)

Some users reported the inability to perform backups from CloudBerry Backup to Syncplify.me Server! Free Edition.

Therefore we have analyzed the situation, and this is what we have discovered:

  • By default CloudBerry Backup tries to use 5 (five) concurrent connections to your SFTP server
  • The free edition of Syncplify.me Server! is limited to 3 (three) concurrent connections, and drops/cuts the 2 connections that exceed such limit

Since the number of concurrent connection cannot be changed in Syncplify.me Server! Free (hey, after all, it’s a forever-free product for personal use only) then our recommendation is to set CloudBerry to perform 3 concurrent connections instead of 5. Continue reading

Linux sftp client error 6: invalid packet (solution)

Some users of Syncplify.me Server! have reported that when trying to connect to Syncplify.me Server! using the command-line sftp client from certain (but not all) Linux versions they are suddenly disconnected with the error message shown in the picture here below:

linuxbefore

The error code 6 (invalid packet) signifies that the Linux sftp client was not able to negotiate a secure session with the server due to the (client) inability to verify the contents of the KEX packet coming from the server.

Continue reading