Switch to Legacy (Bitvise) SSH Library


THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT v7.4.11 - v7.4.15.x
  • In EFT v8.0-8.0.5, add the values below to the AdvancedProperties.json file
  • Not available in v8.0.6 and later (removed Bitvise library)

When you use this advanced property to enable old ciphers, the Negotiated SSH Ciphers report does not retrieve data (EFT v8.x and later) 

DISCUSSION

EFT v7.4.11 and later use an updated SSH library, v7.7.1.0_openssh. Prior to this update, EFT used 1.82_sshlib (Bitvise).

If you want to revert to the legacy SSH library, create the registry setting below (pre-v8) or in 8.0-8.0.5, add the advanced property to the AdvancedProperties.json file.

In 8.0-8.0.5, add the advanced property to the AdvancedProperties.json file like below: 

{
"UseLegacySFTP":true
}

If you have multiple Advanced Properties in the file, place a comma after true, unless it's the last one. For example:

{
"UseLegacySFTP":true,
"AuditSuccessSocketConnections":true,
"SAMLSSODigestAlgp":"sha256"
}

IMPORTANT

In EFT v7.4.11 and later with the updated library: 

  • For non-FIPS implementations, the private keys generated by previous versions should load just fine. RSA, DSA and SSH.com formats are supported.
  • For FIPS implementations, FIPS mode does not support MD5. This means that only the new format keys are supported. The keys themselves are fine, it is the file format that is not supported. As a workaround you can use third-party tools like PuTTYGen to convert keys to the OpenSSH new format.

To revert to the legacy SSH library

Create the following registry setting:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: DWORD

Value name: UseLegacySFTP

Value: true = use legacy SFTP; false or doesn't exist = use updated SFTP

Restart Required: yes

Backup/Restore: yes

See also: https://kb.globalscape.com/KnowledgebaseArticle11456.aspx