v2.6.0

New features

• Rewritten WebClient and WebAdmin UIs: we hope you find these new user interfaces more modern and easier to use. They also include a dark mode. Thank you to KeenThemes for granting us a custom license to use their amazing Mega Bundle for the new SFTPGo UIs.
• Documentation moved to sftpgo.github.io. The documentation source has been moved to this repository.
• Notifier plugin: add login succeeded events.
• Add time-based access restrictions.
• EventManager: allow to disable or delete inactive users.
• WebAdmin: allow to require password change and two-factor authentication also for admins.
• WebUIs: add experimental support for internazionalization.
• HTTP, WebDAV: allow to enable HTTP/2.
• Several bug fixes, minor features and performance improvements.

Features added to golang/x/crypto/ssh

This version benefits from some features I added to golang/x/crypto/ssh.

• Expose negotiated algorithms so that they can be logged.
• Add server side multi-step authentication. We were using an out of tree patch in previous versions.
• Add server side support for Diffie Hellman Group Exchange KEX. We were using an out of tree patch in previous versions.
• Allow to restrict allowed algorithms for public key authentication.

My work on golang/x/crypto/ssh is funded by @FiloSottile's clients. Thank you!!!

File transfer errors

Some errors for failed file transfers may reveal more information than necessary such as the actual filesystem path.
These errors are now filtered and the filesystem path is replaced with the virtual path.

Thanks to @nezzzumi for reporting this issue.

Backward incompatible changes

• The configuration file changed in a backward incompatible way. If you are modifying the configuration file instead of setting your customization via environment variables, make sure to adapt it to the new version.
• Removed support for the metadata plugin because it is very slow and memory intensive with folders containing millions of files. We will look to add metadata support again in the future, in a smarter way, if companies using SFTPGo are interested enough to fund this work.
• Data retention: removed ignore_user_permissions. This is the default now.
• RSA certificates/keys less than 2048 bits are no longer accepted.
• SSH: removed moduli files. Diffie Hellman Group Exchange KEX is now built-in. No external moduli files are required.
• Environment variables passed to plugins must respect a name convention: if the plugin name is named, for example, sftpgo-plugin-eventsearch only environment variables starting with SFTPGO_PLUGIN_EVENTSEARCH_ will be made available to the plugin.
• Removed support for diffie-hellman-group18-sha512 KEX because our previous implementation was too slow to be useful.
• Virtual folders returned along with users by external authentication hooks/plugins must exist.

Contributions

We now require to agree to our Contributor License Agreement to accept contributions.
The CLA is based on a standard Apache ICLA.
Agreeing to the CLA explicitly states that you are entitled to provide a contribution and that you cannot withdraw permission to use your contribution at a later date. This removes any ambiguities or uncertainties.

Some past contributors did not respond to our request to sign the CLA or were unable to sign it, so we have rewritten or removed their contributions. The following (minor) features have been removed:

• redirecting output from external programs in SFTPGo logs.
• robots.txt endpoint.
• reading data provider username and password from file. This feature was never included in a stable release.
• support for having a different folder prefix for SFTP and FTP. The same can be achieved using a pre-login hook.

Note

Clarified licensing and compliance.

v2.5.6

Bug Fixes

• Update golang/x/crypto/ssh to v0.17.0. Fixes CVE-2023-48795.
• Keyboard interactive authentication: respect hook disabled setting.
• S3: fix compatibility with newer SDK versions.
• Portable mode: fix panic while validating TLS certificates.

v2.4.6

set version to 2.4.6

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>

v2.5.5

New Features

• HTTPD: set log level based on the status code.

Bug Fixes

• HTTPD: fixed logging of refused requests due to rate limiting/blocklisting.
• HTTPD: fixed storing invalidate sessions for multi-node installations.
• HTTPD: disable directory index for static files.
• WebUI: fix reusing dismissable alerts.
• WebClient: fix icon for 0 byte files
• WebClient: respect password strength for shares.
• Fixed two crashes that could occur with heavy use of group features.
• Auth plugins: check for password change after an empty response.

v2.5.4

Bug Fixes

• File patterns: fix denied except rules.
• Fixed a memory leak in Postgres driver. Affected SFTPGo versions: v2.5.2, v2.5.3.
• FTPD: fixed a possible passive ports exhaustion.

EDIT July 24, 2023: rebuilt the docker image with plugins to fix the memory leak in the Postgres driver for the following plugins: eventsearch, eventstore, metadata.

v2.5.3

New features:

• added auth plugin for LDAP/Active directory authentication.

Bug fixes:

• config: fix loading commands args from env vars.

v2.5.2

New Features

• WebClient: show user quota.
• WebAdmin: don't show hidden deny policy for allowed patterns to avoid confusing users.
• WebAdmin: sanitize more user inputs before validation such as leading and trailing slashes in key_prefix and trimming white spaces.
• EventManager: add email field placeholder.
• EventManager: allow to set bcc field in email actions.
• File patterns: evaluate allowed filters before the denied ones.
• Added support for verifying sha256/sha512 passwords hash. This simplifies the migration of users from some proprietary products.
• APT repo: added Debian 12 "bookworm" .

Bug Fixes

• WebClient: fixed sorting by size in file manager.
• WebUI: fix disclaimer path.

Backward incompatible changes

• Removed per-source data transfer limits: this was an oversight, it never worked.
• Docker: remove Distroless based images. More details here.
• Docker: remove CAP_NET_BIND_SERVICE from the sftpgo binary.

v2.5.1

New features

• EventManager: add content type to email config
• Docker: use version 3.18 for Alpine images
• osfs: add optional buffering
• Notifier plugin: add support for generic log events

Bug fixes

• WebClient: update the last password change timestamp after a password reset

v2.5.0

New features

• WebUI: make error messages dismissible.
• WebAdmin: allow to search and export audit logs.
• WebAdmin: allow to configure SMTP and the most common ACME and SFTP settings from the WebUI.
• IP/network lists moved from files to provider. Therefore they can be managed from the WebAdmin UI.
• WebClient shares: replace basic auth with a proper login form.
• WebClient: added copy action.
• WebClient/REST API: remove default upload size limit.
• EventManager: added a notification action for users with expiring passwords.
• EventManager: added copy action.
• EventManager: added support for pre-* actions.
• EventManager: added on-demand trigger.
• EventManager: added IDP login trigger and check account actions.
• Added support for password policies (strength and expiration).
• Added role support to delegate user administrations.
• Allow to set a default expiration for newly created users.
• Added a CLI command to reset the admin password.
• Added a CLI command to check if the service is alive.
• GCS: allow to customize upload part/time.
• Conditional support for recursive renaming for cloud providers.
• Allow to disactivate event rules.
• Added support for monitoring and automatically reloading TLS certs.
• WebDAV: allow to define custom MIME type mappings.
• Fs events: added elapsed field.
• Groups: allow to overidde account expiration date.
• SSH: enable keyboard interactive authentication by default.
• HTTP to HTTPS redirect now allows the HTTP binding on port 80 to be used also for ACME HTTP-01 challenge.
• Portable mode: allow to read the password from a file.
• Capture logs from external auth, pre-login and check password hook commands.
• FTPD: allow hostnames for passive IP.
• Docker: build also for armv7.
• Added an experimental Terraform provider.

Backward incompatible changes

• Portable mode: remove support for service discovery via multicast DNS.
• REST API: remove merging of fields on update, respect the PUT verb.
• File based allow and block lists are not supported anymore.
• JSON serialization of the users: rename 2fa_protocols to two_factor_protocols to improve compatibility.

Other

• Support plans added to the SFTPGo website.
• Thanks to Polina Zvorykina, VK for reporting an XSS vulnerability in the new IP lists page before the official release, although we are not pleased that they don't support the project and they use a private SFTPGo fork.

v2.4.5

Bug fixes:

• Proxy PROTOCOL v1: fix parsing IPv4-mapped IPv6 address.
• PostgreSQL data provider (pgx library) now supports non-blocking I/O also on Windows. This improvement fixes several issues when using the Postgres data provider on Windows.
• Fix checking the create_dirs permissions in some edge cases.
• Improve error messages for errors that occur while reading/writing files.