SecureFX(R) 9.7 (Beta) -- August 28, 2025
Copyright (C) 1995-2025 VanDyke Software, Inc.
All rights reserved.
This file contains the SecureFX product history. It includes lists of
new features, changes, and bug fixes sorted by release. For a product
description, installation notes, registration information, and contact
information, please refer to SecureFX_README.txt (downloaded with this
installation).
Changes in SecureFX 9.7 (Beta 2) -- August 28, 2025
---------------------------------------------------
Changes:
- Transfer operations that fail with error code 0x36 ("The network
is busy") are retried automatically if the global INI-file-only
option "File Operation Retry Attempts" is set to a value greater
than 0.
- Improved error reporting when a session or folder stored on
OneDrive cannot be deleted by the Session Manager because it is
read-only.
Bug Fixes:
- If an HTTPS server unexpectedly closed the connection during a
file transfer, SecureFX could have crashed.
- When applying certain changes from the default session to all
other sessions, a crash may have occurred.
- If an FTP data connection could not be established, FTP operations
(e.g., file listings, transfers, etc.) could have hung.
- When transferring files using SFXCL, if the connection was lost
during the transfer, the SFXCL process may not have exited as
expected.
- Windows: When there were sessions or folders selected in the
Session Manager, right-clicking on another session or folder
did not clear the original selection.
- macOS/Linux: If a Transfer Queue column was hidden, data for that
column may have been incorrectly displayed under a different
column.
Changes in SecureFX 9.7 (Beta 1) -- August 7, 2025
--------------------------------------------------
New Features:
- Added the ability to pause transfers in the transfer queue and
transfer window.
- Added support for the diffie-hellman-group15-sha512 and
diffie-hellman-group17-sha512 key-exchange algorithms.
- Added the ability to specify separate locations for the trusted
OpenSSH certificate and its private key file, which facilitates
compatibility with Teleport.
- Added support for the sudo "-S" option, which prompts for a
password on stderr if required before starting the shell.
- Added the ability to always prompt for a set of saved
credentials to use when connecting.
- Saved credentials can be created without a username.
- Added the ability to connect or reconnect an SSH2 session after
changing the username.
- Added the ability to manually refresh the list of sessions in the
Session Manager.
- Added the ability to select a conflict resolution method
(overwrite, merge, duplicate, only new) when importing
sessions from an XML file.
- Added a global INI-file-only option "Remote directory change
forces refresh." If this option is set, when a remote directory
change occurs, the listing will be refreshed even if it had
previously been cached.
- Added a "Copy as path" item to the Session Manager's context
menu, which allows a session's path to be placed on the
clipboard.
- Added the ability to open a local folder in the system file
explorer from SecureFX's local window context menu.
- The File menu item "New/File" allows local and remote files to be
created.
- SFXCL: Added the ability to specify a set of saved credentials
using the command-line option /CREDENTIALS.
- Added the ability to deregister SecureFX, making it easier to
move a license to a different machine.
- Windows: Added an administrative option that disallows public
key creation.
Changes:
- For new installations of SecureFX, the default cipher is
aes256-gcm@openssh.com.
- SecureFX skips the x509v3-rsa2048-sha256 signing algorithm when
connecting to sessions using the Cisco compatibility mode.
- When a wildcard is specified for a synchronize operation in
SecureFX or SFXCL, the operation will be recursive unless
[no-subdir] is specified.
- If a path or filename contains a space, it will be quoted when
"Copy Path" or "Copy Filename" is selected from the context menu.
- Changed the default value for "Number style" in the SecureFX
local and remote windows to "Abbreviated" which matches the
default value in the transfer queue.
- XML imports warn if the license being imported isn't valid for
the current version of SecureFX. Invalid and trial licenses
are not imported.
- The XML import log includes the serial number of an imported
license.
- When duplicating a session, the port can be modified.
- The "Select SSH2 Session" now remembers the last selected firewall
session.
- The Session Manager's find session options are now saved.
- In the Global and Session Options dialogs, if column widths in
tables are adjusted, these changes are saved.
- The Firewall Properties dialog can be resized.
- Added a Friendly Name column to the Select Certificate dialog.
- The product version is displayed at the top of the "Enter
Passphrase" and "Change or Reset Passsphrase" dialogs.
- Windows: Updated some of the display themes.
Bug Fixes:
- ECDSA keys generated by SecureFX and saved in OpenSSH format
may not have been usable by OpenSSH clients.
- When connecting to a server that advertised the supported public-
key algorithms via the server-sig-algs extension, authentication
may have attempted to use a public-key algorithm that the server
did not support.
- When using AWS temporary credentials, authentication failed with
an "InvalidAccessKey" error.
- If the data connection failed during an FTPS synchronization file
operation, SecureFX did not retry the operation.
- When performing file downloads, transfer speeds may have been
slower than expected.
- When transferring text files with certain encodings (e.g., UTF-16,
UTF-32), line endings may not have been translated as expected.
- SecureFX failed to obtain a directory listing over SCP on systems
with a restricted shell.
- Changes made to the default session were saved even when the
"Apply default session changes" dialog was canceled.
- Some Default Session options were not being honored in Quick
Connect.
- When a session file was deleted from the file system, attempting
to delete that same session from the Session Manager resulted
in an error.
- When SecureFX was launched using the /Session_Folder command-line
option with the top-level folder specified, connection attempts
were made to the default session profiles.
- Windows: When connecting to a host in which the configured
key-exchange, cipher, or MAC algorithms did not match what the
server had configured, the prompt offering to enable the
compatible algorithms may have been displayed behind the
SecureFX window and random characters may have appeared in the
dialog title.
- Windows: SecureFX did not export the public key into an SSH2 key
even if "Use certificate as raw SSH2 key" was enabled.
- Windows: If a public key in the session options contained
"%USERPROFILE%" in the path, SecureFX failed to find the
associated private key.
- Windows: When a file or folder transfer was in progress and
another file or folder transfer was started, the transfer queue
may have stopped displaying transfer progress.
- Windows: When importing a configuration, if both a folder name and
session name were part of the same "key name=" line, the session
was not imported as expected.
- Windows: When importing a configuration that changed the
protocol for an existing session, the icon displayed in the
Session Manager indicating the session protocol was not
updated.
- Windows: If a password that was surrounded by double-quotes was
specified as part of an SFXCL command-line operation, the
password appeared in plain text in the log file.
- Windows: When SecureCRT and SecureFX were running in the same
process, the SecureFX menu and toolbar could not be customized.
- Windows: When TLS 1.3 was used for an FTPS or HTTPS connection,
the negotiated key exchange algorithm was incorrectly logged as
"CN" with a strength of 0.
- Windows: If the Connect Dialog was resized too small, after
increasing the size, the controls were not drawn correctly.
- Windows/Ubuntu: SFXCL appended a spurious '.' to the filename of
uploads to MVS sessions.
- macOS/Ubuntu: When connected to an HTTPS server, attempting to
create a directory that already existed on the remote unexpectedly
failed with an error.
- macOS/Ubuntu: In the Session Options dialog, changes made to the
username could have been reverted by selecting the PublicKey
authentication option after making the change.
- macOS/Ubuntu: When SecureCRT and SecureFX were running in the same
process, the active tab did not change when pressing Ctrl+Tab
in SecureFX.
- macOS: When checking for updates using "Update Now", a small
amount of memory may have been leaked.
- Ubuntu: SecureFX failed to upload to Arista devices over SCP.
- Ubuntu: If a valid SecureFX license was in place, SFXCL still
ran in evaluation mode.
