VanDyke Software

SecureFX History

            SecureFX(R) 9.0.1 (Official) -- March 18, 2021

            Copyright (C) 1995-2021 VanDyke Software, Inc.
                       All rights reserved.

This file contains the SecureFX product history.  It includes lists of
new features, changes, and bug fixes sorted by release.  For a product
description, installation notes, registration information, and contact
information, please refer to SecureFX_README.txt (downloaded with this 

Changes in SecureFX 9.0.1 (Official) -- March 18, 2021


  - Restored the ability to use the SHA1-96 and MD5-96 MACs.

Bug fix:

  - If the remote server was shut down during a synchronize operation,
    SecureFX did not automatically attempt to reconnect to the server.

Changes in SecureFX 9.0 (Official) -- February 18, 2021

No changes.

Changes in SecureFX 9.0 (Beta 6) -- February 9, 2021

No changes.

Changes in SecureFX 9.0 (Beta 5) -- January 26, 2021


  - Windows: When using a PKCS#11 provider DLL that did not match
    the architecture (32 vs. 64 bit) of the client, a misleading
    error was displayed.  The error message has been modified to
    describe the error more accurately.

Bug Fixes:

  - Windows: When renaming a file in the local window that would have
    resulted in a naming conflict with an existing file, under certain
    circumstances, SecureFX could crash.

  - Windows: When viewing the Session Options dialog, certain
    display configurations resulted in scroll bars appearing in
    the category tree.

  - Mac/Linux: When editing a remote file, if the path to the selected
    "Open With" application contained a space, the application path
    was not saved with surrounding quotes, preventing the application
    from being opened on subsequent remote edit attempts.

  - Mac: When multiple files or folders were selected in the local
    or remote window, dragging those items to initiate a transfer
    could have failed.

  - Mac: Dragging a session or folder into another folder caused
    that session or folder to be hidden from view.  A restart of
    the application caused the folder or moved session to be
    displayed correctly.

  - Mac: When using "Update Now..." to check for and download an
    updated installer, the progress dialog was not shown for the
    initial check or during the download.

  - Linux: When the application ran over X11 forwarding and the
    window size became too large, a crash could occur.

  - Linux (RHEL 8): When attempting to install SecureCRT and
    SecureFX in parallel using standalone installers (i.e., not
    the scrt-sfx combined installer), the installation of the
    second application would have failed due to unexpected file

  - Linux (RHEL 7/8): When SecureFX was uninstalled, the
    "/usr/local/lib/SecureFX" folder was not removed.

Changes in SecureFX 9.0 (Beta 4) -- December 15, 2020

Bug Fixes:

  - When connected to Amazon S3, if the user did not have permissions
    to access a bucket, SecureFX would re-prompt the user for
    credentials even though valid credentials had already be entered.

  - Windows: When uploading a file to an Amazon S3 "pseudo" folder, a
    duplicate pseudo folder may have been created using the name of the
    file uploaded.

  - Windows: When using QuickConnect for an RDP connection, if the
    domain name was specified as part of the username, under certain
    scenarios, the domain name may have been prepended to the username
    twice on the RDP authentication prompt.

  - Linux: When running SecureFX over X11 forwarding and the X11
    server was either misconfigured or not running, the application
    would crash at startup.

  - Linux: When the file type filter dropdown was clicked from a
    folder browse dialog, SecureFX could crash.

  - Linux: When using a browse dialog to select a local directory for
    certain options (e.g., download directory or synchronize operation
    local directory), the dialog would not allow the selected directory
    to be chosen.

Changes in SecureFX 9.0 (Beta 3) -- November 19, 2020

New Feature:

  - Linux: Added support for Ubuntu 20.04.


  - The prompt for keys that are pre-loaded into agent now shows the
    filename associated with the key.

  - SSH2: When attempting an SSH2 connection, if KEX algorithm
    negotiation fails, SecureFX offers to try again by enabling
    a supported algorithm.

  - The SHA-2 base64 hash of the public-key fingerprint is now
    displayed in the Public Key Properties and trace output.

Bug Fixes:

  - When connected to an Amazon S3 session, "pseudo" folders did not
    appear in the file listing.  A new session INI-file-only option
    ("AWS Allow Pseudo Directories") has been added to allow pseudo
    folders to appear in the file list.

  - When the initial local window directory was a network share,
    there may have been a long delay at startup.

  - Windows: When connected to an Amazon S3 instance, certain object
    types may not have been displayed in the file view.

  - Windows: When SecureCRT and SecureFX were installed as a combined
    installation (integrated) and the TFTP server had been disabled
    via the Administrative Template, the TFTP options page was still
    displayed in the SecureFX Global Options dialog.

  - Mac: When SecureFX and SecureCRT were both installed, opening
    the terminal font dialog for a session from within SecureFX
    caused a hang.

  - Mac: Attempting to authenticate using a YubiKey smart card with
    the "" library specified as the PKCS#11 provider
    resulted in an error, because the library could not be loaded.

  - Mac: When connecting to a FTPS or HTTPS server in which the SSL
    certificate was expected to validate on the local system, the
    connection only succeeded if the "Disable certificate validation"
    option was disabled.

  - Mac: When Dark Mode was enabled and the system highlight color was
    set to graphite, hovering over the list view in the local or remote
    window resulted in a white highlight color.

  - Mac: When using the built-in trackpad on a MacBook to drag a
    session to a different location in the Session Manager, auto-
    scroll and folder auto-expand did not work consistently.

  - Mac: When attempting to open a remote file using Visual Studio
    Code, if VS Code was already running on the system, the remote
    file was not opened.

  - Mac: If the Session Manager was docked and in auto-hide mode,
    a "<>" text artifact appeared on the Session Manager tab when

  - Mac/Linux: If the remote directory specified for a synchronize
    operation already existed, certain servers returned a "File not
    found" error instead of a "File exists" error when SecureFX
    attempted to create the remote directory.  This caused SecureFX
    to terminate the synchronize operation.  SecureFX now checks to
    see if the remote directory already exists and continues with the
    synchronize operation. 

  - Mac/Linux: When a public key that had a comment specified in the
    key data was added to the agent, the Manage Agent Keys dialog did
    not display the comment.

  - Mac/Linux: Text displayed on the Keyboard Interactive and View Host
    Key dialogs could not be selected and/or copied.

  - Mac/Linux: When attempting to create a QuickSync or Synchronize
    session to a PureFTPd server, if the remote path specified was "/",
    the configuration failed due to a directory creation error.

  - Linux: When using SFXCL for an HTTP operation, the process
    could hang or crash on exit.

  - Linux: When connected to an Amazon S3 session, buckets in certain
    regions may not have been accessible.

Changes in SecureFX 9.0 (Beta 2) -- October 20, 2020

Bug Fixes:

  - When exporting the configuration to a file, if a folder name was
    specified instead of a filename, the export file was created using
    the folder name and the folder itself was renamed with a ".bak"

  - When SecureCRT and SecureFX were installed as a combined
    installation (integrated) and the SecureFX Session Manager option
    "Show Terminal Sessions" was off, SecureCRT local shell sessions
    were still shown.

  - Windows: If some parent path component of the local window
    directory was not accessible to the user, the local window could
    not be interacted with and the main window could not be closed.

Changes in SecureFX 9.0 (Beta 1) -- September 24, 2020

New Features:

  - Added support for transferring files to and from Amazon S3.

  - Added the ability to specify public/private keys to load into
    SSH2 agent when SecureFX starts.

  - Added support for the rsa-sha2-256 and rsa-sha2-512 public-key
    algorithms (RFC 8332).

  - Added an option to have transferred files be timestamped by the
    destination server.

  - Added a global option to automatically remove files from the
    transfer queue after the transfer is finished.

  - Added the ability to use wildcard characters "*" and "?" in the
    Session Manager filter box.

  - SSH2: The host-key algorithms can now be specified and ordered
    in the Session Options dialog.

  - Windows: Added an administrative option that disallows a blank
    configuration passphrase.


  - SSH2: Removed support for several weak ciphers (Blowfish and RC4)
    and MACs (SHA1-96, MD5, and MD5-96).

  - HTTPS: When connecting to a VShell HTTPS server, the home
    directory defaults to the directory sent by VShell in a cookie.

  - When connecting to a ProFTPD mod_sftp server, SFTP version 3
    is used by default.

  - Added the ability to reorder sessions in the Auto Session list.

  - In the Manage Agent Keys dialog, the fingerprint is displayed
    as SHA-2.

  - When IPv6 hostnames are displayed in tabs or the application
    title bar, the colons (":") are no longer replaced with
    underscores ("_").

  - In the Global Options dialog, in the SSH Host Keys category,
    the Hostname and Port columns now sort logically instead of

Bug Fixes:

  - SCP: When connected to a server that does not support a secondary
    channel open request, copying a file from one folder to another
    on the remote system could result in a hang.

  - Parallel transfers to a Microsoft IIS HTTP/S server could hang if
    the transfers were initiated by dragging multiple files to the
    remote session.

  - HTTPS: If a file or folder name contained certain characters
    (e.g., "#" or "%"), HTTPS operations on that file or folder

  - HTTPS: When connecting to an HTTPS (WebDAV) server, if a failed
    authentication attempt was immediately followed with a successful
    attempt, the connection still failed.

  - HTTPS: When uploading a file to a restricted directory that would
    have resulted in an access denied error, the file transfer may
    have been reported as successful.

  - When attempting to connect to an ownCloud WebDav server, the
    initial connection and/or traversing the file system could have

  - When the "Confirm overwrite" option was enabled, file uploads
    to the slimFTPd server could have failed.

  - Uploading a zero-byte file to certain FTPS servers could fail with
    a "Network connection does not exist" error.

  - If the "Disable directory tree detection" option was enabled,
    file or folder delete operations could fail.

  - When connecting to an FTP server on a Windows Embedded Compact
    (Windows CE) system, SecureFX did not auto-detect the operating
    system as Windows NT.

  - When transferring files to certain servers, SecureFX and SFXCL
    may not have used the ideal number of buffers, resulting in
    slower transfer speeds.

  - When connected to a Microsoft IIS HTTPS server, the root "/"
    directory may have been repeatedly displayed in the tree view.

  - When the "Display the log view" option was toggled while there
    were connected sessions, the change to the option was not saved
    or applied to the sessions.

  - Windows: If the internet connection was disconnected while
    downloading an available update via "Update Now...", the
    VanDykeUpdate application could crash.

  - Windows: When using CAPI to access a certificate located on a
    smart card and the CAPI store contained multiple certificates,
    there could be a delay before being prompted for the smart
    card pin.

  - Windows: On high DPI monitors with a large scaling factor set,
    text displayed on the Keyboard Interactive authentication prompt
    could have been cut off.