PRODUCTS > PRODUCT HISTORY
Send us a question or comment
     VShell(R) Server 4.2.4 (Official) -- December 8, 2016

         Copyright (C) 1995-2016 VanDyke Software, Inc.
                    All rights reserved.


This file contains a VShell product history.  It includes lists
of new features, changes, and bug fixes sorted by release.  For a
product description, installation notes, registration, and contact
information, please refer to readme.txt (downloaded with this
package).


Changes in VShell 4.2.4 (Official) -- December 8, 2016
------------------------------------------------------

Changes:

  - Windows: By default, the Windows "Everyone" group has
    unrestricted access to the file system on the machine VShell
    is installed on.  To help VShell administrators lock down the
    VShell server, the Everyone group will automatically be
    removed from the  root when a new virtual root
    is added, or an existing virtual root is modified.  A
    "Preserve access to  for Everyone group" option
    has been added to prevent the removal of this group.

Bug fixes:

  - In rare circumstances, VShell could crash if a connection was
    closed while the server was checking the idle time for that
    session.

  - Windows: VShell could crash while performing diffie-hellman
    key-exchange with certain clients.


Changes in VShell 4.2.3 (Official) -- September 13, 2016
--------------------------------------------------------

New features:

  - Added support for DSA host keys larger than 1024 bits.

Bug fixes:

  - VShell would allow authentication attempts from certain
    clients even if the connecting user was specified in a
    DenyUsers file.

  - AIX 7.1: The vshelld startup script may not have worked with
    certain shells.


Changes in VShell 4.2.2 (Official) -- June 16, 2016
---------------------------------------------------

Changes:

  - Windows: Added a registry-only option, "Disable Extra Newline
    in TTY Mode", which prevents VShell (when TTY mode is enabled)
    from echoing an extra newline character each time a client
    sends a command.

Bug fixes:

  - VShell FTPS: The "Use single virtual root" option was not
    honored if a virtual root was set as a user's home directory.

  - Windows: VShell could crash during RADIUS authentication if
    the connecting user did not exist on the VShell machine.


Changes in VShell 4.2.1 (Official) -- March 17, 2016
----------------------------------------------------

Changes:

  - Windows: Automatically quote the %P trigger parameter if the
    filename contains a "&" character.

Bug fixes:

  - Windows: Virtual root ConnectAs would fail if the user to
    impersonate was the same user connecting.

  - Windows: VShell could not load a certificate map file that
    contained a byte order mark (BOM).

  - Windows: VShell could crash while processing multiple send
    email triggers.

  - VShell FTPS: An FTP MLST command could cause a download
    trigger to fire.

  - VShell FTPS: File uploads would fail if the user did not have
    read access on the virtual root.

  - VShell FTPS could potentially use 100% CPU if the control
    connection was closed unexpectedly.


Changes in VShell 4.2 (Official) -- December 17, 2015
-----------------------------------------------------

Bug fixes:

  - Windows: FTPS certificate authentication failed for VShell
    internal user database users.

  - Some error messages were not being logged correctly in the
    VShell log.


Changes in VShell 4.2 (Beta 3) -- December 8, 2015
--------------------------------------------------

No changes.


Changes in VShell 4.2 (Beta 2) -- November 24, 2015
---------------------------------------------------

New features:

  - Windows: User public-key folders and files can now be included
    in configuration import/export operations.

  - Windows: Filtering support has been added to the Deny Host and
    Deny User management interface.

  - An IP address/netmask combination can now be specified for the
    Deny Host White List.

  - VShell Monitor: Added a row color indicator and new column
    indicating whether an active connection has authenticated.

Bug fixes:

  - Windows: Changes to the specified FTPS certificate password
    were not always saved.

  - Windows: Entries added to the deny host file or deny user
    file using the new management interface may have been lost.


Changes in VShell 4.2 (Beta 1) -- November 3, 2015
--------------------------------------------------

New features:

  - Windows: Virtual roots can now optionally be accessed as a
    different user than the logged on user.  This adds an easy way
    to provide access to network resources to users connecting
    with public-key only authentication.

  - Windows: The VShell configuration can now be exported or
    imported directly from the VShell Control Panel.

  - Windows: Added support for X.509 authentication using the
    x509v3-ssh-rsa and x509v3-ssh-dss algorithms as specified in
    RFC 6187.

  - Windows: Added the ability to select the signature algorithm
    used (SHA-1 or SHA-2) when generating a certificate for use
    by VShell FTPS.  SHA-2 is the default.

  - Windows: VShell Monitor can now be minimized to the system
    tray.

  - Windows: VShell Monitor tray app can optionally display
    notifications when a user connects or disconnects from the
    server.

  - Windows: Option to automatically launch VShell Monitor at
    administrator logon, including the ability to start the app
    minimized to the system tray.

  - Windows: The ability to launch the VShell Control Panel and
    VShell Help directly from the VShell Monitor tray app.

  - Windows: VShell FTPS now supports SSL/TLS client certificate
    authentication.

  - Windows: Allow direct management of the deny host file and
    deny user file from the VShell Control Panel.

  - Windows: Added the ability to generate certificates with 4096
    bit key size.

  - Windows: VShell FTPS allows SSL encryption options and client
    certificate authentication options to be set on a per listen
    address basis.

  - Windows: Increase the security of sensitive data stored in
    the registry by using an automatically generated passphrase
    for encryption.

  - Windows: VShellConfig now requires a passphrase when
    exporting sensitive data (e.g., host keys, saved credentials,
    FTPS certificate files, etc.).  This is used to encrypt the
    data in the exported XML file.  The same passphrase used
    during export will be required on import.

  - Windows: Improved reliability of output displayed by the
    Windows Command Shell (cmd.exe) for clients interacting with
    the remote shell through VShell.

  - VShell can now deny connections based on username, similar to
    the deny hosts functionality.  This helps to free up resources
    by short circuiting authentication attempts for usernames that
    do not exist on the system.

  - IP addresses can now be added to a white list, which will
    prevent the address from being added to the deny host file
    after failed authentication.

  - Key-exchange methods, Ciphers, MACs, Compression, and
    Compression Level can now be specified in a per location
    subconfiguration.

  - All logging options (including log folder location, log topics,
    debug log level, etc.) can now be specified in a per location,
    user, or group subconfiguration.

  - UNIX: New option to disable logging attempts to the Basic
    Security Module (BSM) auditing tool.

  - Added a "Force Sftp Version" registry only option that allows
    the administrator to configure the SFTP version that the
    server requires.  This option can be specified in a per
    location, user, or group subconfiguration.

Changes:

  - Remove the "Preferred Sftp Version" option.  This was a
    registry only option that allowed the administrator to
    configure the SFTP version the server prefers.  The option
    did not prevent the SFTP client from renegotiating the SFTP
    version, so in real world use, the option had no effect.

  - VShell FTPS: When creating a certificate, the default key size
    is now 2048 bits.

Bug fixes:

  - Windows: If VShell was attempting to add multiple IP addresses
    to the deny host file simultaneously, one or more of those
    additions may have failed.

  - Windows: VShell Monitor would not display a protocol for an
    SSH connection that did not request a shell.