CrushFTP Support Forums
  [Search] Search   [Recent Topics] Recent Topics   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [Groups] Back to home page 
[Register] Register / 
[Login] Login 
Messages posted by: spinkb
Forum Index » Profile for spinkb » Messages posted by spinkb
Author Message
There are only a few variables available there.

You are looking for %expiration%

Thanks,
Ben
(All of these items already existed in v7. This is a maintenance update to CrushFTP v6 to help people who have not upgraded to v7 yet still get some final improvements. v6 will no longer be receiving new features, only bug fixes in critical items.)

Changes:
Faster dir listings
Folder monitor has more controls on filtering items
Added support for MD5 hash in email events
Jobs can be scheduled for multiple times in a daily schedule
Changed syslog provider
DMZ can display image previews
DMZ connection was rewritten for stability and simplicity, no longer uses JGroups
Replication between internal servers no longer uses JGroups
Changed signing method for applets and JNLP for new java requirements
Improved inherited item population with expiration dates
Supports multiple TLS versions
Improved AS2 logging
ServerBeat can issue POST command after becoming master
Adds a thread debug button to track debug scenarios
Adds more password algorithms for SMTP servers
Faster logins when there are lots of temp accounts
Reports quota and space errors to web browser clients



Fixes:
FTP command MFMT bug fix for UTC format
tracking of decrypted file size
cached file size reported after upload
password expiration and changing when going through DMZ
forwarding proxy bug
ServerBeat (VIP) bug fix when IP gets disabled
branding issues with CrushFTPDrive and CrushSync
Specific file size and timing could cause HTTP upload to fail
IE11 fix for it hiding its user agent
Oracle DB user manager event name
CrushSync copy/paste bug
Block invalid download requests from HTTP client
Some user events could be lost in a particular scenario
A CSV file in tab delimited format like this can be imported (not as serf-u, but as the tab delimited file import option).


user{tab}pass{tab}/home/folder/path

Thanks,
Ben
Not sure what format of serf-u this is now...

The format CrushFTP supports is from their INI files. So this new format isn't supported.

Do you have export options in serv-u to get another format?
CrushFTP can't log to the event viewer directly...so its only whatever windows logs when the service were to stop that you can track. I can't see why you would get false positives for this...there should only be events in the scenario the process stops, which shouldn't actually ever happen...ever.
In this case, kill the java process that is running, note the log message in the event viewer, it will be the same message if CrushFTP dies, and that is what to look for.

Thanks,
Ben
First the User Manager is searched for a matching user. If none is found, then it goes to the plugins...including the radius plugin.

The login does need to be accepted by the radius plugin if its goes there...so if its two factor, the timing of that needs to be fairly quick for the user confirming the login attempt.

Thanks,
Ben
Thanks for catching that. I've fixed the wiki now.

Thanks,
Ben
You need to step back and think about this a little differently.

If someone pulls the power to the box running CrushFTP...who will know? The customer who complains the server is down? Or the automated site check that notifies you the server isn't reachable.

Or the more likely scenario, the ISP is down...how would you know? Anyone inside the network can access the server. Only an external check would reveal this.

So the only valid check for connectivity to the server is to test like a customer would...externally. Test to the same style port the customer would use. SFTP, FTP, HTTP, HTTPS, whatever.

Having an event in the log is meaningless. Windows services already log when they are stopped, started, fail, etc. So you have that as a reference.

Thanks,
Ben
CrushFTP is not an app server. If you request that PHP page, it will be downloaded as the raw PHP text file, nothing more.

You need to use apache, and a PHP plugin for apache, or other web app server to run PHP.

Thanks,
Ben
We don't have a solution for that...just a smaller image used by default so its safe for all screen sizes.

Email us a JPG screenshot and we might be able to make a suggestion on how to make...but no promises.

Thanks,
Ben
There is a right click and copy link...but we don't expose the user/pass in there for security reasons. So you would have to do that part yourself if you wanted to.

Thanks,
Ben
CrushFTP is not vulnerable.

Only native libraries, not a java based app. Just like 99% of all the other vulnerabilities that exist, this doesn't affect CrushFTP. This exploit needs an app using a native reference to the OpenSSL implementation, and Java doesn't do that unless your write your own native code to do that (and we didn't).

So you are *not* vulnerable unless your using Apache as the front end with CrushFTP running behind as a reverse proxy, or using a load balancer in front, etc. But CrushFTP is safe.

Thanks,
Ben
I'm not certain how the OpenSSL vulnerability plays in with Java. Search for the same vulnerability in relation to Java...

OpenSSL isn't used directly, but Java internally may still be linking with those libraries...only Oracle would know that answer for certain.

CrushFTP uses the Java SSL libraries that a re built into it.

Thanks,
Ben
Just copy the CrushFTP folder is all, then copy it back.

Thanks,
Ben
Please provide details on exactly how and where you created this, screenshots would be ideal...

Thanks,
Ben
The WebInterface customizations list is a special setting. Its not an all or nothing item like the other properties of a user.

Each individual setting will inherit through to the end user unless its overridden with another value.

So by you removing it, that just means it will come through from default. if you instead change it, then it will be changed for that user when they login.

Also verify your members of the group show at the very top of the User Manager that they are inheriting from default, and then CompanyTemp.

Thanks,
Ben
Remove companytemp from the group.

Remove the existing companytemp1 from the group, and re-add them. If you a dded them originally before you had the user created, they wouldn't also get the inheritance.

Now make a change on the companytemp user, and see the change on people in the group...well, they are inheriting so they will show the inherited value.

Thanks,
Ben
To fix this, don't allow users to set a modified date on the files...its the only date CrushFTP can see.

Go to your prefs, misc, and turn off the allow MDTM command.

Thanks,
Ben
What exact CrushFTP version is this? (latest means nothing as we push builds daily)

How big is your sessions.obj file?

How big is your statsDB folder?

If your on the latest (currently 6.4.0_164 or 7.0.2_93), then there is a button on t eh about tab to dump a thread list. Provide that so I can see what the server is doing when its acting very slow.

Email it directly to support and not here.

Thanks,
Ben
Its not a failure.

Your prefs, user config, debug flag is enabled, so its being verbose on its SQL queries.

And check your logging, debug level and make sure its only at level 1.

Thanks,
Ben
The case of the hash doesn't matter, but the prefix characters of "MD5:" must be uppercase as this is what CrushFTP is looking for.
OK, so check was SQL is doing then...

The password of "password" should have a MD5 value of "5f4dcc3b5aa765d61d8327deb882cf99". And CrushFTP expects that to be:

"MD5:5f4dcc3b5aa765d61d8327deb882cf99"

What are you getting if you try?
Is the other table storing the password in plain text? Because it looks like your hashing the other password here in this view...and i would assume the other table is already a hash.
Using an older machine, with an older java, and older browser...kind of impossible scenario to do on the Mac.
Its very likely they are using an old CrushFTP then, before the current Java restrictions existed...

Back then Applets were a lot less restricted. Today Java and browser are really restrictive...so you can't use the old applet on a new browser. They need to update their server software.

Thanks,
Ben
The admin controls are done at the server, not browser. If you try and request some admin item and are not an admin, your request is thrown away.

But if you want to load the public UI of CrushFTP that is plain HTML, CSS and Javascript, there is no possible harm from this. This public UI is available for anyone to download, its out in the open. It always has been. Its not "secret" in any way.

Everything in the "WebInterface" folder is public. Its the UI for the browser, what the browser runs to talk to CrushFTP. but unless you login and have an admin role, you can't make admin calls to the server. The server will deny them.

So they can flag it, but they are incorrect if they do.

CrushFTP is not a web app server with all the security vulnerabilities that go with a web app server.

Use IP restrictions for your admin accounts if your worried about your password for a secret username being given out. Don't use common usernames like "admin" or "administrator". Use something personal, and unique, and a good password. Set some IP restrictions on your account so its worthless for an outside user to attempt to use it.

Its intentional the admin interface is exposed externally.

Thanks,
Ben
This essentially means the user is inheriting between multiple users with access to the exact same vfs. So at login multiple vfs are merged together for the same folder and uploading attempts to open the same file twice causing the failure.

Avoid the duplicate vfs scenario being added to the user from group inheritance or from the template user configured in the plugin.

Thanks,
Ben
Until someone logs in, they are considered "anonymous". So this is expected behavior.

Thanks,
Ben
This is a duplicate to your email to support. I have replied to your direct email there.

Comments here that are different than your email...

The SMB client is unfinished, don't use it. It actually does nothing currently at all.
It looks like java is complaining that the SSL cert you have deployed on your server is invalid.

Is that true?

Thanks,
Ben
Possibly the paths this user was referencing are no longer accessible?

What exact CrushFTP version is this?

Can you click update now to force it to today's build?

Thanks,
Ben
Just guessing...not enough info here.

Your using a limited admin account? And the user you a re trying to manage has more access than the user you used to login with to do the management...resulting in you being unable to properly manage them.

Let me know,
Ben
Its mainly for monitoring, or deleting things.

The share can be resent as a new share to add upload to a folder being shared by reference.

Thanks,
Ben
You use a web browser to login and manage the server. The OS its running on is irrelevant.

So, login with your web browser, got to he User Manager, delete the TempAccount user, and make a new user with that exact same name. Save it, don't make any changes.

Now go make your own user like the quick start video shows you. Add a folder to their VFS for them to access, and give them the share permission on it.

Now logout in the web browser, and log back in using your new user. Right click in the browser to share an item.

Thanks,
Ben
Undo all changes to the TempAccount. 99% of the time you should never be editing it.

Make your own user. Give them access to a folder. Give them eh share permission on the folder.

Login as the user, right click on an item and share it out.

That is the way to handle shares and temporary access.

Thanks,
Ben
OK, well check around, if you don't find a solution, let me know and we may be able to make customizations to our code base for you.

--Ben
If you want to email us directly at support and share more specifics now hat your wanting to solve with AS400, maybe we can recommend some other methods. Such as allowing the upload locally, then forwarding on to AS400, etc.

CrushFTP can also act as a FTP server for an outgoing AS400 connection, and proxy that outgoing to a WebDVA, or SFTP server, or even FTPES server.

So there are integration things that can be done...but just not being able to bolt on a CrushFTP server overtop of a FTP server that doesn't actually implement the FTP protocol. (As I said...it does maybe 10% of the protocol.)

So if you want, email us directly and we can try and assist more, otherwise good luck on your search for a proxy solution overtop of AS400.

Thanks,
Ben
Hi David.

The FTP proxy capability requires a compliant server. So this means a server responding with the industry standard UNIX style dir listings, supporting commands like PASV, LIST, and ideally even STAT.

AS400's FTP server is something someone in middle school wrote as far as I can tell. Different versions might have different support, but in general the AS400's FTP server engine lacks 90% of what the protocol demands it should have. As a result, its very unlikely CrushFTP can work with that as the backend.

IIS can work fine, but please change the IIS dir listing style to be Unix style and not MS DOS. MS DOS style is too ambiguous on what the possible listings can mean.

Also in the VFS properties for this item, enable "avoid the use of STAT" as IIS doesn't do well with that.

Sorry about AS400, but unless they have improved is, I doubt there is any chance for it to work.

Thanks,
Ben
Enable the debug flag on the Preview item. Set the scan interval to 1 minute.

Now watch the CrushFTP.log to see what is being logged every minute as it tries to scan your images.

Did you add the folder paths you want to have scanned in the bottom section of the Preview config too?

Thanks,
Ben
You need Java 1.6. You have 1.5.

Thanks,
Ben
You don't need the pub file.

You only need the private key file. Then make sure the prefs on the SFTP port are pointing to the new name you gave this file, and that DSA is enabled. Enabling RSA too isn't a bad thing.

Thanks,
Ben
I always suggest the latest. v7 is fine, haven't tested v8 yet.
The resume checkbox must be enabled before adding the file, and clicking start.

Also, have you disabled partial uploads or anything like that?

I just tested the situation here and resume worked perfectly for a 512MB file that was half uploaded, resuming the rest.

Let me know,
Ben
chmod +x crushftp_init.sh

Its missing the executable flag.

Thanks,
Ben
That is very strange for the performance difference. One thing to change is in the User Manager, default user, WebInterface section, customizations, set the applet default compressions to be false. The compression its doing may be causing some of the slowness.

When you have compressions disabled, verify if your still having issues with resume.

Let me know,
Ben
Click update now on the about tab and this issue is fixed.

Thanks,
Ben
Always. Its a Virtual File System (VFS) that users are in, which may not be based on t eh actual underlying OS filesystems.

So they always have a virtual view into what you a re giving them access to specifically.

Thanks,
Ben
I just exported from quicktime player was all. I had QT player 7 pro, so its before apple removed the tools built into things.

ffmpeg may work too.
That is really very odd. The best I can tell is the movie is technically corrupt in some way...in a way that quicktime is OK with, and maybe other things, but web browser's are not? The web browser is using HTML5 for the playback engine and it is what is freezing. When I look at the network requests the browser makes, its very strange as it keeps making all sorts of different requests like its not liking the data its getting.

So I exported the movie myself here as a MP4 file, h.264, aac, and that works fine. So its something in your current movie file format.

Thanks,
Ben
 
Forum Index » Profile for spinkb » Messages posted by spinkb
Go to:   
Powered by JForum 2.1.8 © JForum Team