|
|
|
New Features in Reflection for Secure IT Windows Client 7.0 and Release Notes
Technical Note 2281
Last Reviewed 01-Feb-2008
Applies To
Reflection for Secure IT Windows Client version 7.0
Summary
Technical Note 2281
Last Reviewed 01-Feb-2008
Applies To
Reflection for Secure IT Windows Client version 7.0
Summary
This document lists the new features in Reflection for Secure IT Windows Client version 7.0 and provides information for obtaining this Secure Shell (SSH) product.
This note includes the following information:
New Features
Reflection Secure FTP Client
Supported Platforms in Version 7.0
Obtaining Your Product Upgrade
Installing or Upgrading to Reflection for Secure IT Windows Client 7.0 References
Reflection Secure FTP Client
Supported Platforms in Version 7.0
Obtaining Your Product Upgrade
Installing or Upgrading to Reflection for Secure IT Windows Client 7.0 References
New Features
The following new features are available in Reflection for Secure IT Windows Client Version 7.0.
For a list of features and fixes in 7.0 SP1, see Technical Note 2376.
Reflection Secure FTP Client
Reflection for Secure IT now ships with the Reflection Secure FTP Client. Prior to this release, Reflection for Secure IT shipped with the Reflection SFTP Client. For information about new features available with the Secure FTP Client, see Reflection Secure FTP Client Features.
New Reflection for Secure IT User Guide
This new guide is available (in HTML or PDF) on the Attachmate Support site at http://support.attachmate.com/manuals/sshdocs.html.
New Installer
Version 7.0 uses a new setup program. With this program, administrators can customize the Reflection for Secure IT installation using the Attachmate Customization Tool. (Previous versions used the Reflection Customization Manager.) For more information, see the Reflection for Secure IT Windows Client User Guide.
Configure OCSP Certificate Revocation Checking
You can now configure Reflection to use one or more Online Certificate Status Protocol (OCSP) responders to check to see if certificates are still valid. To configure this, open the Reflection Secure Shell Settings dialog box. Use the PKI tab to enable OCSP certificate checking. OCSP responders may be specified in the AIA extension of the certificate itself. You can also specify OCSP responders using the OCSP tab in the Reflection Certificate Manager.
Enforce DoD PKI Standards
By default, Reflection applications allow some configurations that do not meet DoD PKI requirements. Administrators can now use Reflection Group Policies to configure all Reflection sessions to meet DoD PKI requirements. For more information, see the Reflection for Secure IT Windows Client User Guide.
Export Private Keys
You can now choose to export the private key of a public private key pair. To do this, open the User Keys tab of the Secure Shell Settings, click Export, then select Export Private Key.
New Default Format for Exported Keys
The Reflection Windows Client now uses the SECSH file format by default for exported keys. This matches the format used by other Reflection for Secure IT applications. To configure Reflection to export keys in OpenSSH format (the previous default), open the User Keys tab of the Secure Shell Settings, click Export, then select Save in OpenSSH format.
Specify the Signature Hash Used During Public Key Authentication
You can now specify which hash algorithm the client uses in the process of proving possession of the private key during public key user authentication. To configure this, open the Reflection Secure Shell Settings dialog box and use the Encryption tab.
Configure Supported Key Algorithms
You can now specify which key exchange algorithms the client supports, and the order of preference. To configure this, open the Reflection Secure Shell Settings dialog box and use the Encryption tab. The keyword used to configure this setting is KexAlgorithms.
Create a Tunnel Without Opening a Terminal Session
You can use the new NoShell configuration file keyword to configure a session that creates a tunnel without opening a terminal session. This option can be used in combination with ConnectionReuse to create a tunnel that can be reused by other ssh connections. You can configure this option in the Secure Shell configuration file, or using the -o command-line option.
Sftp Command-line Support for getext and setext
You can now use getext and setext with the sftp command line utility to view and set file extensions that will use ascii transfer.
Error Messages Provide More Information
The Reflection for Secure IT error messages now include much more detailed information, which can be used to facilitate troubleshooting.
Reflection Secure FTP Client Features
Reflection for Secure IT now ships with the Reflection Secure FTP Client. New features available with this client include:
Configure Secure FTP Connections Using SSL/TLS or Kerberos
In addition to configuring SFTP connections, you can now use the FTP protocol and secure your connections using SSL/TLS and Kerberos. By default new sites continue to use the SFTP protocol. To change the protocol, go to the Connect to FTP Site dialog box, select a site, and click Security. (Note that it is now also possible to configure unsecured FTP transfers.)
Automate Transfers Using the FTP Client API
The Secure FTP Client supports an Automation API that enables you to automate transfers using Visual Basic, Visual Basic for Applications (included in Microsoft Office products), or any other application that supports OLE Automation. For details, open the FTP client application Help and see "Help for the FTP Client Automation API."
Easily Forward FTP Data Through the SSH Tunnel
The FTP protocol supports more command options than SFTP. With Reflection Secure FTP, you can configure FTP connections and forward all communications securely through an SSH tunnel. You can configure forwarding to an FTP server on the same host as your Secure Shell server, or on a different host. To configure this, open the Security Properties dialog box and go to the Secure Shell tab.
Edit Server Files
You can now edit server files directly from the server pane display. To do this, right-click on a server file and select Edit. The FTP Client downloads the file to your system and opens the associated editor. When you save and close the file, the FTP Client uploads it back to the server.
Send SITE Command
Use this setting to specify a SITE command to be executed before a file is uploaded. This is supported for uploads to any host.
Supported Platforms in Version 7.0
For information about platform support and system requirements in Reflection for Secure IT, see Technical Note 1944.
Obtaining Your Product Upgrade
If you already obtained your product upgrade, disregard this section.
Maintained customers are eligible to download the latest product releases from the Attachmate Download Library web site: https://download.attachmate.com/Upgrades/.
You will be prompted to login and accept the Software License Agreement before you can select and download a file. For more information on using the Download Library web site, see Technical Note 0200.
Installing or Upgrading to Reflection for Secure IT Windows Client 7.0 References
For information about installing Reflection for Secure IT Windows Client 7.0, see the Installation topic in the User Guide: http://docs.attachmate.com/reflection/rsit-ssh/7.0/winclient/en/help/install_ch.htm.
For information about upgrading to version 7.0, see Technical Note 2277.
