Compatibility with GlobalScape EFT Server

Lee Painter

It has been reported by customers that there is an incompatibility between our client API and the GlobalScape EFT server. After contacting GlobalScape support our customers are told.

"I would like to assist you with this case. It sounds like the issue you are experiencing is due to a change in the EFT application that was made for a RFC (RFC 4254) compliance vulnerability fix. Previously, SFTP users were allowed to request as much data as they wanted without increasing the TCP Window Size, however the change was made to only allow the user to request 1 byte without increasing the window size. The problem arose because we did not realize how many clients don’t abide by this RFC (RFC 4254) and do not increase the TCP Window size prior to requesting more data."

 

They are directed to change a registry key on the GlobalScape server in order to fix this.

 

--- GLOBALSCAPE FIX ---
SFTP Fix: 

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\GlobalSCAPE Inc.\EFT Server 7.1 
Create RegDWORD: SFTPOutQueueBytesLimit 

The default internal value is (decimal): 1048576 
This can be adjusted higher If needed or flat out disabled by setting to 0.

--- GLOBALSCAPE FIX ----

 

We can assure our customers that this incompatibility is not a bug or a problem with our client API. The actual workaround provided by GlobalScape and that is applied to the GlobalScape server "fixes" the server to work correctly within the SSH protocol and addresses the problem experienced with our API. It is our opinion that the GlobalScape server, in its default configuration, is not fully complaint with the SSH protocol.

If you would like further explanation as to the details of this incompatibility please contact our support team.