Improved Security Features

Serv-U has improved security with the addition of public key authentication (PKA) for SSH. Public key authentication allows a client to send a public key file to a Serv-U administrator to use for authentication to Serv-U. When a client computer connects to Serv-U using PKA, it uses its private key to connect to Serv-U, and Serv-U calculates the public key based on the SSH protocol. If the public key matches the one provided, access is granted. This is one of the most secure forms of authentication since the public key can be generated only with the private key, which is held only by the client computer.

Additionally, we have added FIPS 140-2 support using the OpenSSL FIPS 140-2-validated cryptographic module (Certificate #1051). When FIPS 140-2 mode is enabled in Serv-U, less secure encryption algorithms have been disabled, and the methods that are in use have been certified to ensure the most secure features possible. FIPS 140-2 mode applies to both SSL (FTPS and HTTPS) as well as SSH (SFTP). Enabling FIPS 140-2 mode requires you simply to select this mode in the License tab or the Encryption tab for the server.