Environment
F-Secure SSH Client for Windows
Situation
Resolution
Migration Questions
What is the Migration Wizard?
To make the transition from using F-Secure to Reflection for Secure IT easier, Attachmate provides a wizard to migrate F-Secure profiles to Reflection for Secure IT settings files. The wizard will migrate most of the F-Secure terminal, security, and file transfer settings into the correct format and files for use within Reflection for Secure IT. In addition, the migration wizard will migrate host and user keys, and ssh configuration information.
Note: Some F-Secure settings (for example, local and remote favorites) are migrated, but are not currently implemented in Reflection. Attachmate migrated those settings so that as the functionality is added in future Reflection releases, the settings will take effect.
Why doesn't the Reflection installation uninstall the F-Secure Windows client product?
The Reflection install intentionally leaves the F-Secure client in place. This enables you to compare the functionality of the Reflection installation with the F-Secure functionality. Once you've confirmed that Reflection functions as you expect, you can uninstall the F-Secure client.
Why do F-Secure command line utilities take precedence over Reflection utilities?
Both F-Secure and Reflection installations add their install folders to the end of the user's PATH. Since the F-Secure folder appears first in the list, its command line utilities are executed first. You can change the order by going to My Computer > Properties. On the Advanced tab, click Environment Variables and edit the users PATH variable in the Environment Variables dialog box.
File Locations, Names, and Functions
What are the default installation locations for Reflection compared to F-Secure clients?
| |
F-Secure |
Reflection |
| SSH client |
\Program Files\F-Secure \Fsshclient.exe |
\Program Files\Attachmate\Rsecure\R3win.exe |
| SFTP client |
\Program Files\F-Secure \Fsshclient.exe |
\Program Files\Attachmate\Rsecure\Rsftpc.exe |
How are settings stored?
| |
Extension |
Format |
| F-Secure Client for Windows (all settings) |
\Documents and Settings\<user> \Application Data\F-Secure\*.ssh |
ASCII |
| Reflection SSH client (terminal attributes) |
\My Documents\Attachmate \Reflection\*.r3w |
Binary |
| Reflection SSH and SFTP clients: (SSH settings) |
\My Documents\Attachmate \Reflection\.ssh\config |
ASCII |
| Reflection SFTP client (site properties) |
\My Documents\Attachmate \Reflection\*.rfw |
ASCII, XML |
What is the .ssh\config file?
Non-default Secure Shell settings are saved to a file called "config." This file is kept in the .ssh folder located in your Reflection user folder. This is a text file that can also be edited manually. In this file, Reflection for Secure IT uses SSH config schemes to identify groups of Secure Shell settings. When you configure a new connection, specify an SSH config scheme to store Secure Shell settings (changed from default) under that scheme name. You can use the same scheme for both Reflection SSH and Reflection SFTP sessions.
What is an SSH config scheme?
The SSH config scheme stores information about how the connection should be made. Using config schemes, you can configure different kinds of SSH connections for different hosts, or you can use the same configuration for multiple hosts. If you leave this box blank, Reflection uses your host name for the SSH config scheme. A config scheme is created and saved only if settings are changed from default.
What is an "untitled" session?
An untitled session is an instance of Reflection for Secure IT that is started without a settings file, using all default settings values.
Command Line Utilities
How do F-Secure command line utilities compare to Reflection?
Beginning in version 6.1, the ssh, scp, and sftp command line utilities support the full range of command line switches provided by equivalent OpenSSH-style utilities. In addition, new ssh2, scp2 and sftp2 switches have been added to Reflection for Secure IT for customers who are migrating from F-Secure and need to maintain scripts written for the F-Secure command line utilities. KB 7021948 lists the switches and options available for use in ssh, scp, sftp, ssh2, scp2, and sftp2.
Where can I find Help for the Reflection for Secure IT command line utilities?
To open the Reflection Secure Shell help file:
- Click Help > Help Topics. This opens the Reflection User Guide.
- On the Contents tab, expand "Reflection Secure Shell Topics."
- Scroll to "Command Line Utilities."
Configuring Reflection for Secure IT
What are all the buttons on the standard Reflection toolbar?
From left to right:
| Button |
Function |
| [New] |
Start a new untitled Reflection for Secure IT session. |
| [Open Settings] |
Open an existing settings file. Click the down arrow to select from a list of most recently used settings files. |
| [Save] |
Save the current settings. |
| [Print] |
Print from the terminal window. |
| [Find] |
Locate text in the terminal window. |
| [Copy] |
Copy selected text from terminal memory to the clipboard. |
| [Paste] |
Paste from the clipboard to the cursor's location in the terminal window. |
| [Connect/Disconnect] |
Connect or disconnect from a secure shell host. |
| [New SSH Session] |
Create a new Reflection session using the same settings as the current session (opens a new SSH connection). |
| [New SFTP Client] |
Start the Reflection SFTP client and
connect to the same host using the same settings as the current session
(opens a new SSH connection). |
| [Configure session settings] |
Open the configuration panel. Provide familiar access to settings for users migrating from F-Secure. |
| [Help] |
Display context sensitive help for the next selected object. |
How do I create shortcuts in Reflection and Reflection SFTP?
You can create a shortcut to launch a single Reflection SSH session, Reflection SFTP settings file, ftp site, or a layout file. For Reflection SSH or Reflection SFTP settings files, click File > Save As and click the Shortcut button. For layout files, click File > Layout > Save Layout As and click the Shortcut button. To create a shortcut to a single Reflection SFTP site, in the site section of the Connect to FTP Site dialog box, right-click the name of the FTP site and click Create shortcut.
What is Fixed Window Size in Reflection?
In Reflection, the F-Secure setting "Fixed Window Size" is called "Dynamic terminal size." To configure this setting, click Connect > Connection Setup, and then click the More Settings button. Selecting this check box enables you to resize the terminal window without rescaling the font, and it also sends the host an ssh message to set the rows and columns to the correct size. By default, this setting is off. This F-Secure setting is not migrated to Reflection.
How do I configure colors in Reflection?
To configure colors, click the Display Setup toolbar button, or click Setup > Display > Colors tab.
- For non-ANSI emulations (VT emulations), you can map colors to attributes using this dialog box. For example, the underline attribute could be mapped to red on white. Text displayed with this mapping would not show the underline character.
- For ANSI emulations (sco-ansi, bbs-ansi, linux console, xterm, vt-utf8), you can configure color definitions using the dialog box. The default colors are black on white.
How do I configure keyboard mapping in Reflection?
In Reflection for Secure IT, keyboard mapping is configured in the Keyboard Map Setup dialog box. Click Setup > Keyboard Map to open the Keyboard Map Setup dialog box.
Mapping can be created using the drag-and-drop user interface, or by specifying what string to send when a particular key sequence is pressed.
How do I configure Reflection for EMACS?
Click Setup > Keyboard Map to open the Keyboard Map Setup dialog box. Map the alt key to transmit an escape character.
Note: If you map the alt key to transmit an escape character, you will disable the alt key menu functionality.
How do layout files work in Reflection?
Reflection for Secure IT layout files function similarly to F-Secure profiles. You can use layout files to save and open multiple Reflection SSH client and Reflection SFTP client sessions. When you save your layout, a layout file is created that includes all the sessions you have open at that time. You can open the layout file any time you want to return to that configuration. If you migrated F-Secure profiles to Reflection for Secure IT, a layout (*.rlo) file was created for every profile migrated.
Reflection for Secure IT Functionality
What emulations does Reflection for Secure IT support?
Reflection for Secure IT supports the emulations that F-Secure supports — VTxxx, QNX, XTERM — plus LINUX CONSOLE, SCO-ANSI, VT-UTF8, and BBS-ANSI.
How do I configure tracing in Reflection for Secure IT?
Start tracing by clicking Connection > Trace > Start Trace. There are several trace processing options including network protocol details. Tracing Secure Shell connections automatically enables DEBUG3 level logging. The trace file is a binary file with a *.rev file extension.
How do I configure tracing in Reflection SFTP?
To enable tracing, click Tools > Start Logging, and set the "Files of type" to Diagnostic Files (*.txt).
Does Reflection support group profiles?
Yes. Supported group policies are outlined in KB 7021691.
How can I find Help for Reflection for Secure IT?
The help provided with Reflection for Secure IT includes the Reflection for Secure IT User Guide and Reflection Secure Shell Topics, which includes complete information about configuring and using Reflection Secure Shell. To open help, click Help > Help Topics.
How are user keys uploaded?
Reflection makes it easy to upload public keys to your host. The upload utility automatically determines what brand of Secure Shell server is running, exports your public key using the correct format for that server, and installs your keys securely to the appropriate location.
Why does every connection need to be re-authenticated?
The Reflection client creates a new SSH connection for each running session of a layout, and so will prompt for password or passphrase for each session being connected. This is unlike the F-Secure Windows client, which uses the same SSH tunnel for all connections to a host in a single profile and so requires only one authentication. One workaround for this is to use the Reflection Key Agent to store user keys and handle the authentication requests.