Files Used by Reflection for Secure IT

Reflection for Secure IT stores files in the following location:

The default data folder location is:

C:\ProgramData\Micro Focus\RSecureServer

NOTE:The files in the data folder (with the exception of the host public key) contain information that should remain secure. These files should not be readable by any one except SYSTEM and Administrators. These file permissions are set by default.

Filename	Description
rsshd_config.xml	Server configuration file. This file is in XML format. NOTE:To minimize the chance of introducing errors, we recommend using the console whenever you want to modify your server settings.
hostkey	The default private key of the public/private key pair used to identify the server to clients.
hostkey.pub	The default public key of the public/private key pair used to authenticate the server to clients.
RSITDatabase	This file stores cached credentials and keys used for establishing connections to remote SFTP servers. The file is encrypted using AES 256. In addition, passwords within the database are encrypted using the same algorithm with a different, system-specific key unique to the user. Moving this file to another system is not supported unless the system is identical (such as in a failover environment).
RSITDatabase.sec	This file contains the key required to decrypt the credential cache and is required to use the cache. If it is deleted, you will need to recreate your credential cache.
migration	This hidden file indicates that the server has migrated settings from a prior version. When this file is present, the server won't repeat an automated migration. This file has no effect on migrations done using the rsshd command line -m option.
trustedWebService.cer	(Reflection for Secure IT Gateway only) The certificate used to authenticate Reflection Gateway Administrator. This file is created when you click the Activate and Verify button on the Reflection Gateway Users pane. If Reflection Gateway Administrator sends a different certificate, Reflection Gateway users will not be able to connect to the Reflection for Secure IT Server.

Log Files

By default, Reflection for Secure IT stores log files in a Logs subfolder in the data folder.

Log File	Description
Migration.Log	Information about settings migration from an F-Secure or Reflection 6.x sshd2_config file.
Console_Validation.log	Information about invalid settings values in the rsshd_config.xml configuration file. This file is created when you start the console.
Server_Validation.log	Information about invalid settings values in the rsshd_config.xml configuration file. This file is created when you start the server.
RSSHD- yyyymmdd -...log	Debug log file. (These files are not created by default. Enable text logging using the Debug Logging pane.)

User-Specific Files

User-specific files control access to the server by individual client users. Reflection for Secure IT looks for user-specific files in the Windows user profile folder. The user profile folder is configurable by the Windows system administrator. The default is:

Windows Server 2003:
\Documents and Settings\username\

Windows Server 2008:
\Users\username\

File or Directory	Description
<user profile>\.ssh2	Default user key directory. Copy user public keys to this directory.
<user profile>\.ssh2\authorization	Default user authorization file. Add a line for each key using the format "key" followed by the public key name. For example: key mykey.pub

File or Directory

Description

<user profile>\.ssh2

Default user key directory. Copy user public keys to this directory.

<user profile>\.ssh2\authorization

Default user authorization file. Add a line for each key using the format "key" followed by the public key name. For example:

key mykey.pub