Telemote Release Notes

The following is installed with the Telemote Server and Viewer and the information on this page is also available in the "readme.txt" file. These are notes on the fixes and enhancements that have been added to Telemote since it's initial release.

Some of these enhancements may not be documented in the Help files or in the manual. Report problems and your feedback via email to support@pragmasys.com or by visiting our web site for support.

You can obtain the latest product or evaluation copies by contacting us via any of the following means :

(512) 219-7270 (TEL)
(512) 219-7110 (FAX)
Email :
Web: https://www.pragmasys.com/telemote/download

Highlights on what's new in this release:

----------------------- Build 2 Start -----------------------------

Release Date:Dec 13, 2024
Revision #: 4526

Enhancements:

- FIPS 140-2 Compliant as our PragmaCrypto lib uses Microsoft Base Crypto Primitive library which is FIPS 140-2 Certified (NIST #4536 certificate)
- We will be soon be FIPS 140-3 Compliant as Microsoft achieves FIPS 140-3 Certification for their Base Crypto Primitives library which our cryptp is based on
- Elliptic curve host key support: ED25519, ECDSA (nistp521, nistp384, nistp256)
- New EC based Kex Exchanges:"curve25519-sha256","ecdh-sha2-nistp521","ecdh-sha2-nistp384","ecdh-sha2-nistp256"
- New AES-GCM Cipher support: aes256-gcm@openssh.com, aes128-gcm@openssh.com, aes256-gcm, aes128-gcm in FortressCL, FortressFX, ssh cmdline, sftp, scp and sshd server
- New ETM MAC support: hmac-sha2-512@openssh.com and hmac-sha2-256@openssh.com in ssh, sftp, scp clients and sshd server
- EC keys (as well as RSA and DSA) can be used for public key authentication in FortressCL, FortressFX, ssh cmd line, sftp, scp, sshd server
- Telemote Host define dialog now allows public key upload and deletion from remote servers if publickey authen method is chosen.
- Telemote session title is shown as "hostname - Telemote" instead of "hostname - Telemote Viewer"
- Add cipher: and mac: in env variable PRAGMASYS_MODE of a sshd session. Run "set pragma" to see all env var pragma sshd sets in a ssh session.
- FortressCL avoids Cisco aes256-gcm and aes128-gcm ciphers without openssh.com variants if offered as Cisco implementation of these ciphers are incorrect and do not work with any vendors' clients.
- FortressCL now has hmac-sha2-512 hmac support
- All binaries are signed with Pragma new code signing certificate.
- Telemote tunnel management using gui is now available. All Tunnel info are shown in the right panel of the telemote viewer. Start/Stop/Edit/Delete of tunnels can be robustly done in the gui.

Fixes:

- Telemote Tunnel Password field deletion in registry does not cause trap if public key auth is used .
- in telemote/sshd server side, cmd line session were disconnecting and existing. This has been fixed now from revision 4274 onwards.
- refressh of tunnel keys used to do one refresh whenever telemote service was started even if refresh was not due. This is now fixed and no refresh will be done till it is due.
- FortressCL password login to Cisco IOX XE 17.14.01 were disconnecting with failures. It has been fixed in this build.
- telemote.log file in \ProgramData\telemote directory mow have everyone sid read,write permission when we create it first. Thus every user can read and write to it
- fix ssh cmd line client's key exchange "diffie-hellman-group-exchange-sha256" to work with recent Pragma sshd servers.
- TelemoteService auto manage tunnels will use 22 as ssh default port if not specified in tunnel "port" definition in registry

Known Issues:
- Grouprun command only works with password & publick key credentials in hosts or groups. Smart card option do not work with Grouprun.
- UpdateSoftware only works with password and applies to that host or all hosts of the chosen group.
- Advanced File Transfer mode does not work with Smartcard. Use non-advanced FortressFX for smartcard.

Release Date:April 17, 2024
Revision #: 4253

Enhancements:

- osinfo detects and shows Windows Server 2022; before it could detect upto windows server 2019
- SFTP file transfer logging options added to Logging page
- DH_GRP_MIN & DH_GRP_MAX of SSH server are now configurable by setting registry values of the same name in HKEY_LOCAL_MACHINE\SOFTWARE\PragmaSystems\SSHD hive. The values are 1024 and 8192 if not configured to other values
- ZRLE encoding is used as the default instead of Telemote encoding per Optum/CHC suggestion
- “User Default for Telviewer Options” can now be set in Telemote launcher pragmardc with a new toolbar icon or menu choice. This way if a host entry does not have settings from the past, this default user choices wil be applied
- ssh tunnel features now exposed in Telemote. It is a Telemote viewer side option and but will work in both Telemote viewers and servers.
- Tunnel Add, Edit, Start, Stop, Delete actions are available in the viewer gui to define and operate ssh tunnels. Checkmark a tunnel as "Tunnel Active" if you want it to be restarted after reboot. "net stop telemote" and "net start telemote" will stop and start all active marked tunnels from the telemote service. In a viewer only machine, telemote service is not available, so tunnels are managed from the viewer gui only, no auto start after machine reboot, but otherwise works the same way.
- upload-key publickey and delete publickey feature are available in Tunnel dialog panel to upload or delete a public key in remote host.
- upload-key takes "-p sshport" as the ssh port to use if default 22 port is not used in the target. "-oPort=NNN" also works. But the port change option must be given before user@host. For example:
upload-key -p 4899 domain\johndoe@host add c:\users\johndoe\AppData\Roaming\PragmaSSH\id_rsa.pub
upload-key -p 4899 domain\johndoe@host list
upload-key -p 4899 domain\johndoe@host del c:\users\johndoe\AppData\Roaming\PragmaSSH\id_rsa.pub
OR
upload-key -oPort=4899 domain\johndoe@host add c:\users\johndoe\AppData\Roaming\PragmaSSH\id_rsa.pub
upload-key -oPort=4899 domain\johndoe@host list
upload-key -oPort=4899 domain\johndoe@host del c:\users\johndoe\AppData\Roaming\PragmaSSH\id_rsa.pub

- Tunnels are now montitored by telemote service so that if they die they will be restarted.
- Tunnel ssh keys can now be refreshed by telemote service. They are auto regenerated and uploaded to the remote host at a given interval of days. Use Global Settings dialog to change them
- "Tunnel Users" localgroup is added by telemote service which can be populated with domain users or local user names. These users listed will only have tunnel building access and apps running, but they cannot do remote telemote viewer session, cmd line, dashboard or pingsession to that machine.
- Telemote Vulnerability test done using Tenable Nessus and no issues found. Code scanning tests done using Microsoft Visual Studio Analyzer and Snyk 3rd pary tools. Slight code changes done in telemote log file full entry path section to avoid potential security misuse via directory traversals.

Fixes:

- TelemoteTray minimized icon is disposed when Telemote service is stopped. Before minimized telemoteray icons were left till one hovered over it then it would disappear.
- TelemoteService starts telemotetray in current active console or RDP session, so that RDP session can manage telemoteservice/telemotetray using "net stop telemote" & "net start telemote"
- Telemote service is changed to "delayed automatic" so that it is run later in cycle after reboot so that telemotetray it starts happens after windows services are up. Otherwise in some VMware sessions, telemotetray app is started non-minizmed
- RDP Screen Max causing reconnect error on some cases that a customer (CHC) reported
- Infra sshd level: sshd - session count limit is enforced correctly so that a session exit allows the count to go down and so that next logon can proceed.
- telemotetray app would not start in some Windows Server 2019 systems even when a user logged in or when telemoter service restarted with "net stop telemote" and "net start telemote" command
- Telemote added Tunnel support and its config is done by Telemote viewer needing local admin access. But Telemote viewer closing was trap if the user did not have local admin access for users not doing tunnel stuff. The trap won't happen any more.

Known Issues:
- Grouprun command only works with password & publick key credentials in hosts or groups. Smart card option do not work with Grouprun.
- UpdateSoftware only works with password and applies to that host or all hosts of the chosen group.
- Advanced File Transfer mode does not work with Smartcard. Use non-advanced FortressFX for smartcard.

Release Date:December 19, 2022
Revision #: 4185

Enhancements:

- Monitor only mode now added to Reboot menu of the telemote RDC so that a emote host can be montiored after reboot issued separately or by some other commands/tools
- Telemote Basic version ( also called TelemoteOnly ) allows 3 command lines to a host instead of 1. Remote command executions are not counted in command lines.
- USERDNSDOMAIN environment variable is set in Telemote and Fortress to reflect the fully qualified domain that authenticated a user. In previous release, it was not set.
- Telemote RDC now allows Multiple verbs to be lauched by doing multiple host selection (choose control key to begin multi selection) and then clicking the verb
- Mouse Wheel can now be used to scroll texts up or down in Telemote Command Line CL program. This Mouse Wheel support was lacking before.
- In Telemote Viewer, host name entries can now be modified by clicking on the entry and typing in it without having to invoke the Edit panel.
- ”Web Connect” new verb added that allows Web connection to the hostname given in the entry using default web browser. Right click on a host entry to see the “Web Connect” verb. The hostname entry can have full web link to the remote site or just the domain name. http/https will be added if its not there in the hostname. The sitename and hostname are the only two fields used if “Web Connect” verb is chosen. Gateway is not supported for web connect, so won’t matter what is given.
- All installers are updated to use latest version of InstallShield 2022.
- Grouprun has command history now and remembers last 10 commands. Commands in history can be deleted by highlighting it and pressing the “delete” button in the keyboard
- Grouprun “Run Parallel” allows to say how many commands to be run at a time (default 5), what is the wait time after that bunch is run, etc. Settings button in grouprun page takes one to the dialog that can change these values from the defaults.
- Grouprun has three preset command buttons which can be programmed to do tasks in the remote machine, e.g. running mpsreports (c:\migtools\utility\mpsreports\get_mpsreport.cmd) or parsing windows event log to get data, etc. Click “Save Preset” and then one of the three Preset button ( PS1, PS2, PS3 ) to save your run command and Push files and Pull files settings currently in the screen.
- Grouprun has “Pull files” option so that files from remote machines can be sftp copied back to the local machine after a command is executed ( e.g. getting *.CAB files after mpsreports are run in remote machines). Pull Directory is specified to where the pull files should ne copied to and {Host} tag can be used to fill the remote machine name from where the files are pulled from.
- Telemote can be updated to the latest version from the command line by running "pragmardc update" . The start and completion is logged in \programdata\telemote.log file; windows scheduler can be used to invoke "pragmardc update"
- "pragmardc update \\neptune\products\builds\updatetelemote" -- file share path from where telemote update to be done can now be provided. It can be a download https path also. e.g. https://pragmasys.com/downloads/updatetelemote.html

Fixes:

- TelemoteOnly sometimes failed to give a cmd line session when telemote install was updated
- x509v3-sign-rsa support fixed in server and command line
- FortressCL code fixed to allow for multiple certificate key types
- Fix autostore of keys in sshd
- Reboot or Shutdown issued from PragmaRDC Viewer used to hang after the command issue. Now it will not hang and return control back to the viewer
- In Telemote Basic version (aka TelemoteOnly), 2nd user with a different name was not allowed cmd line session. 3 ssh cmd line sessions are allowed in Telemote Basic
- Telemote Inetd firewall rule sometimes missing during updated installs. The fix is to add the rule if missing.
- Telemote's RDP client in Windows 7 or older OS systems had a wait introduced in 4176 revision build. This has been fixed in 4178 revision.
- Telemote Ping fails to fix host entry wrong port 4899 to correct 22 when gateway is used to reach that host.
- Telemote server installers do not access HKEY_CURRENT_USER registry hive as a server installer no user hive should be touched or expected.
- Telemote FortressCL uneeded hive "HKCU\Pragma Systems\RDCSites" is no longer created as it was left empty and not used.

Known Issues:
- Grouprun command only works with password & publick key credentials in hosts or groups. Smart card option do not work with Grouprun.
- UpdateSoftware only works with password and applies to that host or all hosts of the chosen group.
- Advanced File Transfer mode does not work with Smartcard. Use non-advanced FortressFX for smartcard.

Release Date: January 5, 2022
Revision #: 4128

Enhancements:

- Viewer Help->Update path, instead of being empty, is initially is set to https://www.pragmasys.com/downloads/updatetelemote.html so that all users can update to the latest build from Pragma web site by just clicking the Update button. The user or site admin can change it to point to their own file share or download path. Pragma update download site works for all builds (Telemote Clients, Telemote Servers).
- Do not propagate SSH port from Group setting. A check box now added in Group setting “Use SSHPort”, by default it is not checked, so SSH port won’t propagate from a Group setting.
- Text Import of Hosts file format expanded to allow Groupname of the site, IPaddress and SSHport to be given.
New Format: Each host will be given in a line. Other fields will be comma separated. Field one is \groupname\sitename, field two is ipaddress or the hostname, field three is sshport. Fields two and three are optional. If Field two is not given, the sitename is used as the target hostname. If Field three is not given, default SSH port for the location config will be used (22 or 4899 etc).
An exported file can be imported with just one click, or can be edited with a text editor to add/delete hosts before import. Group names are to be specified in full before the sitename. Groupname is optional and if not given, the sitename will be added to the current group where it is imported into. In summary, we now allow 3 fields in the Export/Import Text file.
\FullHierarchyofGroupname\sitename,siteipaddress,sshport

An example export file that was exported by Telemote, If sshport is not listed, it means it is using the deafult ssh port value of the system, usually 22:
\Groups\Test3\columbia,10.0.1.202
\Groups\Test3\metro2,metro2,4899
\Groups\Test3\NewGroup\localhost,localhost,22
metro3,192.168..40.155
\Groups\Test3\NewGroup\duplocalhost,localhost

- Grouprun improved with options to copy script files to remote machines via sftp (all behind the scene, you do nothing extra) and deleting the script files after execution (delete is called cleanup and is an option, one can leave the files there as well, assisting detached running). Grouprun and all these new features work with remote Fortress sites also allowing you to maintain/update them.
- Telemote Help updated with new screen shots and description of new features of Telemote like Groups, Group setting, Software Update, Export and Imports. Help->Help or F1 gets one to this help file.
- Telemote RDP client improved to allow “Client Dimensions” to be used as the default with “Smart Sizing” off. But “Smart Sizing” can be turned on if one desires. Reconnect button added in menu so that in “Client Dimensions” mode one can resize screen and then reconnect to make it affective.
- Export/Import Host lists allow spaces in groupname. Comma is now used as the item separator instead of spaces
- In Import Host list file, groupname can be given in relative format instead of from the root. When the hosts in that file is imported, the relative group will be based from that current group
- Grouprun can now be invoked on a single host. Right click a host entry in Telemote viewer, and you will see grouprun to be invoked
- Verified that Telemote Grouprun and commands can also be executed to machines running just Pragma Fortress. Add the Fortress hosts in Telemote using “Add Host” or by Import Host list.
- SHA-2 key exchanges support added to FortressCL. FortressCL used to fail to connect to OpenSSH 8.2 default settings without it, now it connects and provides command line sessions.
- Doubleclick action on a host can be customized to one of the six common actions from a dropdown list on the host’s edit panel. Thus each host can have its own action for the double click
- ssh/sftp clients now has RFC 8332/8308 support with the required fixes we lacked before. sha2 signature algorithm are fully supported now in key signing.
- Telemote RDP client system menu has "Auto Reconnect on Client Dim Resize" new entry to automatically reconnect when RDP is used in Client Dimension mode & screen is resized. "Smart Sizing" mode does not need reconnect for screen resizing
- Telemote session viewer allows password to be pasted from the clipboard via new toolbar icon “Push keyboard as keys” (red up arrow). Useful for a remote locked screen/or if no user logged on the remote machine, complex password can be provided via clipboard rather than typing
- Dark Theme support added to adjust Telemote panel to a darker color theme. In the menu choose, Settings->DarkTheme, to select Dark Theme. Uncheck it to go back to regular light mode. Settings->GlobalSettings dialog allows choice of Dark Theme colors
- TelemoteFX Advanced file transfer application added with much richer feature mode of file transferring. Only 64 mode has TelemoteFX. FortressFX stays as the previous File tranfser version. Choosing "Advanced File Transfer" or "TelemoteFX" in global settings panel will make TelemoteFX be used as the file transfer program instead of current FortrerssFX.
- Command line sessions (Advanced console mode) have “insert” mode on by default. Before one had to type the “INSERT” in key board key to begin insert mode once a session was started
- GUI Improvement in Host Edit: when “Use Group Settings” checkbox is selected, the fields that the host receives from the Group Settings are populated with the resulted settings and greyed out
- Telemote command line can now match a viewer stored host by hostname or ipaddress. Previously it would only match the site name. First match in the viewer hive is picked (it was always this way).
- Telemote command line now has /rdp and /rdpssh support to provide RDP or RDP-over-SSH session. Two restrictions for RDP command line in this release: The /rdp or /rdpssh switch must be given at the end and the viewer hive must have the RDP host listed.
- Telemote command line help texts updated with better information for previous and new command formats. Type “telemote” without any arguments to see the command format help text.
- SSH sha2 hashes for x509 signatures are now supported (used for smart card or Yubikey). Before only sha1 hashes were supported for x509 signatures
- Option added in Settings to Remove toolbar in the Telemote Viewer
- Windows 11 support fully tested to work. Telemote Dashboard and osinfo are able to detect Windows 11 systems
- hmac-sha1 MAC taken out from default install in Telemote sshd server for stronger security ( sha1 hash is considered weak now )
- sftp server and sftp.exe command-line client now has symlink ( symbolic link support )
- Binaries signed with Pragma's newly issued code signing certificate
- pragmareg tool or Viewer About box shows companyname and customername for telemote bubble keys (these are V3 keys needing activation to work).
- localgroup "Telemote Users" now available to allow non-admin users to telemote/ssh/sftp/scp to a computer in case Admin-only option is used for a computer. Add/del users to the localgroup as follows
- Microsoft C-runtime dll (MSVCRT2017) feature installation pre-requisite is no longer there.
net localgroup "Telemote Users" domainname/johndoe /ADD
net localgroup "Telemote Users" localusername /ADD
....
net localgroup "Telemote Users" domainname/johndoe /DEL
net localgroup "Telemote Users" localusername /DEL

- Telemote viewer allows switching view only session to full control without reconnect. There is a new icon in the viewer toolbar to do this mode toggle
- Hand Grab pan feature added in the viewer so that it can be used for panning/scrolling. Clicking it will make the mouse pointer become a “hand”. Then hold the left mouse button and move around the hand to position remote screen you want to see. Clicking the hand again will make the “hand Grab pan” mode go away
- Use hot key (SHIFT+CTRL+NUMLOCK) to toggle Grab pan mode
- Single Sign On (SSO) feature is now supported by Telemote viewer as well as telemote command line. SSO allows current user’s logon credentials to be used to access remote telemote hosts and so username or password is not needed. /sso is the swicth to be sued in the telemote commend line
- Grab Pan hand short cut changed to Control-Shift-A. Settings option has a checkbox to disable this short-cut
- "Telemote Users" localgroup in Telemote hosts now support domain groups to be made members so that users in that group/groups can access over telemote even if they are not admins (if admin only mode was chosen telemotetray)

Fixes:

- Telemote Viewer RDP client improvements made so that Windows server 2012R2/Windows 8.1 or above OS uses newer RDP ActiveX control. This will help DoD/Veteran Admin sites to get RDP sessions better where stricter use policy are used.
- More error handling of extended errors in Telemote’s RDP client added so that connect failure will show error information received from the RDP server
- Grouprun should not over-ride sshport if "use sshport" is not checked in the group setting and should use the sshport associated with the host entry
- 2274 build issue: an error message appears on the screen when a user try to sign-out from RDP connection
- Telemote grouprun with gateway issues “operation failed” message, when push files are used
- "RDP over SSH" action gave error message “Object reference not set to an instance of an object” even if the action was being correctky if OK was chosen
- Telemote grouprun made to work better with push files directly and over gateways. Sometimes it used to exit without completing file push and cmd execution before
- Telemote grouprun push files can be repeatedly added by selecting files from file chooser. Files are separated with semicolon which are added automatically by the UX
- Telemote RDP client shows the remote host name in the Title. It was not shown in recent releases
- 32bit bit builds of Telemote were not running some binaries properly. 64-bit builds had no such issues. 32bit dashboard server showed an older build number
- Push files in grouprun fixed to work over gateways
- Push files in grouprun user interface fixed to allow file addition one or more time in the user interface pick (you can keep adding files to push, before doing the push)
- Telemote viewer session Clipboard functions fixed as follows:
Manual – clipboard function is based on the buttons located on the tool bar
Separate – the systems are separated and clipboard is not transferable
Auto – clipboard on the local machine automatically transferred to the remote system
- Telemote RDP over telemote gateways now works, which failed in recent builds
- Push files in Telmote grouprun failed in some cases and never got to sending the files and would just wait. Run Button now becomes active after runs are done
- grouprun would fail when run with more than 6 hosts in that group.
- Display Selecting to select screen monitor in telemote viewer caused GDI counts increases in server host telserver2.exe binary making the remote systems operate slow
- Grouprun file pushes through gateways now work for large file pushes. Before it would not finish in some cases. The fix is in our telemote client side (ssh level).
- Grouprun use of ssh port other than default port 22 now works correctly in all cases. Before Command line & other verbs would work, but not grouprun.
- telemote command line works with ipaddress or hostname that are not defined in telemote viewer. Before it used to hang and never connect.
- In Window 7, sssh cmd line failed to very remote host rsa certificate and used to fail to connect
- File Transfer with FortressFX does not work if the host port is other than 22 (e.g. 4899)
- "RDPoverSSH" using a local administrator account does to connect to remote host (a non-domain machine) when username given without a domain or the remote computername. e.g. “Administrator”. The fix is to give the username as “local\Administrator” or “.\Administrator” ; the fix is in the host software, so the host software has to be updated to this new build. “remotecomputername\Aministrator” username already used to work and will continue to work as well
-PingScan of Group not refreshing color status of hosts ( if it goes offline for example) after pingscan of the group is done
-TelemotePing with Gateway do not correct sshport. Now both the gateway port and the target host port will be corrected
-Telemote Command Line not working on hosts with port specified if group setting is used and "UseSSHPprt" setting is not chosen. Still group ssh port is sued and not the host ssh port.
-Viewer File Transfer with Gateway fails to launch the advanced file transfer program. If gateway is not configured, the advanced file transfer is luanched correctly.
- telemote command line /rdp and /rdpssh switch now works with hosts with gateways
- \programdata\telemote\telemote.log client side logging disconnect messages now logged for all verbs. Before some disconnect messages were not logged but connect were logged
- telemote command line RDP invoking restriction of having the hive is no longer there
- telemote /h:ipadress /rdp -- now works. /h: switch did not work before for /rdp or /rdpssh
- smartcard or yoube key with sha2 hashes for x509 signatures now works
- Telemote RDP client minimizing for some systems caused getting “not enough virtual memory message" error and the client would disconnect. It is now Fixed.
- Telemote Viewer Smart card handling improved so smart cards of a different user than currently logged in can be used to connect/telemoteping to remote systems
- Telemote command line Smart card handling improved so smart cards of a different user than currently logged in can be used to connect to remote systems
- Telemote rdc and command line made to ignore host entry not there message (if the host was not listed in known_hosts) which used to hang before (needing user's yes/no)
- SSH server Account lockout during repetitive logins for SSH keys based login
- Sometimes after install/reinstall, telemote rdc viewer starts with a tiny screen
- During Telemote's RDP login, expanding the RDP client window crashed RDP viewer
- Telemote command line /rdp prompts for a site credentials when the hive exists and uses “Use Group Setting”, as it should not prompt but use the hive credential from the group setting
- TelemoteFX advance file transfer ssh port use bug fixed so that it works with after a new host is created
- Telemote FortressFX file transfer uses global SSH port if ssh port for a host is not provided
- sftpserver regression bug fixed so that it works in other modes than full file system tree access ("Allow user to traverse above home directory")
- sftpserver allows local users to be able to sftp to a pc as it sets home directory from userprofile if default sftp settings registry hive permission does not allow that user to read it
- elevated prompt for telemote update moved before download begins so that for slow downloads users do not have to wait for the elevate prompt
- "telemote ... /sso" command line works even if no host or group has been added in the telemote hive. Before it used to run into exception error.
- Telemote viewer install for a clean/new install used to fail for a dll not found. That has been fixed in 4128 build.

Known Issues:
- Grouprun command only works with password & publick key credentials in hosts or groups. Smart card option do not work with Grouprun.
- UpdateSoftware only works with password and applies to that host or all hosts of the chosen group.
- Advanced File Transfer mode does not work with Smartcard. Use non-advanced FortressFX for smartcard.

Release Date: January 12, 2021
Revision #: 2257

Enhancements:

-Group based AddressBook feature is now introduced to store access credentials with a Group instead of each hosts. This simplifies access management as one group credentials can be used to manage all hosts in that group and all groups below it. Right click a group and choose “Addressook” to update the group’s access credentials. Each hosts can still retain the access credentials you put for that host, deselect “Use Group Address” checkbox in that case.
- Export and Import of AddressBook features are now available. Right a Group and choose “Export AddressBook” or “Import AddressBook”. Export AddressBook will export all addresses, groups and host lists from the current group and below. Import AddressBook will import all addresses, groups and host lists that was saved in a “Export AddressBook” operation. AddressBooks are stored in .reg extention files.
- New Hosts can be imported to a group from a text file that contains host names separated by spaces, tabs, comma or newlines. Right a group and choose “Import AddressBook” which will lead you to select your text file that contains the host list ( use .txt extension to name these files ). “Import AddressBook” is smart by the contents of the files it knows if it is a text host file or a file exported with “Export AddresssBook”.
- “Settings->Export All Address Books” saves all AddressBooks, Groups, Hosts and their addresses in the system. It is like a system backup of all connection info. You can restore or get it back by running “Settings->Import All Address Books”. Typically one would delete all groups and hosts entries in the system by doing “Delete Group” on the root “\” group before doing a “Settings->Import All Address Books”.
- Telemote Build dates are shown in the Telemote Viewer panel along with the Telemote build version.
- Telemote Viewers AboutBox shows error messages for all key updates. Before we did not show any key update error messages and just showed the trial or the last good key if an error was encountered.
- Discovered hosts are marked to use "Use Group Address" if username and password are not provided at discover time to seed each host. This assists Group credentials to be use for all discovered hosts without having to do any extra steps. Just add access credntails in the Group AddressBook.
- View Details in the main PragamRDC Viewer Panel made the default view instead of the icon mode being the default as useful vital information are shown in the details mode
- telemotec.exe/telemote.cmd command line now has AddressBook support. So site or host chosen can have address empty and connect authentication info will be obtained from its group addressbook or addressbook of a group above in its parent chain
- FortressCL Commandline when luanched from Telemote, now can change various terminal settings - terminal type (vtxxx, xterm, etc.), fonts, screen colors and terminal height aand width. Terminal resizing can also be done by just dragging the right bottom corner of the terminal live session and screen will be resized dynamically.
- Telemote launched FortressCL command line Terminal settings consolidated into one "Terminal dialog" that allows fonts, color and all terminal settings to be changed in an easy tree-formatted navigation choice panels.
- FortressCL and FortressFX Licensing Information Dialogs changed to have more room for showing future V3 license keys.
- Telemote luanched FortressCL command line terminal handling improved by having each host its own hive and other UX ease
- pragmareg without any argument returns error code 99 if there is no key installed in the remote system. If a key is installed, it will return 0 meaning success. This can be used in scripting for sites that has many licenses to install and needs to know if a host has proper TELEMOTE license key or not. The return codes are:
0: Success
99: No key installed. It is a trial version running
1: Invalid product name given
2: Invalid key given
3: License Key given is for a different product
4: Access denied. Run pragmareg.exe from an Admin level account
10: This key can only be used for a specific OEM customer

- GroupAddressBook is changed to be called "GroupSetting"
- sshd server now shows the diffie-hellman key exchange name in "PRAGMASYS_MODE" environment variable that is set for each ssh session. Run "set pragma" inside a ssh session to see the Pragma environment variables set.
- "diffie-hellman-group1-sha1" and "diffie-hellman-group-exchange-sha1" key exchange methods are now disabled by default as they are not as secure as before and recommended by IETF to be turned off.
- update sets the default path to download and update from https://www.pragmasys.com/downloads/updatetelemote.html

Fixes:

- FortressFX SFTP file transfer with public key now works. There was a regression bug in the recent release.
- Imprt of Hosts from Text file was adding empty host entries if extra newlines were in the line (in 2207 build). Now it does not.
- Group AddressBook's gateway mode was not allowed to be checkmarked and gateway entries entered. It has been fixed now.
- sshd server cmd line system was not updating remote screen sent screen size change requests. A regression bug (till 2209) is now fixed
- FortressCL saves the terminal height and width for each host when the sesssion has ended so that next time that terminal size will be used when connecting to that host
- Telemote Viewer works in .NET 4.5 or higher framework not needing .NET 4.6 as the minimum
- Telemote Viewer handles the 14-day trial period correctly and does not say "Unknown installation time" or trial period has already expired
- pragmareg fixed to return correct return codes for AUTO mode, detect trial mode is on, detects trial mode with no key installed, detects a bad keys better.
- Opening Telemote FortessCL tracing window does not reduce terminal size by one line
- Scaling of fonts added in trace window, settings tree labels, etc. to all look & fit better
- UpdateSoftware works with Group Settings
- Chat, SendMessage and Reboot works with Group Setting
- New Powershell sending terminal sequences are handled properly
- Grouprun can now send longer comamnd upto 2048 bytes. Before there was a limnit of 128 bytes.
- Viewer Clicked node were note cleared of gateway and authen settings if group use flag was set; previous nodes gateway and authen settings were shown
- SFTP server does not show Z: drive in remote systems but shows all other drives

Known Issues:
- Grouprun command only works with password credentials in hosts or groups. Smart card and publickey option do not work with Grouprun.
- UpdateSoftware only works with password and applies to that host or all hosts of the chosen group.

Release Date: November 20, 2020
Revision #: 2186

Enhancements:

- IP Address is shown in the Telemote Viewer Panel for each host. TelemotePing or TCPIP Ping verb will update the ip address of the remote host
- New enhanced License key introduced which now requies one time activation. The host has to be connected to the internet during license activation which takes just a few seconds to do. After activation, the host can be disconnected from the internet. Use the following command to activate your license key from an elevated command line:
pragmareg ACTIVATE new-lic-key-with-dashes-in-them
- Telemote Basic and Telemote Enterprise sre two versions now available. Basic gives 5 connections, one command line and base core features. Enterprise gives unlimited connections, unlimited command lines, powershell & scripting and SFTP based fastest file transfers.

Fixes:

- SFTP file transfer used to fail for 2184 interim release. That has been fixed in this 2186 release.

Known Issues:
-none

Release Date: October 30, 2020
Revision #: 2151

Enhancements:

- Telemote now supports smartcard & public key authentication in addition to password
- Pin Prompt support added to Telemote client gui so that user's are prompted for the smartcard pin for authentication
- User Principal Name (UPN), Common Name (CN) modes in smart card are supported so that user's name can be picked up from the smart card
- "Ping All Hosts" new menu added in RDC to allow all sites in the system to be updated (only available in root group now). "Ping Group" ping updates all hosts in that group. So now "Ping Group" of root group will only update just the hosts in that group. "Ping All Hosts" in root updates all hosts in the entire system
- Help->Update dialog in Telemote client is seeded with Pragma's telemote update link path
https://www.pragmasys.com/downloads/updatetelemote.html
This allows one click confirm to update to the latest telemote build. This link path can be set to a different location for a customer site that wants to update from a different web or drive/file directory location (e.g. \\server\distrib\updatetelemote )
- updatetelemote file contents should follow formats like this below with the left side tags needed to be given exactly. It shows the build version,binary locations and ms silent install switches.
version:1.0.2.2151
64bitpath:\\neptune.pragmasys.local\products\builds\2151\telemote_x64.exe /s /v"/qn /norestart" 32bitpath:\\neptune.pragmasys.local\products\builds\2151\telemote_x86.exe /s /v"/qn /norestart"
viewerversion:1.0.2.2151
64bitviewerpath:\\neptune.pragmasys.local\products\builds\2151\Telemote_Viewer_x64.exe /s /v"/qn /norestart" 32bitviewerpath:\\neptune.pragmasys.local\products\builds\2151\Telemote_Viewer_x86.exe /s /v"/qn /norestart"

Fixes:

- TelemptePing will prompt for smartcard pin when needed. Password field can be left empty if other authentication methods are used
- ssh command line -ProxyCommand -W option had a regression bug which has been fixed in this release
- grouprun in RDC now works over host entries with gateway
- Telemote RDC now detects smatcard reader or the smart card presence and will prompt if they are not connected ot inserted

Known Issues:
-Update Software needs password authentication of the remote node. Smartcard login mode does not work.
-Reboot required msg may be shown after install. Ignore it. Reboot is never required for installs or updates.

Release Date: August 27, 2020
Revision #: 2115

Enhancements:

- SSHPort can now be configured in a telemote telviewer computer for all users. “\ProgramData\Telemote” directory can have a text file name “telemote_config” that has one entry like the following. A # as the first character makes it a comment line. Instead of 22, you can put the ssh port for your site. SSHPort can be given as sshport as case does not matter.

# Telemote configuration file example.
# Shows for this site, the default SSH port is 22 if not given in an host entry
SSHPort 22

- For improving the Panning issue, “Vertical Threshold” and “Horizontal Threshold” added in Telemote Viewer Auto Scroll section in connection option. User can select a vertical and horizontal scroll threshold (valid values from 1-20); Viewer toolbar has a button to toggle Panning on or off.
- Auto Scroll renamed to Auto Panning
- Export/Import Host List renamed to Export/Import Address Book in menu as that reflects what it actually does better
- .ppk (putty private key) format now supported by FortressFX, ssh, sftp, scp. Use "-i mykey.ppk" for giving the ppk key in ssh, sftp and sftp command lines
- remote hostname shown in telviewer file trasfer dialog title
- SSHPort used in remote host is shown both TelemotePing and DashBoard to assist in diagnostic problems
- TELEMOTEONLY keys can now be updated from Aboutbox in PragmaRDC gui
- pragmareg tool now supports TELEMOTEONLY keys in AUTO key detection mode
- SSH Port probing feature added to probe & determine what SSH port is used by a remote host. Port 22, 4899 and 5631 SSH port detection are built-in
without any configuration needing to be done. If sites want to use other ports, “SSHPossiblePort” can be specified in \ProgramData\Telemote\telemote_config file
to list upto 10 ports. TelemotePing on a host or PingScan of a group will probe the correct SSH port on the remote host, show it in the status log and
update it automatically in the host entry. Following a TelemotePing or when PingScan completes, all verbs will be able to be executed on a remote host machine
as the SSH port has been probed to be correct. So it is a good practice to do a TelemotePing on a host, if connecting to it is failing for any reason.

# An Example Telemote configuration file. Default SSH port for the site is 4899
SSHPort 4899
# port probe these SSH ports additionally in case a host entry port appears to be not connectable
SSHPossiblePort 22 5631 4899 922

- Installs updated to install vc17 c-runtime if not on the system already, which our managers need as they cannot be statically linked due to our dynamic architecture for them
- Installs updated to work with older builds so that this build can be used to update from the previous very old builds.

Fixes:

- Telemote does not use 8081 tcp port, thus port collision in servers are avoided. Instead, Telemote now uses a dynamic available tcp port that the windows system provides. This introduces a compatibility issue and requires New Viewers of 2063 build (or newer) to work with new Telemote servers (build 2063 or newer). Previous version Telemote servers can still be reached as this new viewers are smarter and can work with both old and new telemote servers.
- Folder delete in telviewer file transfer now works and does not give the recursive message.
- Reboot from telviewer tray icon would not initiate reboot
- When a telviewer session disconnected or ended, telemotetray would not show this message. Now it does.
- "Limit to Users" mode now works (given in TelemoteTray) to limit which users can access a remote machine. It was a recent regression bug
- Long delay in SSH connections to some machines (35 to 38 secs) will no longer happen
- Slow file copy in telviewer file transfer between win10 2016 LTSB and Win server 2012 R2 issues fixed.
- SessionMgr binary is now available in Telemote Viewer installs
- Pin Login fixed in the sshd server end so that upcoming HelpMe new cloud product works - FX and CL reports licesne key or install registry hive problems more precisely so that the issue can be resolved better
- FX File transfer and CL not starting in some sites when starting by right clicking the verb are now fixed.
- Better more accurate messages are shown to the user when FX file transfer or other tools are not starting
- Not useful warning messages from the Windows Event log taken out
- First installs or clean install without previous Telemote installs showed guid numbers instead of remote host names
- Certificate signing bug fixed where one would not get PIN prompt for x509 login. Seen it to Cisco IOS boxes. It is fixed now.
- Cisco scp file transfer not working to Pragma scp fixed, the issue was in Pragma Fortress sshd

Known Issues:
-none

Release Date: April 15, 2020
Revision #: 2023

Enhancements:

- Session Management support added to Telemote. "Manage->SessionsMgr" menu invokes it.
- Telemote service in remote hosts can be restarted now. "Manage->Reestart Telemote" does this work.
- Run commands on a Group feature added (right click on a group to invoke it). This way a command can be run on all machines in a group in parallel and outputs obtained.
- telemote in view details shows operating system build number (e.g. Win10 1803, 1809 etc) and whether 64 bit/32bit
- PingScan of a group now updates the Telemote license type info as well
- Sitename does not have to be unique any more. We have made major enhancements to how host connect address book is stored (GUID based now) which allows features like this. Our code makes autoconversion for your old address book to this new format at Telemote client launch automatically so users do not have to do anything.
- grouprun shows sitenames in host list instead of the host address (which could be given in ip format) for better usability.

Fixes:

- File transfer of over 4 Giga bit now works. It was a Telemote client side issue which now has been fixed.
- Dropping or moving a site to its own group used to delete that host from that group. Now it will have no effect and the host will remain in that group.
- A regession bug for large transfer in telviewer file transfer introduced for builds after Mar 13, 2020 was fixed. Now large file transfers works from telviewer.

Known Issues:
-none

Release Date: February 02, 2020
Revision #: 1953

Enhancements:

- Details view in telemote now shows telemote version number, os name, machine up/down status
- Ping Scan verb added to get status updates of all machines or machines in a group
- Update Software can be run on a host or a group to remotely update telemote version in a host or all hosts in a group
- Remote Clipboard mode enhanced
- Launcher screen size, last group selected, etc are remembered to enhance usability - Online documentation updated with new screen shots and descriptions
- Help->Update menu to update Telemote Viewer in the local machine
- Non-domain machines can be updated by Update or Update Software. Machines in Windows Domain were already able to be updated
- Help->Update updates provides better UI during updates using an installer program
- uninstall.savesettings supported in updateconfig file to allow save telemote reg savings, uninstall, install and restore reg settings
- Browse button added to pick a file from a directory for updateconfig
- Throttle feature added to File Transfer client FX
- Throttle feature added to command line ssh, sftp, scp clients via -oMaxSpeed=n options that shows how much n kilobyte/sec max data rate should be.
- version:auto feature added to updateconfig file so that product version is picked from telemote install binaries
- DSA key generation enhanced to allow creating larger key sizes than 1024 bits with the correct qbits so that it works with other platforms
- Telemote can now be installed and run in Windows Home versions. Telemote Viewer already used to work, so Telemote is now fully supported in Windows Home versions.
- Connect RDP over SSH support added. New menu item added for it in addition to keeping "Connect RDP". This allows stronger security as RDP packets are run over SSH transport. RDP server side can also have the firewall rule changed/blocked so that only TCP/UDP RDP port connects from localhost are accepted for additional security.
- Telemote client file transfer uses sftp protocol underneath for much faster file uploads/downloads.
- Blanking of Remote Monitors. From a Telemote session, remote monitor(s) attached to that display, can be turned off or turned on. Buttons are added in Telviewer toolbar to turn off or turn on remote monitors. This can be useful for security conscious environment. This feature only works in Windows 10 and Windows 8.x systems.
- Telemote sessions and ssh tunnels are shown in SessionMgr gui and telmc command line to assist remote telemote session management

Fixes:

- Windows 10: FortressFX left panel icon verbs in toolbar now works. Right panel file attributes shown correctly. Upload Files to a directory and Upload Folders to a directory in the right panel now works.
- 32bit updates done from the Help->Update now works correctly. 64bit updates had no such problem
- Connect Progress indicator does not go away if Pragma ssh is not in the first path to be picked as the first ssh client
- Update Software dialog cancel to a site still issues the software update command
- Progress Dialog boxes for connection with gateways stays there once software update for sites are issued
- File xfers regressed to not maintain source date & time. Now they do.
- logoff/termination of remote sessions now works from an administrator level account using SessionMgr.exe

Known Issues:

-none

Release Date: March 14 2019
Revision #: 1712

Enhancements:

- File transfer speed, within Telemote screen, increased substantially for both upload and downloads
- Same user allowed to get sessions to a remote machine if they have a current session from any machine without needing permission from the current master. TelmoteScreen\AllowSameUserAnyMachine registry entry can be set to false if permission should be asked for the same user login from another machine at the same time.
- Idle connection timeout feature added in telviewer client so that if no mouse or key board is entered for a duration, the session will be disconnected from the client side
- For 2nd or follow on user accessing a remote node, if deny or approve is not received within timeout(60 secs),access is granted per suggestion of McKesson. HKLM\Software\PragmaSystems\TelemoteServer\RejectOnTimeOut can be set to 1 if timeout should result in denial (not giving access). In Telemote Cloud mode, these access feature limits are avoided.
- Multi factor authentication (mfa) and use of Yubi keys are supported by Telemote's underlying sshd, sftp, scp servers and all clients ( command line or graphical)

Fixes:

Known Issues:

-none

Release Date: Nov 29 2018
Revision #: 1629

Enhancements:

- Screen blacking out after remote screen resize will not happen now.
- Remote screens can be resized and our viewer will adjust to it and show correctly
- sftp, scp, ssh client and servers now support full unicode allowing foreign character filenames and contents
- Pragma's new digital certificate (issued by a Certificate Authority) used to sign all binaries

Fixes:

- Telviewer control-control short cut was being triggered ON by switching to an RDP session when a telviewer session was active

Known Issues:

-none

Release Date: Mar 29 2018
Revision #: 1534

Enhancements:

- All Telemote binaries and installers are now digitally signed with Pragma certificate.
- telemote command line now expanded with various /slash single letter switches to allow connecting via gateway, provide username, choose viewonly option, etc features. Run telemote without any options to get the fill command syntax. Old command formats withour switches will continue to work. Options can be given in single letter or their full name equivalent. e.g. /g:gatewayhost or /gateway:gatewayhost /v or /viewonly
- telviewer provides a confirm dialog choice option for closing a host connection.
- telviewer has new option to turn off relative mouse toggle short cut key
- config from tool bar is now available via "Configuration" wrench icon
- "Limit to Users" will now allow Active Directory/Kerberos login also if the username allowed matches
- Callers can give user@domain format in ssh client to match users listed in "Limit to Users". domain\user format is also accepted like before; domain\user format should be always used to list in Tray app gui's "Limit to Users".
- In "Limit to Users", we try to match with computername attached to a name or take the domainname out. This provides flexibility in listing "Limit to Users". Note: domain account has to be fully listed in "Limit to Users" list" but local account does not have to.

Fixes:

- telemote command line now reads gateway information from the site, so can be used to connect to host that are configured to be reached via gateway
- DSA keys bigger than 1024 bits, e.g. 2048 bits, were failing sometime to login in ssh or sftp.
- Installers no longer show the annoying pop up console sessions of some background tasks

Known Issues:

-none

Release Date: Feb 12 2018
Revision #: 1482

Enhancements:

- Telemote Viewer now gives choice in host settings to set port for Telemote remote screen. It can be changed per host or for all sites for a viewer. Useful for accessing Linux machine remote screens which may run on ports other than standards.

Fixes:

- System Up time in Dashboard was shown lower and was wrapping up after 49.7 days. Now it shows it correctly.
- FortressCL, FortressFX and PragmaMgr programs handle high dpi monitors and scaling better.
- Control key toggling on Relative Mouse

Known Issues:

-none

Release Date: Feb 5 2018
Revision #: 1474

First General release. Version 1.0, Build 2, Revision 1474

Known Issues:

-none

----------------------- Build 2 End -------------------------------

Navigation

Social Media