Primeur Online Docs
Data Mover 1.20
Explore our productsData Mover 1.20Data Watcher 1.20Data ShaperPanorama 1.2.4DWAgent 2.0.0Data One Installation Manager
Data Mover 1.20
Explore our productsData Mover 1.20Data Watcher 1.20Data ShaperPanorama 1.2.4DWAgent 2.0.0Data One Installation Manager
  • 🚀GETTING STARTED
    • What is Primeur Data Mover
    • Main features in Primeur Data Mover
    • Primeur Data Mover deployment
    • Navigate through Primeur Data Mover
  • 👥Actors
    • Who are they?
    • Create your first actor
    • Configuring an actor 🚀
      • Users Tab
      • Groups Tab
      • VFS Tab
      • File Resource Tab
        • Creating File Resources
        • Navigating File Resources
        • How to use File Resources
      • Connection Contract Tab
      • Client Connections Tab
    • Searching files by Actor
    • Actor Lineage 🚀
      • Aggregation of flows by protocol 🚀
      • Lineage with connection contracts 🚀
      • Lineage with input, mediation and output contracts 🚀
      • Lineage with any contract type 🚀
  • 📝Contracts
    • What is a contract
    • Create your first contract
      • Create an Input Contract
        • Define the Contract Info
        • Associate the Contract with the Actor
        • Define the Contract Actions
        • Set the Contract Variables
      • Create a Connection Contract
        • Create a Contract Clause
        • Associate the VFS with File Processing Rules
        • File Processing Rules
    • Managing contracts 🚀
  • 🧱Workflows
    • What is a workflow
    • Create your first workflow template
      • Workflow template - Toolbar
      • Workflow template - Shape Repository Panel
      • Workflow template - Working Area
      • Workflow template - BPMN-Diagram
        • Variable types
      • Modeling elements
      • Editing Workflow Templates
    • How they work
    • Trigger types
    • Service Tasks
      • Configuring Service Tasks
      • Configuring Triggerable Service Tasks 🚀
      • Handling Process Variable
      • Spazio Selectors and Filebox Metadata management
      • Error Management
    • Workflows and contracts interaction
    • Workflows hacks you may need
    • System Workflow Templates
      • Input templates
      • Mediation templates
      • Output templates
    • Error Workflow Templates
    • DataFlow Instance Context (DFIC) 🚀
  • 🔓Security
    • Identity and Access Management
    • Users & Groups
      • Setting the password policy
      • Creating Internal Users 🚀
      • Creating Internal Groups
      • Creating External Users
      • Creating External Groups
    • Key Stores and Trust Stores
      • Key Store 🚀
        • Creating a Key 🚀
        • Creating a Certificate 🚀
        • Importing a Key or a Certificate
        • Creating a Symmetric key
        • Examples
      • Trust Store 🚀
        • Importing Keys 🚀
        • Importing Certificates
      • Untrusted Cache 🚀
      • Trusting an element
        • When do I use the Keys tab?
        • When do I use the Certificates tab?
      • PGP Key Store / PGP Trust Store
        • Configuring the PGP Key Store
        • Importing keys into the PGP Trust Store
  • 🛸TRANSPORT PROTOCOLS AND CONNECTORS
    • Data Mover client and server roles
    • Client Connections
      • FTP connection
      • Client Connection: FTPS
      • Client Connection: SFTP
      • Client Connection: HTTP
      • Client Connection: HTTPS
      • Client Connection: PESIT
      • Client Connection: SMB v3 or later versions
      • Client Connection: POP3 IMAP
      • Client Connection: SMTP
      • Client Connection: PR4/PR4S
      • Client Connection: PR5
      • Client Connection: PR5S
      • Client Connection: HDFS
      • Client Connection: HDFSS
      • Client Connection: Amazon S3 🚀
      • Client Connection: Google Cloud Storage
        • Credentials
      • Client Connection: Azure Blob Storage
      • Client Connection: IBM Sterling Connect:Direct
      • Appendix
    • Server Connections 🚀
      • FTP
      • FTPS
      • SFTP
      • HTTP
      • HTTPS
      • PeSIT
      • PR4
      • PR5
      • PR5S
      • CD
    • Stopping all servers in one go
  • 🛰️DMZ GATEWAYS
    • DMZ Gateways
    • DMZ Clusters
  • 🎧FILE EVENT LISTENER
    • What is the File Event Listener
    • Configuring File Event Listeners
      • Setting the File Event Listener Engine
      • Defining a contract for the File Event Listener
      • Setting events to be monitored
    • RegEx Rules
    • Monitoring File Event Listeners
  • 🔍ICAP
    • ICAP Engines
    • Configuring an ICAP Engine
    • Defining an ICAP rule
  • 📚CLUSTERING
    • STENG, Clusters and Servers
    • Adding a cluster and a STENG
    • Deleting a STENG
  • 🕒MONITORING
    • Jobs
      • Details about Jobs 🚀
      • jobman.sh CLI
    • Job Manager
    • Job Queues
      • Managing Job Queues
    • File Transfers
      • Ongoing
      • Finished
      • Reports
    • File Transfers Rules
      • Configuring Rules
  • 🤓ADMINISTRATION
    • Storage Classes 🚀
      • Storage Class: File System 🚀
      • Storage Class: SMB v3 or later versions 🚀
      • Storage Class: Amazon S3 🚀
      • Storage Class: Google Cloud Storage 🚀
      • Storage Class: Azure Blob Storage 🚀
    • Retention Classes
    • Virtual File Systems (VFS) 🚀
      • Creating a VFS 🚀
      • Configuring a VFS
      • Adding Virtual Paths
      • Modifying and Deleting a VFS
      • Searching files in all VFS
    • Advanced Settings
  • 👑FILE MANAGER
    • Getting started
    • Logging into File Manager
    • Managing the File Manager 🚀
      • The list of results
      • Creating new folders
      • Uploading files
      • Downloading files 🚀
      • Searching for files and folders
      • Deleting files 🚀
      • Bulk actions 🚀
    • File Manager and VFS
    • Customizing File Manager externals
      • The configuration-wui.json file 🚀
      • How to customize the Login window and the logo
      • How to customize the footer
      • How to configure the Upload with Metadata option
      • How to customize bulk actions 🚀
  • 🧑‍⚖️FILE ROUTING
    • What is File Routing 🚀
    • Routing Rules page
      • The Rules tab
      • The Categories tab
      • The Output tab
    • How to create a rule 🚀
      • Add metadata 🚀
      • Select ACTIONS
      • Select OUTPUTS
      • Policy for the selection of metadata rules
    • Configuration of the environment in Data One
      • Set up Storage Classes
      • Set up Retention Classes
      • Configure the Actor
      • Set up File Resources
    • Associate the Routing Rule to a Contract
    • Example
  • 💬LOGS & AUDIT
    • Logs 🚀
      • Logs options 🚀
      • Troubleshooting error analysis in Logs
    • Audit Options 🚀
      • Export audit logs 🚀
      • List of Audit entity types 🚀
      • Audit message codes 🚀
    • Log Notifiers 🚀
      • FEL message codes
  • 📩NOTIFICATION CHANNELS
    • What are Notification Channels
    • Configuring the default Email Notification Channel
    • Configuring a new Email Notification Channel
    • Trusting Certificates
    • Managing Templates
      • Data Watcher Macros
      • Contract Macros
      • ICAP Macros
      • Central Log Macros
      • Email Templates
      • Editing default templates
      • Loading a new template
  • 🟣DATA MOVER + DATA WATCHER
    • Data Mover in a bundle with Data Watcher
    • Attributes 🚀
    • Cut-off Board
      • Cut-off Calendars
    • Dataflow Inquiry
  • 🟠DATA MOVER + DATA SHAPER
    • Data Mover in a bundle with Data Shaper
    • Monitoring
    • Execution History
    • Sandboxes
  • 💻API
    • HTTP MFT Rest API
    • Job Manager APIs 🚀
    • SFTP Server sessions APIs 🚀
    • Audit Logs APIs 🚀
  • 🧐HOW TO...
    • ... use different DNS names - NEW! 🚀
    • ... configure a Cron Expression
    • ... create a Mediation Contract
    • ... create an Output Contract
    • ... configure an Application
    • ... customize a header
    • ... run searches in Data Watcher 🚀
    • ... use Data Shaper graphs in Data One contracts
    • ... modify DMCFG and deploy it
    • ... tune Data One data retention
  • 🗒️RELEASE NOTES
    • Data One 1.20.10
    • Data One 1.20.9
    • Data One 1.20.8
    • Data One 1.20.7
      • Data One 1.20.7.1
    • Data One 1.20.6
    • Data One 1.20.5
    • Data One 1.20.4
    • Data One 1.20.3
    • Data One 1.20.2
    • Data One 1.20.1
    • Data One 1.20.0
Powered by GitBook
On this page
  1. TRANSPORT PROTOCOLS AND CONNECTORS
  2. Server Connections 🚀

SFTP

PreviousFTPSNextHTTP

Last updated 1 month ago

Fields with the asterisk * are mandatory.

Value
Description

PORT *

Enter the port to connect to the server. This is the TCP/IP port the server will listen to in the STENG node.

SERVER KEYLABEL *

Enter the Key identifier about keystore store to select Private Key and Certificate to create SSL connection.

MAX SESSION

Specify the maximum number of active sessions.

CONNECTION TIMEOUT

Define the number of seconds without network activity to wait before closing a session due to inactivity. Default value: 60.

ALLOW SCP

Switch to disable or enable the SCP protocol. Possible values: YES and NO.

ALLOWED CLIENT AUTHENTICATION MODES *

This field refers to the SSH client authentication mechanism. Possible values: PUBLICKEY PASSWORD PASSWORD_AND_PUBLICKEY PASSWORD_OR_PUBLICKEY

ACCEPTED CIPHER SUITES

Select the cipherSuites accepted to establish SSL connection. For a list of all accepted Cipher Suites, follow this .

MAC ALGORITHMS

Possible values: HMAC_MD5 HMAC_SHA1 HMAC_MD5_96 HMAC_SHA1_96 HMAC_SHA256 HMAC_SHA2_256 HMAC_SHA2_512

KEY EXCHANGE ALGORITHMS

Possible values: DIFFIE_HELLMAN_GROUP1_SHA1 DIFFIE_HELLMAN_GROUP14_SHA1 DIFFIE_HELLMAN_GROUP14_SHA256 DIFFIE_HELLMAN_GROUP15_SHA512 DIFFIE_HELLMAN_GROUP16_SHA512 DIFFIE_HELLMAN_GROUP17_SHA512 DIFFIE_HELLMAN_GROUP18_SHA512 DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1 DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256 ECDH_SHA2_NISTP256 ECDH_SHA2_NISTP384 ECDH_SHA2_NISTP521

DMZ mode

NONE (default)

No session proxying through DMZ Gateway applied.

PORT_FORWARDING

Incoming/Outgoing connections to/from STENG server will be proxied inside an SSL tunnel without being validated in advance. DMZ PROXY PORT *: This port represents the tunnel that is opened for connection with the STENG Server. SERVER KEYLABEL: Select the label of private key to be used by the SFTP server exposed in the DMZ Gateway. CLIENT AUTHENTICATION MODES: This field refers to the SSH client authentication mechanism. Possible values: PUBLICKEY PASSWORD PASSWORD_AND_PUBLICKEY PASSWORD_OR_PUBLICKEY MAC ALGORITHMS: Possible values: HMAC_MD5 HMAC_SHA1 HMAC_MD5_96 HMAC_SHA1_96 HMAC_SHA256 HMAC_SHA2_256 HMAC_SHA2_512 KEY EXCHANGE ALGORITHMS: Possible values: DIFFIE_HELLMAN_GROUP1_SHA1 DIFFIE_HELLMAN_GROUP14_SHA1 DIFFIE_HELLMAN_GROUP14_SHA256 DIFFIE_HELLMAN_GROUP15_SHA512 DIFFIE_HELLMAN_GROUP16_SHA512 DIFFIE_HELLMAN_GROUP17_SHA512 DIFFIE_HELLMAN_GROUP18_SHA512 DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1 DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256 ECDH_SHA2_NISTP256 ECDH_SHA2_NISTP384 ECDH_SHA2_NISTP521 ACCEPTED CIPHER SUITES: It lists SSL/TLS cipher suites available in the SFTP server and exposed in the DMZ Gateway. Select the cipherSuites accepted. For a list of all accepted Cipher Suites, follow this .

SESSION_TERMINATION

The server session will be terminated inside the DMZ Gateway, before data is sent to STENG server. DMZ PROXY PORT *: This port represents the tunnel that is opened for connection with the STENG Server. SERVER PORT *: Enter the DMZ server port to be used for the connection. SERVER KEYLABEL: Select the label of private key to be used by the SFTP server exposed in the DMZ Gateway. CLIENT AUTHENTICATION MODES: This field refers to the SSH client authentication mechanism. Possible values: PUBLICKEY PASSWORD PASSWORD_AND_PUBLICKEY PASSWORD_OR_PUBLICKEY ACCEPTED CIPHER SUITES: It lists SSL/TLS cipher suites available in the SFTP server and exposed in the DMZ Gateway. Select the cipherSuites accepted. For a list of all accepted Cipher Suites, follow this . MAC ALGORITHMS: Possible values: HMAC_MD5 HMAC_SHA1 HMAC_MD5_96 HMAC_SHA1_96 HMAC_SHA256 HMAC_SHA2_256 HMAC_SHA2_512 KEY EXCHANGE ALGORITHMS: Possible values: DIFFIE_HELLMAN_GROUP1_SHA1 DIFFIE_HELLMAN_GROUP14_SHA1 DIFFIE_HELLMAN_GROUP14_SHA256 DIFFIE_HELLMAN_GROUP15_SHA512 DIFFIE_HELLMAN_GROUP16_SHA512 DIFFIE_HELLMAN_GROUP17_SHA512 DIFFIE_HELLMAN_GROUP18_SHA512 DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1 DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA256 ECDH_SHA2_NISTP256 ECDH_SHA2_NISTP384 ECDH_SHA2_NISTP521 ACCEPTED CIPHER SUITES: It lists SSL/TLS cipher suites available in the SFTP server and exposed in the DMZ Gateway. Select the cipherSuites accepted. For a list of all accepted Cipher Suites, follow this .

The rsa-sha2-256 and rsa-sha2-512 signing algorithms (also called HostKeyAlgorithms) are included in the list of supported ssh-rsa and ssh-dss algorithms. They are hard-coded, so they cannot be configured.

🚀 To change any DMZ port of an SFTP server that belongs to a peer, select the server you want to update. Next, click the pencil icon in the top-right corner of the server card. Enter the new port or ports in the appropriate fields. Finally, click the SAVE button to confirm your changes. Remember that the new port number will only affect the peer's selected server.

🛸
link
link
link
link