An SFTP Endpoint allows an SFTP server to act as a source or destination for data transfer. For example, if your partner has an SFTP Server, you can use the SFTP Endpoint to connect to it as a client. The SFTP Endpoint has the following attributes:
| Attribute |
Description |
| Host |
Enter either a fully qualified domain name (recommended) or an IP address and a port number.
Port number 22 is standard for implicit SFTP. |
Username
Password |
The credentials used to log in to this Endpoint. |
| Key Authentication |
When you click the link, you are prompted to select or import the key you want to use for authentication. Once a key has been selected, you can export it. |
| OpenPGP |
OpenPGP protects files being transferred through encryption and signing.
| Inbound |
| Attribute |
Description |
| Verify Signed Payloads |
Select to ensure that when a signed payload is received, the signature matches the payload that was sent.
When you select this check box, you are prompted to select the trading partner's signing PGP key. The PGP key named in this field is the same as the outbound encryption PGP key. If you change this value here, it is also changed for the outbound encryption PGP key. See Endpoint Security. |
| Accept Encrypted Payloads |
Select to accept encrypted inbound payloads.
When you select this check box, you are prompted to select your decryption PGP key. The PGP key named in this field is the same as the outbound signing PGP key. If you change this value here, it is also changed for the outbound signing PGP key. See Endpoint Security. |
|
| Outbound |
| Attribute |
Description |
| Sign |
Select this check box to sign messages sent from this Endpoint.
When you select Sign, you are prompted to select your signing PGP key. The PGP key named in this field is the same as the inbound decryption PGP key. If you change this value here, it is also changed for the inbound decryption PGP key. See Endpoint Security. |
| Encrypt |
Apply encryption to messages sent from this Endpoint.
When you select Encrypt, you are prompted to select the trading partner's encryption certificate. The PGP key named in this field is the same as the inbound signing PGP key. If you change this value here, it is also changed for the inbound signing PGP key. See Endpoint Security. |
| Compress |
Apply ZLIB compression to messages sent from this Endpoint. Choose this option for large files to conserve bandwidth and improve efficiency and security |
| Text Output (ASCII armor) |
Encase encrypted messages in ASCII for ease of sending using standard messaging formats. |
|
| Advanced |
| Attribute |
Description |
|
OpenPGP Algorithms
Hash Algorithm
|
Choose the signing method used when OpenPGP packaging (with signing) is requested from the following:
- MD2
- MD5
- RIPE-MD-160
- SHA-1
- SHA-256
- SHA-384
- SHA-512
|
| V3 Signature |
Select this check box to sign messages with Version 3 signatures. |
| Encryption Algorithm |
The remote host receiving the message must be able to decrypt the message using the algorithm you choose. Choose the algorithm you want to use to encrypt messages from the following:
- DES
- 3DES
- AES/128
- AES/192
- AES/256
- CASTS
- TWOFISH
- BLOWFISH
|
| Compression Algorithm |
Choose the algorithm you want to use to compress messages. The remote host receiving the message must be able to compress the message using the algorithm you choose.
Choose either ZIP or ZLIB. |
| Security |
| Attribute |
Description |
| Compression Algorithm |
Choose a compression algorithm from the following:
- none
- zlib
- zlib@openssh.com
|
| Key Exchange Algorithm |
Choose a key exchange algorithm from the following:
- curve25519-sha256@libssh.org
- diffie-hellman-group-exchange-sha256
- diffie-hellman-group1-sha1
- diffie-hellman-group14-sha1
- diffie-hellman-group-exchange-sha256
- ecdh-sha2-nistp256
- ecdh-sha2-nistp384
- ecdh-sha2-nistp521
|
| Cipher Algorithm |
Choose a transport cipher algorithm from the following:
- aes128-cbc
- aes128-ctr
- aes192-cbc
- aes192-ctr
- aes256-cbc
- aes256-ctr
- arcfour128
- acrfour256
- blowfish-cbc
- cast128-cbc
- 3des-cbc
- twofish128-cbc
- twofish192-cbc
- twofish256-cbc
|
| MAC Algorithm |
Choose a transport MAC algorithm from the following:
- hmac-md5
- hmac-md5-96
- hmac-sha1
- hmac-sha1-96
- hmac-sha2-256
- hmac-sha2-256-96
- hmac-sha2-512
- hmac-sha2-512-96
|
| Public Key Algorithm |
Choose a public key algorithm from the following:
- ecdsa-sha2-nistp256
- ecdsa-sha2-nistp384
- ecdsa-sha2-nistp521
- ssh-rsa
ssh-dss
|
|
| Connection |
| Attribute |
Description |
| Block Size |
The block size to be used for file transfers. Some SSH FTP servers cannot transfer files with the default Block Size. If the server is able to transfer files smaller than the default Block Size, try using a smaller Block Size of 32767.
Possible values: Any value greater than zero.
Default value: 65535 |
| Buffer Requests |
Select this check box to allow commands to be buffered to minimize the command/response delays during file transfers when the round trip time is significant. |
| Connection Timeout |
The amount of time allowed for each read operation.
Valid range is from 0 - n seconds
0 indicates no timeout. Default value is 150 seconds.
|
| Retry Transfers |
The number of retries permitted for failed outbound transfers and at what frequency to retry them.
Specify the following:
- The number of retries, where the minimum value is 0 (no retries allowed) and maximum is 5.
- A numeric value and either minutes or seconds to specify how much time should elapse between retries.
|
| Resume failed transfers when retrying |
Select this check box to retry failed transfers starting where they failed. |
| Subdomain |
If you have more than one subdomain, select the one you want to use for this Endpoint.
Note: This field appears only when you have more than one subdomain and Cleo has configured one of those subdomains to be associated with a static IP. |
|
|
|
