< Back to Top

SFTP Endpoint

An SFTP Endpoint allows an SFTP server to act as a source or destination for data transfer. For example, if your partner has an SFTP Server, you can use the SFTP Endpoint to connect to it as a client.  The SFTP Endpoint has the following attributes:

Attribute Description
Connect Specify how to connect this Endpoint to other entities.

Directly Connect to external Trading Partners via CIC Cloud.
via Access Point Use an Access Point to connect to internal SFTP servers when inbound ports cannot be opened. If you select this option, you must also select an Access Point. See Managing Access Points for more information.
Host & Port Enter either a fully qualified domain name (recommended) or an IP address and a port number.
Port number 22 is standard for implicit SFTP.
Verify Server Host Key Select this check box to retrieve and store the server certificate fingerprint from the specified Host and use it to verify the Host during SFTP transfers.
Server Host Key Fingerprint

This field is enabled when you select the Verify Server Host Key check box. It displays the server SSH key fingerprint retrieved from the Host.

Use the Refresh button to check the Host for a new fingerprint.

Username
Password 		The credentials used to log in to this Endpoint.
Key Authentication When you click the link, you are prompted to select or import the key you want to use for authentication. Once a key has been selected, you can export it.
OpenPGP OpenPGP protects files being transferred through encryption and signing. 
Inbound
Attribute Description
Verify Signed Payloads Select to ensure that when a signed payload is received, the signature matches the payload that was sent.
When you select this check box, you are prompted to select the trading partner's signing PGP key. The PGP key named in this field is the same as the outbound encryption PGP key. If you change this value here, it is also changed for the outbound encryption PGP key. See Endpoint Security.
Accept Encrypted Payloads Select to accept encrypted inbound payloads.
When you select this check box, you are prompted to select your decryption PGP key. The PGP key named in this field is the same as the outbound signing PGP key. If you change this value here, it is also changed for the outbound signing PGP key. See Endpoint Security.
Outbound
Attribute Description
Sign Select this check box to sign messages sent from this Endpoint.
When you select Sign, you are prompted to select your signing PGP key. The PGP key named in this field is the same as the inbound decryption PGP key. If you change this value here, it is also changed for the inbound decryption PGP key. See Endpoint Security.
Encrypt Apply encryption to messages sent from this Endpoint.
When you select Encrypt, you are prompted to select the trading partner's encryption certificate. The PGP key named in this field is the same as the inbound signing PGP key. If you change this value here, it is also changed for the inbound signing PGP key. See Endpoint Security.
Compress Apply ZLIB compression to messages sent from this Endpoint. Choose this option for large files to conserve bandwidth and improve efficiency and security
Text Output (ASCII armor) Encase encrypted messages in ASCII for ease of sending using standard messaging formats.
Advanced
Attribute Description

OpenPGP Algorithms

Hash Algorithm

 Choose the signing method used when OpenPGP packaging (with signing) is requested from the following:
  • MD2
  • MD5
  • RIPE-MD-160
  • SHA-1
  • SHA-256
  • SHA-384
  • SHA-512
V3 Signature Select this check box to sign messages with Version 3 signatures.
Encryption Algorithm The remote host receiving the message must be able to decrypt the message using the algorithm you choose. Choose the algorithm you want to use to encrypt messages from the following:
  1. DES
  2. 3DES
  3. AES/128
  4. AES/192
  5. AES/256
  6. CASTS
  7. TWOFISH
  8. BLOWFISH
Compression Algorithm Choose the algorithm you want to use to compress messages. The remote host receiving the message must be able to compress the message using the algorithm you choose.
Choose either ZIP or ZLIB.
Security
Attribute Description
Compression Algorithm

Choose a compression algorithm from the following:

  • none
  • zlib
  • zlib@openssh.com
Key Exchange Algorithm

Choose a key exchange algorithm from the following:

  • curve25519-sha256@libssh.org
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group-exchange-sha256
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
Cipher Algorithm Choose a transport cipher algorithm from the following:
  • aes128-cbc
  • aes128-ctr
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr
  • arcfour128
  • acrfour256
  • blowfish-cbc
  • cast128-cbc
  • 3des-cbc
  • twofish128-cbc
  • twofish192-cbc
  • twofish256-cbc
MAC Algorithm Choose a transport MAC algorithm from the following:
  • hmac-md5
  • hmac-md5-96
  • hmac-sha1
  • hmac-sha1-96
  • hmac-sha2-256
  • hmac-sha2-256-96
  • hmac-sha2-512
  • hmac-sha2-512-96
Public Key Algorithm

Choose a public key algorithm from the following:

  • ecdsa-sha2-nistp256
  • ecdsa-sha2-nistp384
  • ecdsa-sha2-nistp521
  • ssh-rsa
    ssh-dss
Connection and Transfer
Attribute Description
Block Size The block size to be used for file transfers. Some SSH FTP servers cannot transfer files with the default Block Size. If the server is able to transfer files smaller than the default Block Size, try using a smaller Block Size of 32767.
Possible values: Any value greater than zero.
Default value: 65535
Buffer Requests Select this check box to allow commands to be buffered to minimize the command/response delays during file transfers when the round trip time is significant.
Large File Transfer Select this check box to improve performance when transferring larger files.
Connection Timeout

The amount of time allowed for each read operation. 
Valid range is from 0 - n seconds

0 indicates no timeout. Default value is 150 seconds.
Retrieve Directory Sort

Specify the sorting order for files being transferred and processed. Choose from the following:

  • None  (Default value)
  • Alphabetical (ascending)
  • Alphabetical (descending)
  • Date/Time Modified (ascending)
  • Date/Time Modified (descending)
  • Size (ascending)
  • Size (descending)
Automatic Retries

The number of retries that should be made during an attempt. An attempt consists of the number of transfer retries you specify. For example, if you specify 5 retries and 30 seconds, an attempt would consist of 5 retries occurring in the span of 30 seconds.

This setting applies to both sends and receives. 

The minimum number of retries is 0 and the maximum is 5.

The time between retries can range from 0 to 120 seconds.

See Retrying Failed File Transfer Attempts.
Extended Outbound Retries

The period of time during which outbound retries are attempted after a failed send attempt and subsequent failed automatic retry. Retries will not be attempted after the end of the period specified.

This period starts when the first retry is attempted and ends after the value you specify elapses.

Minimum value is 15 minutes.

Maximum value is 3 days.

See Retrying Failed File Transfer Attempts.
Concurrent Outbound Transfers Specify the maximum number of connections that can be transferring to this Endpoint at the same time.

Minimum value is 1 and maximum is 10.
Ignore Stat Error Select this check box to ignore errors generated when attempting to transfer files whose names contain wildcard characters or regular expressions. 
Resume failed transfers when retrying Select this check box to retry failed transfers starting where they failed.
Subdomain If you have more than one subdomain, select the one you want to use for this Endpoint.
Note: This field appears only when you have more than one subdomain and Cleo has configured one of those subdomains to be associated with a static IP.
Pre Get Command

Pre Put Command

Specify commands to be executed before a GET or PUT command. For the PUT, it avoids connecting and logging into the server when there are no files to send.

If multiple FTP commands are needed prior to the GET or PUT, set this property to all of the commands separated by semicolons (;). If a specific FTP command needs to contain a semicolon, enclose that specific FTP command in quotes ("). Use of macro variables is supported. See Using Macro Variables in CIC for a list of the applicable macros.
Post Get Command

Post Put Command

Specify commands to be executed only after a successful GET or PUT. When using this property, use a SET command before the GET or PUT command rather than the Advanced tab.

The Post Put Command can be set to QUIT, which allows a disconnect and reconnect between file uploads when necessary.

If multiple FTP commands are needed after the GET or PUT, set this property to all of the commands separated by semicolons (;). If a specific FTP command needs to contain a semicolon, enclose that specific FTP command in quotes ("). Use of macro variables is supported. See Using Macro Variables in CIC for a list of the applicable macros.
Events

CIC allows you to send notification email to one or more recipients upon successful Send to or Receive from this Endpoint.  Use the Upon successful Send to this Endpoint... and Upon successful Receive from this Endpoint... fields to specify the recipients.

Recipients can be CIC users or external recipients. CIC users receive more detailed emails and benefit from a type-ahead dropdown when entering names, while external recipients get a simpler email and require full email addresses to be entered manually.

For all recipients, the notification email includes a link where the recipient can opt out of notifications from this Endpoint or all Endpoints. If a recipient opts out of these notifications, their email address no longer appears in the list of recipients you specified.

SFTP Endpoint Commands

The following commands are available for SFTP Endpoints.

CD

Changes the current working directory on the host.

CD "directory"
directory The new working directory.

CHGRP

Changes the group ID of the file or directory on the host.

QUOTE CHGRP group "path"
group The numeric group id for the new group.
path The path to the remote file/directory. If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").

CHMOD

Changes the access permissions or modes of the file or directory on the host.

QUOTE CHMOD permissions "path"
permissions

The absolute mode of the file/directory. Absolute modes are octal numbers specifying the complete list of attributes for the files; you specify attributes by OR'ing together these bits.

  • 0400 - Individual read
  • 0200 - Individual write
  • 0100 - Individual execute (or list directory)
  • 0040 - Group read
  • 0020 - Group write
  • 0010 - Group execute
  • 0004 - Other read
  • 0002 - Other write
  • 0001 - Other execute
path The path to the remote file/directory. If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").

CHOWN

Changes the user ID of the file or directory on the host.

QUOTE CHOWN owner "path"
owner The numeric user id for the new owner.
path The path to the remote file/directory. If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").

CLEAR

Clear a property string value. The cleared value only affects the commands that follow the CLEAR.

CLEAR property
property Property name with no embedded spaces.

DIR

Get a directory listing of available files from the host.

DIR "source"
source Remote source directory path. If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").

GET

Receive one or more files from the host

GET -REC –DEL "source" "destination"
-REC

Recursively retrieve nested subdirectories.

If used in conjunction with –DEL, the retrieved files, but not subdirectories, are deleted on the server.

Optional.
-DEL

If the GET is successful, delete the remote file.

Optional.
source

Remote source path. You can specify a path (folder/) or a path+filter (folder/*.txt)

If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").
destination

CIC destination path.

  • Path can be to a filename or to a directory.
  • You can use macro variables.
  • See Using Macro Variables in CIC (Source context) for a list of the applicable macros.
  • If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").

PUT

Send one or more files to the host.

 PUT -APE "source" "destination"
-APE Append copied file to an existing destination file.
source

CIC source path

  • Path can be to a filename or to a directory
  • You can use * and ?, or a regular expression when you specify a filename.
  • See Using Wildcards and Regular Expressions in CIC for additional information.
  • You can use macro variables. See Using Macro Variables in CIC (Destination context) fora list of the applicable macros.
  • If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").
destination

Remote destination path.

  • You can use macro variables. See Using Macro Variables in CIC (Destination context) for a list of the applicable macros.
  • If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").

MKDIR

Creates a new directory on the host.

QUOTE MKDIR "directory"
directory The name of the new directory. If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").

MKDIRS

Creates new directories on the host.

QUOTE MKDIRS "path"
path The path of directories to create. Subdirectories are created using the / delimiter. If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").  

PWD

Returns the name of the current working directory on the host.

QUOTE PWD

RENAME

Renames a file or directory on the host.

QUOTE RENAME "source" "destination"
source The source file/directory to rename. If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").  
destination The destination file/directory name. If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").  

RM

Removes a file on the host.

QUOTE RM "path"
path The path of the file to remove. If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").  

RMDIR

Removes a directory on the host.

QUOTE RMDIR "path"
path The path of the directory to remove. If the path contains a macro variable, space, dash (-), comma (,), or equal sign (=), it must be enclosed with double quotes ("...").   

SET

Change a property value. The new value only affects the commands that follow the SET.

SET property=value
property = value Property and new value
  • The property name must have no embedded spaces.
  • The value specified remains in effect until it is set again or until the end of the Data Flow.  
  • To reset the property back to default value, specify 
    SET property

    or

    SET property=

Valid properties for the SET command are as follows:

PostGetCommand
PostPutCommand		 Valid only for FTP and SFTP Endpoints. 
Use these properties to specify commands to be executed only after a successful GET or PUT, respectively. 
If multiple commands are needed after the GET or PUT, set this property to all of the commands separated by semicolons (;).  If a specific FTP command needs to contain a semicolon, enclose that specific FTP command in quotes (").  The use of macro variables is supported.  See Using Macro Variables in CIC (Post/Pre Command context) for a list of the applicable macros. 
PreGetCommand
PrePutCommand		 Valid only for FTP and SFTP Endpoints. 
Use these properties to specify commands to be executed before a GET or PUT, respectively.  This has the benefit of keeping the log results relative to just GETs and PUTs. In addition, for the PUT, it avoids connecting and logging into the server when there are no files to send.  
If multiple FTP commands are needed prior to the GET or PUT, set this property to all of the commands separated by semicolons (;).  If a specific command needs to contain a semicolon, enclose that specific command in quotes (").  The use of macro variables is supported. See Using Macro Variables in CIC (Post/Pre Command context) for a list of the applicable macros. 
PrePutCommandForFirstFileOnly Valid only for FTP and SFTP Endpoints.
Use this property to specify commands to execute before a PUT only before the first file transfer. 
RetrieveDirectorySort Valid only for FTP and SFTP Endpoints.
Use this property to control the order in which files are downloaded from the server. Possible values include:
  • Alphabetical (ascending)
  • Alphabetical (descending)
  • Date/Time Modified (ascending)
  • Date/Time Modified (descending)
  • Size (ascending)
  • Size (descending)
TerminateOnFail

Valid for all Endpoints configured as source in a Data Flow.
Use this property to control command processing when errors occur.
Possible values:

  • True - Command processing stops when an error occurs.
  • False - Command processing continues even when an error occurs.

Default value is True.

GetNumberOfFilesLimit

Valid only if the Endpoint is connected to an Access Point. See Connect above.

Specify the maximum number of files pulled during a GET operation.

A value of 0 means there is no limit.

WAIT

Pause execution.

WAIT seconds
seconds Number of seconds to pause.

 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.