Versions Compared

Old Version 2

changes.mady.by.user Stonebranch

Saved on

compared with

New Version 3

changes.mady.by.user Stonebranch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Step 1

From the UDMG navigation pane, select Management > Partners> Remote Partners. The Remote Partner list displays.

Step 2

Click New. The Remote Partner Details displays.

Fill in the details for the sample server from Tutorial - Creating and Manually Starting an SFTP Server

  • In the Partner Name field, enter stonebranch-sftp-01-client

  • In the Protocol field, select SFTP

  • In the IP Address field, enter 0.0.0.0

  • In the Port field, enter 4100

  • In the Member of Business Service, select one of the available Business Services. More business Services can be added after the rule is created. 


Step 3

Click the Accounts tab on the Remote Partner detail panel. Add a new account.

  • In the Name field, enter stonebranch-01-client-user.

  • Leave the Password field, empty.

Step 4

Click the Certificate tab on the Partner detail panel and add the public host key of the server.

The server public key can be retrieved with ssh-keyscan tool:

Panel

$ ssh-keyscan -t rsa -p 4100 0.0.0.0
# 0.0.0.0:4010 SSH-2.0-Go
[0.0.0.0]:4010 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCnH0...

Click the Add Certificate button.

  • In the Name field, enter ssh-rsa

  • In the Public key field, paste the value of the server public key

The public key can also be fetched and stored automatically with the Fetch host key button:

Step 5

Add a new certificate record for the client host key, this is needed for the Host-Based Authentication.

Generate a private SSH key, for example:

Panel

$ ssh-keygen -t rsa -b 4096 -C "stonebranch-cert-client-01" -m PEM -f "stonebranch-client-01.crt" -N ""

Note that the generated public key (stonebranch-client-01.crt.pub) is needed for the setup on the server side.


Click the Add Certificate button.

  • In the Name field, enter ssh-rsa-hostbased-private

  • In the Private key field, paste the value of the private key from stonebranch-client-01.crt

  • Click Save

  • The list shows both the public host key (with the globe icon) and the private key (with the key icon).

Step 6

In the Configuration section of the Remote Partner details, switch on the Host-based authentication toggle.

The Private Key Certificate field and Authorized Accounts button appear.

Step 7

  • In the Private Key Certificate field, input the name of the certificate record with the client private key: ssh-rsa-hostbased-private

  • In the Authorized Accounts field, choose the remote account from the list: stonebranch-01-client-user

For selected account(s), the connection will be attempted with the host-based authentication method.

Step 8

Click Save and Confirm.

Step 9Be sure to have completed the local SFTP server configuration with the public key that was generated above. See Tutorial - Using Host-Based Authentication for an SFTP Server.

Step 10

Configure the rules at partner and/or account level.

For example, stonebranch-sftp-01_partner_send

Create the rule:

Please note that because the remote partner is set in this tutorial to be a local UDMG SFTP server, the Remote Directory is set to the virtual path (sft-01-in) of a receiving rule for the local server:

Authorize the sending rule in the Rules tab of the Remote Partner details.

Step 11

Initiate a file transfer to upload a file.

Use the Command Line Interface to register the transfer:

Panel

$ udmg-client transfer add -p stonebranch-sftp-01-client -l stonebranch-01-client-user -w send -r stonebranch-sftp-01_partner_send -f test-hb.txt


Step 12

Follow the transfer request from the Activity Transfer and History dashboards.

There are 2 records in this case, because UDMG is used both as the client and the server in the transaction:

  • Sending the file to the Partner, identified by the rule stonebranch-sftp-01_partner_send and the flag isSend

  • Receiving the file on the Server, identified by the rule stonebranch-sftp-01_receive and the flag isServer

...