Versions Compared

Old Version 5

changes.mady.by.user Stonebranch

Saved on

compared with

New Version Current

changes.mady.by.user Stonebranch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Step 1

From the UDMG Admin UI navigation pane, select Remote Partners. The Remote Partner list displays.

Step 2

Click Add icon (). The Remote Partner Details displays.

Fill in the details for the sample server from Tutorial - Creating and Manually Starting an SFTP Server.

  • In the Partner Name field, enter stonebranch-sftp-01-client.

  • In the Protocol field, select SFTP.

  • In the IP Address field, enter 0.0.0.0.

  • In the Port field, enter 4100.

  • In the Member of Business Service, select one of the available Business Services. More business Services can be added after the rule is created. 


Step 3

Click the Accounts tab on the Remote Partner detail panel. Add a new account.

  • In the Name field, enter stonebranch-01-client-user.

  • Leave the Password field, empty.

  • Click Submit button. 

Step 4

Click the Certificates/Keys tab on the Remote Partner detail panel. 

The server public key can be retrieved with ssh-keyscan tool:

Panel

$ ssh-keyscan -t rsa -p 4100 0.0.0.0
# 0.0.0.0:4010 SSH-2.0-Go
[0.0.0.0]:4010 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCnH0...

Click the Add icon ().

  • In the Name field, enter ssh-rsa.

  • In the Public key field, paste the value of the server public key.

  • Click the Submit button.

The public key can also be fetched and stored automatically with the Fetch host key button:

Step 5

Add a new certificate record for the client host key, this is needed for the Host-Based Authentication.

Generate a private SSH key, for example:

Panel

$ ssh-keygen -t rsa -b 4096 -C "stonebranch-cert-client-01" -m PEM -f "stonebranch-client-01.crt" -N ""

Note that the generated public key (stonebranch-client-01.crt.pub) is needed for the setup on the server side.


Click the Add icon ().

  • In the Name field, enter ssh-rsa-hostbased-private

  • In the Private key field, paste the value of the private key from stonebranch-client-01.crt

  • Click the Submit button.


Click Save icon ().

  • The list shows both the public host key (with the globe icon) and the private key (with the key icon).

Step 6

In the Configuration tab of the Remote Partner Details, switch on the Host-based authentication toggle.

The Private Key Certificate field and Authorized Accounts button appear.

Step 7

  • In the Private Key Certificate field, input the name of the certificate record with the client private key: ssh-rsa-hostbased-private.

  • In the Authorized Accounts field, choose the remote account from the list:stonebranch-01-client-user.

For selected account(s), the connection will be attempted with the host-based authentication method.

Step 8

Click Save icon ().

Step 9Be sure to have completed the local SFTP server configuration with the public key that was generated above. See Tutorial - Using Host-Based Authentication for an SFTP Server.

Step 10

Configure the rules at partner and/or account level.

For example, stonebranch-sftp-01_partner_send

Go the Rules Service via the UDMG Admin UI navigation pane. 

Create the rule:

Please note that because the remote partner is set in this tutorial to be a local UDMG SFTP server, the Remote Directory is set to the virtual path (sft-01-in) of a receiving rule for the local server:

Authorize the sending rule in the Rules tab of the Remote Partner Details.

Step 11

Initiate a file transfer to upload a file.

Use the Command Line Interface to register the transfer:

Panel

$ udmg-client transfer add -p stonebranch-sftp-01-client -l stonebranch-01-client-user -w send -r stonebranch-sftp-01_partner_send -f test-hb.txt


Step 12

Follow the transfer request from the Activity Transfer and History dashboards.

There are 2 records in this case, because UDMG is used both as the client and the server in the transaction:

  • Sending the file to the Partner, identified by the rule stonebranch-sftp-01_partner_send and the flag isSend.

  • Receiving the file on the Server, identified by the rule stonebranch-sftp-01_receive and the flag isServer.

...