Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Current »

In this tutorial, you will:

  • Create an SFTP server.
  • Manually launch the server.
  • View server details.


By default, the following algorithms are enabled.

CategoryAlgorithms by order of preference, most preferred at the top
Key Exchange (KEX)
  • curve25519-sha256@libssh.org
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
  • diffie-hellman-group1-sha1 (deprecated)
  • diffie-hellman-group14-sha1 (deprecated)
Encryption (cipher)
  • aes128-gcm@openssh.com
  • chacha20-poly1305@openssh.com
  • aes128-ctr
  • aes192-ctr
  • aes256-ctr

The following ones can be enabled globally with the configuration parameter 'AllowLegacyCiphers', but still need to be enabled explicitly per server, see Tutorial - Use a Legacy Encryption Algorithm for an SFTP Partner.

  • arcfour256
  • arcfour128
  • aes128-cbc
  • 3des-cbc
  • blowfish-cbc
MAC
  • hmac-sha2-256-etm@openssh.com
  • hmac-sha2-256
  • hmac-sha1 (deprecated)
  • hmac-sha1-96 (deprecated)
Host key
  • ecdsa-sha2-nistp256
  • ecdsa-sha2-nistp384
  • ecdsa-sha2-nistp521
  • rsa-sha2-512
  • rsa-sha2-256
  • ssh-rsa
  • ssh-dss
  • ssh-ed25519

Step 1

From the UDMG Admin UI navigation pane, select Local Servers. The Servers list displays.

Step 2

Click New. The Server Details displays.

  • In the Server Name field, enter stonebranch-sftp-01
  • In the Protocol field, select SFTP
  • In the IP Address field, enter 0.0.0.0
  • In the Port field, enter 4100
  • In the Root Directory field, enter data
  • In the Receive Directory field, enter sftp-01/in
  • In the Send Directory field, enter sftp-01/out
  • In the Temp Directory field, enter sftp-01/tmp
  • In the Member of Business Service, select one of the available Business Services. More business Services can be added after the rule is created. 

Step 3

Click Save icon nd Confirm.

Step 4

Generate a host key (private SSH key) for the server, for example:

$ ssh-keygen -t rsa -b 4096 -C "stonebranch-cert-01" -m PEM -f "stonebranch-cert-01.crt" -N ""
Generating public/private rsa key pair.
Your identification has been saved in stonebranch-cert-01.crt.
Your public key has been saved in stonebranch-cert-01.crt.pub.
Step 5

Select the stonebranch-sftp-01 server from the Server list and click the Certificates/Keys tab.

Step 6

Click the Add button.

Step 7

The Certificate Details displays.

  • In the Name field, enter stonebranch-cert-01.
  • In the Private Key field, enter the content of the file stonebranch-cert-01.crt:

Step 8

Click Save and Confirm.

Step 9

The certificate record appears in the list:

Step 10

To see more details about a specific server key, click the View (eye icon) button.

The Key Details displays, showing the following:

  • algorithm
  • bits: size of the key, only for RSA
  • key type
  • the MD5 fingerprint
  • the SHA256 fingerprint
  • a clean authorized keyline, without any comment or host specificatione

If the record was just created or updated, click the Refresh button to reload the details.

Step 11

Adjust the SFTP Protocol configuration, if needed, by:

  • Restricting the allowed Key Exchange algorithms
  • Restricting the allowed Encryption (cipher) algorithms.
  • Restricting the allowed MAC algorithms.
  • Allowing file deletion.
  • Allowing file rename.
  • Enabling and configuring the host-based authentication method.

Click Save to register the changes.

Step 12

Start the server by clicking on the start (play icon) button:

Step 13

Click on the Server Status button at the bottom of the Navigation Pane to show the list of running services.

The new server stonebranch-sftp-01 is listed and should appear with a green status which means there is now a SFTP server listening on the IP and port that we configured.

Step 14

The server status can be controlled with the following action buttons:

  • Enable: local server is set to start automatically when UDMG Server starts
  • Disable: local server is not starting automatically when UDMG Server starts
  • Start: initiate the start of the local server
  • Stop: request to stop the local server
  • Restart: request to stop and start the server
Step 15

Additional details can be attached to a local server. 

  • Description
  • Primary Contact Name
  • Primary Contact Phone
  • Primary Contact Email
  • Secondary Contact Name
  • Secondary Contact Phone
  • Secondary Contact Email
  • Customized fields

Go to the Details tab on the local server pane.

Fill in the needed details.

New fields can be added with the 'plus' button at the bottom of the form. A custom field is comprised of a key and value pair.

Press the Save button inside the tab to store the details.

  • No labels