Tutorial - Creating an SFTP Partner
In this tutorial, you will:
- Create a remote partner for SFTP.
- Configure the partner host key.
- View partner detail.
- Specify account and rule for downloading files.
For this tutorial, the remote server is a public read-only SFTP server that is provided for general testing.
See the details here: https://test.rebex.net
Step 1 | From the UDMG navigation pane, select Management > Partners. The Partners list displays. |
---|---|
Step 2 | Click New. The Server Details displays.
|
Step 3 | Click Save and Confirm. |
Step 4 | Click the Accounts tab on the Partner detail panel. The list of account records displays and is empty. |
Step 5 | Click the Add Account button. The Account Details displays
|
Step 6 | Click the Save button. The account is created and shows in the account list. |
Step 4 | Retrieve the host key (public SSH key) for the remote server, for example here is how to get the RSA key with the $ ssh-keyscan -t rsa test.rebex.net > rebex.ssh-rsa # test.rebex.net:22 SSH-2.0-RebexSSH_5.0.8062.0 $ cat rebex.ssh-rsa test.rebex.net ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAkRM6RxDdi3uAGogR3nsQMpmt43X4WnwgMzs8VkwUCqikewxqk4U7EyUSOUeT3CoUNOtywrkNbH83e6/yQgzc3M8i/eDzYtXaNGcKyLfy3Ci6XOwiLLOx1z2AGvvTXln1RXtve+Tn1RTr1BhXVh2cUYbiuVtTWqbEgErT20n4GWD4wv7FhkDbLXNi8DX07F9v7+jH67i0kyGm+E3rE+SaCMRo3zXE6VO+ijcm9HdVxfltQwOYLfuPXM2t5aUSfa96KJcA0I4RCMzA/8Dl9hXGfbWdbD2hK1ZQ1pLvvpNPPyKKjPZcMpOznprbg+jIlsZMWIHt7mq2OJXSdruhRrGzZw== |
Step 5 | Click the Configuration tab on the Partner detail panel. The list of certificate record displays and is empty. |
Step 6 | Click the Add Certificate button. The Certificate Details displays.
|
Step 7 | Click Save |
Step 8 | The certificate record appears in the list. |
Step 9 | To download from the pub/example directory, a Receive rule is needed to specify the remote directory. From the UDMG navigation pane, select Management > Rules. The Rules list displays. |
Step 10 | Click New. The Rule Details displays.
|
Step 11 | Click the Save button. |
Step 12 | The rule is created and appears on the Rules list |
Step 13 | From the UDMG navigation pane, select Management > Partners. The Partner list displays. Select the rebex partner and click on the Rules tab. The green dot on the tab shows that a rule is now assigned to this server. By default, a rule is implicitly assigned to all partners unless there is an explicit whitelist assignment. This is shown by the globe icon and means the same rule is also assigned to any other partners, for example to 'wftpserver' here: |
Step 14 | To restrict the use of this rule and this virtual path to only the rebex partner, you have to assign the rule to that partner. Select the rebex partner and click on the Rules tab |
Step 15 | Pick the rule rebex_receive_example from the drop-down list and click on Authorize Rule button |
Step 16 | The rule is now whitelisted for this server and does not appear anymore for the other servers: |
Step 17 | Initiate a file transfer to download the file pocketftp.png Use the Command Line Interface to register the transfer: $ waarp-gateway transfer add -p rebex -l demo -w receive -r rebex_receive_example -f pocketftp.png The transfer of file pocketftp.png was successfully added. |
Step 18 | From the UDMG navigation pane, select Activity> History. The Transfer History list displays. The download is completed successfully and the file is received in the default input directory 'in' under the MFT server home directory, configured here as '/atest/work' |