Tutorial - Creating a Transfer Rule for an SFTP Server

Owned by
Olivier Michaut
Jun 30, 2022
3 min read

In this tutorial, you will:

  • Create a rule for a local SFTP server.
  • View the rule in effect during a file transfer.


Step 1

From the UDMG navigation pane, select Management > Rules. The Rules list displays.

Step 2

Click New. The Rule Details displays.

  • In the Rule Name field, enter stonebranch-sftp-01_receive.
  • In the Direction field, select Receive.
  • In the Description field, enter any value, for example "Receive rule for sftp-01".
  • In the Path Directory field, enter sftp-01-in, this is the virtual path that is shown to the SFTP clients.
  • In the Local Directory field, enter ./data/sftp-01/in.
  • In the Remote Directory field, leave it empty.
  • In the Temp Directory field, enter ./data/sftp-01/tmp.

Step 3

Click the Save button.

Step 4

The rule is created and appears on the Rules list:

Step 5

The virtual path is now presented to the SFTP client.

Connect to the SFTP server with the user that was created on the previous tutorial:

$ sftp -P 4000 stonebranch-01@0.0.0.0
stonebranch-01@0.0.0.0's password:
Connected to 0.0.0.0.
sftp> ls -hl
drwxrwxrwx    0 65534    65534          0B Jun 20 15:09 sftp-01-in
Step 6

From the UDMG navigation pane, select Management > Servers. The Server list displays.

Select the stonebranch-sftp-01 server and click on the Rules tab. The green dot on the tab shows that a rule is now assigned to this server.

By default, a rule is implicitly assigned to all servers unless there is an explicit whitelist assignment.

This is indicated with the globe icon and means that the same rule is also assigned to any other servers, for example to server1 here:

Step 7

To restrict the use of this rule and this virtual path to only the server stonebranch-sftp-01, you have to assign the rule to that server.

Select the stonebranch-sftp-01 server and click on the Rules tab.

Step 8

Pick the rule stonebranch-sftp-01_receive from the drop-down list and click on Authorize Rule button.

Step 9

The rule is now whitelisted for this server and marked with a card icon:

The rule does not appear anymore for the other servers:

Step 10

Upload a file on the SFTP server on the virtual path location:

$ date > date.txt
$ sftp -P 4000 stonebranch-01@0.0.0.0
stonebranch-01@0.0.0.0's password:
Connected to 0.0.0.0.
sftp> put date.txt  sftp-01-in/date.txt
Uploading date.txt to /sftp-01-in/date.txt             date.txt              100%   29    54.3KB/s   00:00
Step 11

From the UDMG navigation pane, select Activity> History. The History list displays:

Step 12

Check the file is received on the directory that is set by the rule: /atests/work/data/data/sftp-01/in/date.txt.

Where each part of the path is determined by:

ParameterPath
MFT server Home directory (configuration file)/atests/work
server Root directorydata
rule Receive Directorydata/sftp-01/in