Establishing an SFTP Connection
An FTP client connected to the SFTP proxy server can instruct the server to establish an SFTP connection by sending it a SITE connect request. The syntax for the SITE connect request is as follows:
- SITE CONNECT [parametername=value,]...
where parametername is a parameter recognized by the SFTP proxy server, and value is the value you want to send for the specified parameter. For a list of available parameters, see the following table.
Parameter Name |
Value |
|---|---|
PROFILE |
Specify the tunnel profile (.CSP) you want to use to establish the tunnel connection. You can type the fully qualified path to the profile, or, if the profile is located in the default location, you can type: $PROFILEDIR$\profilename.csp |
USER |
Specify the user name for the host to which the tunnel will connect. |
PASSWORD |
Specify the password to be used if password authentication is requested. See the AUTHMETHOD parameter. |
HOST |
Specify the IP address or name of the target host. It is to this host that Connectivity Secure Shell will establish a tunnel connection. |
PORT |
Specify the host port to be used for the Secure Shell tunnel connection. |
USERKEY |
Specify the key fingerprint to be used if user-key authentication is requested. |
AUTHMETHODS |
Specify which authentication method(s) to use. The string will consist of space-separated numbers, each of which represents an authentication method. 0—Password protection 1—User Key 3—Keyboard Interactive 4—Kerberos authentication |
USEHMS2MIT |
Specify a value of 1 to populate the Kerberos ticket store with tickets from the Microsoft ticket store. Used for Kerberos authentication only. |
KERBCLIENT |
Specify a value of 0 to instruct Connectivity Secure Shell to use the Hummingbird Kerberos client. Specify a value of 1 to use the MIT Kerberos client. Used for Kerberos authentication only. |
KERBSERVICE |
Specify a string containing the Kerberos service name to be used for Kerberos authentication. Used for Kerberos authentication only. |
AGENTFORWARD |
Specify a value of 1 to enable agent forwarding. |
KERBDELEGATE |
Specify a value of 1 to enable the delegation of Kerberos credentials when Kerberos authentication is used. Used for Kerberos authentication only. |
REMOTECLIENT |
Specify a value of 1 to indicate that the FTP client does not reside on the same machine as the SFTP proxy server. If this is the case, see Instructing the Remote SFTP Proxy Server to Establish an SFTP Connection. |
SERVERKEYACTION |
Specify the action you wish the SFTP proxy server to take when a new or changed server key is returned during tunnel authentication. Set this value as follows to specify the action: 0—Prompt (The SFTP Proxy server will prompt the user for the necessary action.) Note: If this parameter is used in conjunction with REMOTECLIENT, then the prompt is delivered to the client on an FTP 300 level reply. The action should be reported back to the SFTP Proxy server using the SITE AUTHREPLY extension. 1—Add Server Key to keystore and connect 2—Do not add Server Key to keystore and connect 3—Do not add Server Key to keystore and cancel connection |