Page History

Introduction

This article builds on the Simple File Transfer with Basic Authentication article, concentrating on the configuration aspects introduced with use of SSH authentication.

Note:

• On our YADE - Configuration - XML Editor Usage for compatible .ini and .xml configuration files page there is a complete configuration file available for download that uses SSH public/private key authentication. This configuration is a working example that comes with the necessary private key authentication file and will download files from the online SOS Demo server to a local file system.
• The

...

• transfer configuration is described here uses the XML-based configuration introduced with Release 1.11 of YADE. A similar example using the Settings parameters configuration that was implemented for releases before 1.11 can be found our YADE Tutorials along with a configuration download file.

Features of SSH Authenticated File Transfer

Advantages

SSH authentication is implemented with the SFTP protocol and together provides a significantly higher level of security than basic - i.e. password - authentication using the FTP protocol.

Authentication Features

The main features of SSH authenticated file transfer in YADE are:

• SSH authentication can be carried out only authentication with SSH - e.g. authentication with an account name and either a password or a public key - can be carried out.

...

• /private key verification.
• As mentioned above, SSH authentication requires that SFTP protocol is used. 
• SSH authentication is required when a jump host transfer is carried out.

As with all file transfer protocols, any number of SFTP file transfer configurations in the form of ProtocolFragments can be pre-configured preconfigured and selected as required.

Operations around SFTP file transfer

JADE can carry out the following operations in conjunction with SFTP file transfer:

• pre- and post-processing operations, both for the source part of the transfer (i.e. pickup) and the target part (i.e. put down)
• file renaming
• zlib file compression

The configuration of these operations is described in detail on this page.

Additional transfer features

JADE can also carry out:

• strict host key checking:

  Status
  colour Yellow title Link

If public/private key verification is used, the SSH password parameter can be used to provide additional protection for the authentication file.

File Transfer Protocol

SSH Authentication requires that the SFTP protocol is used for the transfer operation.

Configuration of SSH Authenticated File Transfer 

The configuration of a file transfer with SSH authentication follows the steps already described described in the Simple File Transfer with Basic Authentication article.

There are, however, two differences to the Simple File Transfer with Basic Authentication example:

• the use of an SSHAuthentication element instead of a BasicAuthentication element
  
•  SFTP protocol is used instead of FTP as FTP cannot support SSH authentication

Both examples are otherwise kept as simple as possible for clarity. More complex file transfer scenarios will be described later.

Specification of SFTP File Transfer Elements

The key element in the JADE XML schema for the specification of a file transfer by FTP is the SFTPFragmentRef element. This element is part of the Profiles branch of the schema and a direct descendant of operation source or target elements such as CopySource or MoveTarget. The SFTPFragmentRef element can be specified for the source and/or target parts of the operation.

The SFTPFragmentRef element itself contains a reference to the SFTPFragment to be used for this part of the transfer. SFTPFragment elements are specified in the Fragments branch of the schema and may not be specific to the current transfer operation.
Note that the SFTPFragment reference, which is specified as a name attribute of the SFTPFragmentRef element, is not shown in the XSD schema hierarchy diagram below.

In addition, as shown in the first diagram below, the SFTPFragmentRef element has four child elements that are optional but define aspects of the operation that are SFTP-specific: SFTPPreProcessing, SFTPPostProcessing Rename and ZlibCompression. These elements are described in detail as part of the SFTPFragmentRef below.

The SFTPFragmentRef Element

use of SSH authentication requires that the SFTP protocol (or a jump host) is specified. This done by specifying a Profile element that calls a suitably configured SFTPFragment. This Profile will then be called when YADE is started. The SFTPFragment will contain at least the specification of a BasicConnection element and the SSHAuthentication element.

• Profile
  • Operation
    • Copy
      • CopySource
        • CopySourceFragmentRef
          • Ref -> SFTPFragment (Ref=Name)

• Fragments
  • ProtocolFragments
    • SFTPFragment (identified by name Attribute)
      • BasicConnection
      • SSHAuthentication

More information about the specification of SFTPFragments can be found in:

• the SFTPFragment Parameter Reference article.

Specification of SSH Authentication

Use of the SSHAuthentication element requires specification of:

• an Account (i.e. a user name, required)
• either an AuthenticationMethodPassword element, which in turn requires a Password to be specified
  or an AuthenticationMethodPublickey element which requires that an AuthenticationFile and optional Passphrase are specified

More information about the specification of SSHAuthentication can be found in:

• the SSHAuthentication Parameter Reference article
• the Authentication User Manual article.

Further Information

• Configuring and Running File Transfers
• The XML Editor
• Parameter Reference

  Excerpt IncludeJADE Parameter Reference - SFTPFragmentRefJADE Parameter Reference - SFTPFragmentRefnopaneltrue