Versions Compared

Old Version 35

changes.mady.by.user Carsten Maass

Saved on

compared with

New Version 36

changes.mady.by.user Laurent Gougeon

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

NameDefaultType/UnitComment
sftp.usetmp"true"booleanForce using a temporary name when transmitting a file to the remote SFTP server. Once the transmission has completed successfully, the file is renamed with its final target name. The temporary file name is by default the file name with the ".tmp" suffix concatenated to it, however this behaviour can be customised with the "mksuffix", "prefix" and "suffix" options.
sftp.mkdirs"true"booleanAllow creating the directory named by the target pathname, including any necessary but non-existent parent directories.
sftp.prefix-stringWhen using the "usetmp" option, this option allow setting the prefix to use for the temporary file name (e.g. ".").
sftp.suffix-stringWhen using the "usetmp" option, this option allow setting the suffix to use for the temporary file name (e.g. ".tmp").
sftp.chmod-integerIf set, the file mode will be changed according to the value of this option once it has uploaded a file successfully (e.g. "640").
sftp.ignoreCheck"false"booleanIf set, the remote size of the file is not checked after an upload has been completed. If not set, the remote size of the uploaded file is checked and compared against the size of the source file.
sftp.execCode"0"integerAllow specifying the expected exit code of the command (or list of commands) started with the "execCmd" option. If the exit code is different from the one specified in this parameter then the transmission is tagged as failed.
sftp.execCmd-stringAllow specifying a command (or list of commands) to execute on the SSH server once a file has been transmitted (multiple commands can be specified using the semi columns separator). The parameter "$filename" can be introduced in the commands and it gives the name of the file transmitted (source or target depending if the transmission was a upload or a download).
sftp.kex-stringAllow specifying the key exchange algorithms to allow (e.g. "ecdh-sha2-nistp256,ecdh-sha2-nistp384"). The list of valid algorithms can be found at http://www.jcraft.com/jsch/README (multiple algorithms can be specified using the columns separator). By default all supported algorithms are allowed.
sftp.serverHostKey-stringAllow specifying the host key type to allow (e.g. "ssh-dss,ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"). The list of valid key types can be found at http://www.jcraft.com/jsch/README (multiple algorithms can be specified using the columns separator). By default all supported key types are allowed.
sftp.cipher-stringAllow specifying the cipher algorithms to allow (e.g. "aes128-cbc,3des-cbc,blowfish-cbc"). The list of valid algorithms can be found at http://www.jcraft.com/jsch/README (multiple algorithms can be specified using the columns separator). By default all supported algorithms are allowed.
sftp.mac-string

Allow specifying the Message Authentication Code (MAC) algorithms to allow (e.g. "hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96"). The list of valid algorithms can be found at http://www.jcraft.com/jsch/README (multiple algorithms can be specified using the columns separator). By default all supported algorithms are allowed.

sftp.compression-stringAllow specifying the compression algorithms to allow (e.g. "zlib,none"). The list of valid algorithms can be found at http://www.jcraft.com/jsch/README (multiple algorithms can be specified using the columns separator). By default all supported algorithms are allowed.
sftp.fingerPrint-stringAllow specifying a key's fingerprint. It is a lower-case hexadecimal representation of the MD5 of a key (e.g. "22:fb:ee:fe:18:cd:aa:9a:9c:78:89:9f:b4:78:75:b4"). If a key's fingerprint is defined then it is compared against the key's fingerprint of the remote SFTP server when connecting. If it does not match then the connection is rejected.
sftp.preferredAuthentications-stringAllow specifying the list of supported authentication methods (e.g. password,publickey,keyboard-interactive).
sftp.passPhrase-stringThe passphrase necessary to access the private key when the "privateKey" or "privateKeyFile" option is used. This option is only required if the private key is protected.
sftp.privateKeyFile-string

Adds a private key to be used for public-key authentication. The private key should be in the PEM format in a file accessible from the ECaccess Gateway (the file permissions should be set accordingly). This option contains the name of the file (e.g. "/home/uid/.ssh/mykey.pem").

If both options, "privateKeyFile" and "privateKey" are defined, then the latest will be ignored.

sftp.privateKey-string

Adds a private key to be used for public-key authentication. The private key should be in the PEM format.

e.g. sftp.privateKey="
-----BEGIN DSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,2AEF2CF4618CA866

HFYVuVUSTdJacwFiaTcY3I5jUHaVIYdDQHIZarzox/ikWC6rN7uJbwPrZZPH+WV1
PfwX9yC7jVlUSgPu7o8fSdEhBaPZQ0NZ7Gq3cOpsRYicRa3F4GebK748m8VZLXLe
(...)
b4DxuN8evYgV/M9V76JoW5TDiizgst86w915bjM/gl+mVPPH/XitSOpaADtHSpDv
ph1kgY1fjwt5le+i66AnLmbJ4cLLAMz3
-----END DSA PRIVATE KEY-----
"

As shown in the example above, the first line should always be sftp.privateKey=" and the last line should always be " with the content of the private key in between.

sftp.listenAddress-stringAllow specifying the source address used by the SFTP client when connecting to the remote SFTP server. By default, the system will pick up a valid local address.
sftp.sessionTimeOut"60000"millisecondsThis value is used as the socket timeout parameter, and also as the default connection timeout. The value must be > 0. A timeout of zero is interpreted as an infinite timeout.
sftp.connectTimeOut-millisecondsThis value is used as the connection timeout. The value must be > 0. A timeout of zero is interpreted as an infinite timeout. The default value is the same as the "sessionTimeOut" value.
sftp.mksuffix"false"booleanIf set, the SFTP client will generate a random suffix for the "usetmp" option with 3 characters (e.g. ".3te"). If this option is used then the "prefix" and "suffix" options are ignored.
sftp.port"22"shortAllow specifying the port number of the remote SFTP server to connect to.

...

The "reject", "append", "resume" and "overwrite" options are mutually exclusive and determine what to do if there is an existing target file. The "mailto" option specifies an email address to be notified in case of a successful (option "onsuccess") and/or a failed transfer (option "onfailure"). The "check" option prints the status of the specified request on the standard output. The transfer status, which can be checked with the ecaccess-ectrans-list command or the Web interface, can takes values as listed in table 1. Table 1: Transfer status.

StatusMeaning
INITFiles are being transferred to the spool
COPYFiles are being transferred to the remote site
WAITFiles are scheduled and waiting to be started
RETRFile transfer will be retried
STOPFiles have NOT been successfully transferred (error)
DONEFiles have been successfully transferred

Transfer to a Member State host via gateway

To transfer file "fff" from the current working directory on "ecgate" to the "genericFtp" protocol of the use "myUser" on the ECaccess gateway "ecaccess.meteo.ms":

> ectrans -gateway ecaccess.meteo.ms \
          -remote myUser@genericFtp
          -source fff \
          -verbose
verbose: gateway=ecaccess.meteo.ms
verbose: echost=ecgate.ecmwf.int
verbose: ecport=644
verbose: action=spool
verbose: ecuser=uid
verbose: source=fff
verbose: target=fff
verbose: keep=false
verbose: remove=false
verbose: option=reject
verbose: lifetime=1w
verbose: delay=(none)
verbose: at=(now)
verbose: format=yyyyMMddHHmmss
verbose: retryCnt=144
verbose: retryFrq=10m
File to upload (5140480 bytes)
9442903031

...