Remote SFTP Server
A Remote SFTP Server is a type of Endpoint that represents an external (remote) SFTP server. UDMG uses this Endpoint when acting as an SFTP client to connect to a partner's server. The Endpoint stores connection details such as hostname, port, and authentication credentials, and is used to initiate outbound SFTP transfers. Within a Pipeline, a Remote SFTP Endpoint can function as either a Source (to pull files) or a Destination (to push files), enabling secure and automated file exchanges with remote SFTP servers.
File transfers when UDMG is acting as the client are only initiated via the Transfer API (not via the UI).
A Pipeline with a Remote SFTP Server Endpoint cannot be associated with an Account via an Account Group. The Credentials needed to connect and authenticate with an external SFTP server are added at the Pipeline level.
Before You Begin
IP Address/Port
The IP/Port is the combination to connect to the external SFTP server. Obtain the IP Address and Port from your partner. After configuring an Endpoint, always use the Validate button to see if the system can connect to the external SFTP server via the IP/port combination provided. See Validating the Configuration for steps.
Public Key
Each Remote SFTP Server Endpoint must be associated with a single Public Key, which serves as the Host Key of the external SFTP server. This key is used by UDMG to authenticate the server during the SSH connection, ensuring the server's identity and protecting against man-in-the-middle attacks.
You must obtain the Host Key from your partner. To select it during Endpoint creation, a Credential with Credential Type: Public Key must first be created on the Credentials page.
Authentication Credentials at the Pipeline Level
While the Remote SFTP Server Endpoint requires the external server's Public Host Key to verify its identity (configured at the Endpoint level), client authentication credentials are configured separately at the Pipeline level. This design allows reusing the same Endpoint with different credentials across multiple Pipelines.
For more information, refer to Remote SFTP Transfers - Pull or Remote SFTP Transfers - Push.
Adding an Endpoint
To add an Endpoint, follow these steps:
- From the Sidebar, select Configuration > Endpoints.
- Click the Add Endpoint button.
- Select Remote SFTP Server as the Endpoint Type.
- Complete the Name and Description details for the new Endpoint.
- Enter the IP Address and Port you obtained earlier.
- Select the host key you created earlier from the Credentials Name dropdown
- Optionally select ciphers and other algorithms, or use the default, using the table below as a guide.
- Choose whether the Endpoint should be enabled effective immediately.
info
The Endpoint still must be added to a Pipeline for the Endpoint to be serviceable.
- Click Add.
- Validate the connection (connection only, no authentication). See Validating the Configuration.
Field Descriptions
The following table describes the fields that are configured for the Endpoint:
| Name | Description | Specifications | Required |
|---|---|---|---|
| Endpoint Type | The type of Endpoint indicates the type of file transfer. Select: Remote SFTP Server. | The type Cannot be modified after creation. | Yes |
| Name | The name of the Endpoint. |
| Yes |
| Description | The description of the Endpoint. | No | |
| IP Address | The IP Address of the external SFTP server. Provided by the partner. | Must be in IPv4 format. | Yes |
| Port | The port number of the external SFTP server. Provided by the partner. | Must be within 1 and 65535. | Yes |
| Credentials Name (Host Key) | The name of the Public Key representing the external SFTP server's Host Key. | Must reference an already created Public Key. | Yes |
| Key Exchange Algorithms | The allowed key exchange algorithms. Options (multi-select):
| Defaulted to:
| No |
| Ciphers | The allowed ciphers. Options (multi-select):
| Defaulted to:
| No |
| MACs | The allowed Message Authentication Codes (MACs). Options (multi-select):
| Defaulted to:
| No |
| Enabled Endpoint | Endpoint's enabled status. | Default value: Enabled. | Yes |
Editing an Endpoint
Endpoint configuration changes are pushed to all Pipelines referencing the Endpoint with immediate effect.
To edit an Endpoint, follow these steps:
- From the Sidebar, select Configuration > Endpoint.
- Click the Endpoint Name you want to edit.
- Click the Edit button above the Endpoint details.
- Edit details for the Endpoint, using the Field Descriptions table as a guide.
- Click Update.
Managing an Endpoint
Viewing Endpoint Details
To view the details of an Endpoint, follow these steps:
- From the Sidebar, click Configuration > Endpoints.
- Click the Endpoint Name you want to view.
Endpoint details include all parameters given in the Field Descriptions table above, plus the following read-only metadata:
Endpoint Metadata
| Name | Description |
|---|---|
| UUID | Universally Unique Identifier of this Endpoint. |
| Version | Version number of the configuration. Every change increases the number. |
| Enabled | Endpoint's Enabled status. If enabled, field is set to True. |
| Created | Date and time this Endpoint was created. |
| Updated | Date and time this Endpoint was last updated. |
| Test Status | Status of the Validate Endpoint configuration test. Options:
|
Validating the Configuration
The Endpoint configuration can be validated to confirm if an unauthenticated connection with the external SFTP server can be made. After clicking the Validate button, one of the following messages appears:
- Error/Fail: 'Endpoint test has failed. The dial tcp 0.0.0.4:2235: i/o timeout.'
- If validation fails, then the system was not able to make a successful connection with the external SFTP server. Check the Endpoint's configuration, network path, firewall rules, and try again.
- Pass: 'Endpoint has passed the test.'
- If validation passes, then the system was able to make a successful connection with the external SFTP server.
Enabling and Disabling Endpoints
Remote SFTP Server Endpoints can be Enabled or Disabled to control their active status and ability to participate in file transfers.
- Enabled (default): The Endpoint is active and can participate in file transfers.
- Disabled: The Endpoint is inactive and cannot participate in file transfers.
To enable or disable an Endpoint, follow these steps:
- From the Sidebar, select Configuration > Endpoints.
- Click the Endpoint Name of the Endpoint you want to enable/disable.
- Click Edit.
- If the Endpoint is currently enabled, you can disable the Endpoint by moving the toggle to the left.
- Click Update.
Changes to the Endpoint's Enabled/Disabled status are not active until the file transfer is scheduled and triggered.
Editing an Endpoint
To edit an Endpoint, follow these steps:
- From the Sidebar, select Configuration > Endpoints.
- Click the Endpoint Name of the Endpoint you want to edit.
- Click the Edit button above the Endpoint details.
- Edit details for the Endpoint using the Field Descriptions table as a guide.
- Click Update.
- Click the Validate button following the above instructions.
Deleting an Endpoint
To delete an Endpoint, follow these steps:
- From the Sidebar, select Configuration > Endpoints.
- Click the Endpoint Name of the Endpoint you want to delete.
- Click the Delete button above the Endpoint details.
- You will be asked to confirm the deletion. Click Delete.
UDMG prevents the deletion of a Configuration Item if it is currently referenced by another Configuration Item (i.e., Pipeline). The Configuration Item must be edited or the reference removed before you can delete the Endpoint. Deletion cannot be undone.