SFTP server overview

An SSH File Transfer Protocol (SFTP) server is an endpoint that is associated with a receiver or a destination during a message exchange. The server can be associated with more than one destination or receiver, but a destination or receiver can be associated with only one server.

An SFTP server uses the SFTP transport protocol, which is an extension of the Secure Shell (SSH) cryptographic protocol.

Important: SFTP is not the use of the SSH protocol by the File Transfer Protocol (FTP) in the same way that FTP/S is the use of the Secure Sockets Layer (SSL) cryptographic protocol by FTP. SFTP is a unique protocol.

To use an SFTP server in a message exchange profile, you must first configure the server. Then, you include the server in the configuration of an exchange profile that can use an SFTP server.

Authentication

When you configure an exchange profile to use an SFTP server, you must specify the credentials that are needed to connect to the SFTP server. The type of credentials is specified when you configure the SFTP server. You can choose to authenticate with a user ID and a password; a public key and a private key; both types of credentials; or either type of credential. After you specify the type of credentials in the SFTP configuration, you specify the values for the credentials in the exchange profile configuration.

Authentication also includes a host key that is used to identity the SFTP server to the client and ensure that the server is known and trusted. The host key prevents man-in-the-middle attacks. The host key is part of the SFTP server configuration. The host key must be sent by the server to the client when the client requests the host key.