Define the Adapter for the SFTP Connection

An SFTP adapter definition specifies both the system-level communications information necessary to establish SFTP connections to and from Secure Proxy and the local host key used to validate Secure Proxy to an inbound connection. Because the SFTP protocol requires that Secure Proxy present its key to the inbound node for authentication, you must configure the adapter with the local host key store and the local host key to present to the inbound connection. Before you can configure the adapter, create a local host key store and a local host key. Refer to Manage Local Host Key Stores and Keys for instructions.

You must also determine what ciphers are allowed for encryption and what MACs are allowed for message integrity protection, as well as the order of preference for both the ciphers and the MACs. Communicate with the administrator of the inbound node to ensure that your configurations match.

You can create multiple adapter definitions.

Before you begin this procedure, create the following definitions:
  • A netmap to associate with the adapter
  • An engine definition to associate with the adapter. Refer to Install or Upgrade Secure Proxy on UNIX or Linux or Install or Upgrade Secure Proxy on Microsoft Windows for instructions.

To define an SFTP adapter:

  1. From IBM Sterling Secure Proxy, select Configuration from the left hand-side navigation panel.
  2. Click Adapters, then click View all Adapters to display the list of created Adapters.
  3. Specify values for the following:
    • Adapter Name
    • Listen Port
    • Netmap
    • Standard Routing Node
    • Engine
    • Local Host Key Store
    • Local Host Key
  4. Click the Security tab.
  5. From SSH Configuration drop-down, select a required SSH configuration. For more information, see SSH Security Configuration.
  6. Click Save.