SFTPServer Class
Properties Methods Events Configuration Settings Errors
The SFTPServer class provides server-side functionality for SFTP connections.
Syntax
SecureBlackboxSFTPServer
SecureBlackboxSFTPServerSwift
Remarks
TElSFTPServer is an implementation for SSH File Transfer Protocol server. It works over a secure SSH channel, and should not be confused with the FTP/FTPS protocol.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
- active | Specifies whether the SFTP server has started and ready to accept connections. |
- authTypes | Defines allowed authentication types. |
- baseDir | Specifies the server's base (root) directory. |
- clientFileEntryATime | Contains the last access time for this file, in UTC. |
- clientFileEntryCTime | Contains this file's creation time, in UTC. |
- clientFileEntryDirectory | Specifies whether this entry is a directory. |
- clientFileEntryFileType | Specifies the type of this entry, one of the following: cftFile 0 cftDirectory 1 cftSymblink 2 cftSpecial 3 cftUnknown 4 cftSocket 5 cftCharDevice 6 cftBlockDevice 7 cftFIFO 8 . |
- clientFileEntryGroupExecute | Controls file execution permission for the group users. |
- clientFileEntryGroupRead | Controls file read permission for the group users. |
- clientFileEntryGroupWrite | Controls file write permission for the group users. |
- clientFileEntryHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
- clientFileEntryLongName | Contains the long name of the file (human-readable, ftp-like). |
- clientFileEntryMTime | Specifies the last modification time, in UTC. |
- clientFileEntryName | Specifies the file name. |
- clientFileEntryOtherExecute | Controls file execution permission for other users (users that are neither owners, nor belong to the same group). |
- clientFileEntryOtherRead | Controls file read permission for other users (users that are neither owners, nor belong to the same group). |
- clientFileEntryOtherWrite | Controls file write permission for other users (users that are neither owners, nor belong to the same group). |
- clientFileEntryOwner | Specifies the owner of the file/directory. |
- clientFileEntryPath | Contains the full path to the file. |
- clientFileEntrySize | The size of the file in bytes. |
- clientFileEntryUserExecute | Controls file execution permission for the file owner. |
- clientFileEntryUserRead | Controls file read permission for the file owner. |
- clientFileEntryUserWrite | Controls file write permission for the file owner. |
- compressionLevel | Specifies the preferable compression level. |
- externalCryptoCustomParams | Custom parameters to be passed to the signing service (uninterpreted). |
- externalCryptoData | Additional data to be included in the async state and mirrored back by the requestor. |
- externalCryptoExternalHashCalculation | Specifies whether the message hash is to be calculated at the external endpoint. |
- externalCryptoHashAlgorithm | Specifies the request's signature hash algorithm. |
- externalCryptoKeyID | The ID of the pre-shared key used for DC request authentication. |
- externalCryptoKeySecret | The pre-shared key used for DC request authentication. |
- externalCryptoMethod | Specifies the asynchronous signing method. |
- externalCryptoMode | Specifies the external cryptography mode. |
- externalCryptoPublicKeyAlgorithm | Provide public key algorithm here if the certificate is not available on the pre-signing stage. |
- forceCompression | This property specifies whether server explicitly requires data compression. |
- host | Specifies server's host name. |
- keyFingerprintSHA1 | Contains the SHA-1 fingerprint (hash) of the key. |
- keyFingerprintSHA256 | Contains the SHA-256 fingerprint (hash) of the key. |
- keyHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
- maxSFTPVersion | Maximum SFTP version supported. |
- minSFTPVersion | Minimum SFTP version supported. |
- pinnedClientAddress | The client's IP address. |
- pinnedClientClientKeyAlgorithm | Specifies the client's key algorithm. |
- pinnedClientClientKeyBits | Specifies the length of the client's key. |
- pinnedClientClientKeyFingerprint | The fingerprint (hash value) of the client's public key. |
- pinnedClientClientSoftwareName | Returns the name of the SSH software running on the client side. |
- pinnedClientCloseReason | Contains the line sent by the client just before closing the connection. |
- pinnedClientCompressionAlgorithmInbound | Compression algorithm for the incoming traffic. |
- pinnedClientCompressionAlgorithmOutbound | Compression algorithm for the outgoing traffic. |
- pinnedClientEncryptionAlgorithmInbound | Encryption algorithm for the incoming traffic. |
- pinnedClientEncryptionAlgorithmOutbound | Encryption algorithm for the outgoing traffic. |
- pinnedClientID | The client connection's unique identifier. |
- pinnedClientInboundEncryptionKeyBits | Specifies the length of the key used to encrypt the incoming traffic. |
- pinnedClientKexAlgorithm | The key exchange algorithm used during the SSH handshake. |
- pinnedClientKexBits | The number of bits used by the key exchange algorithm. |
- pinnedClientKexLines | The contents of the received KexInit packet. |
- pinnedClientMacAlgorithmInbound | MAC algorithm used for the incoming connection. |
- pinnedClientMacAlgorithmOutbound | MAC algorithm used for outbound connection. |
- pinnedClientOutboundEncryptionKeyBits | Specifies the length of the key used to encrypt the outgoing traffic. |
- pinnedClientPort | The remote port of the client connection. |
- pinnedClientPublicKeyAlgorithm | Specifies the public key algorithm which was used during the SSH handshake. |
- pinnedClientServerKeyBits | Specifies the number of bits in the server's key. |
- pinnedClientServerKeyFingerprint | The fingerprint (hash value) of the server's public key. |
- pinnedClientTotalBytesReceived | Returns the total number of bytes received over this connection. |
- pinnedClientTotalBytesSent | Returns the total number of bytes sent over this connection. |
- pinnedClientVersion | Specifies SSH protocol version. |
- port | Specifies the listening port number. |
- readOnly | Specifies whether files on the server are read-only. |
- serverKeyCount | The number of records in the ServerKey arrays. |
- serverKeyAlgorithm:(int)serverKeyIndex | Specifies the key algorithm. |
- serverKeyBits:(int)serverKeyIndex | The number of bits in the key: the more the better, 2048 or 4096 are typical values. |
- serverKeyFingerprintMD5:(int)serverKeyIndex | Contains the MD5 fingerprint (hash) of the key. |
- serverKeyFingerprintSHA1:(int)serverKeyIndex | Contains the SHA-1 fingerprint (hash) of the key. |
- serverKeyHandle:(int)serverKeyIndex | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
- socketIncomingSpeedLimit | The maximum number of bytes to read from the socket, per second. |
- socketLocalAddress | The local network interface to bind the socket to. |
- socketLocalPort | The local port number to bind the socket to. |
- socketOutgoingSpeedLimit | The maximum number of bytes to write to the socket, per second. |
- socketTimeout | The maximum period of waiting, in milliseconds, after which the socket operation is considered unsuccessful. |
- socketUseIPv6 | Enables or disables IP protocol version 6. |
- SSHSettingsAutoAdjustCiphers | Whether the SSH client should adjust its list of supported ciphers 'on-the-fly' for greater compatibility with the server it is connecting to. |
- SSHSettingsBaseConfiguration | Allows to choose base configuration of SSH settings, tuned up for different purposes such as high security or higher compatibility. |
- SSHSettingsCompressionAlgorithms | A list of session compression algorithms separated with commas or semicolons. |
- SSHSettingsCompressionLevel | Possible values for the Compression Level range from 0 (minimum compression) to 9 (maximum compression). |
- SSHSettingsDefaultWindowSize | The SSH window size specifies how many bytes the client can send to the server in the command channel without obtaining pre-authorization for the further send from the server. |
- SSHSettingsEncryptionAlgorithms | A list of session encryption algorithms separated with commas or semicolons. |
- SSHSettingsForceCompression | Whether the SSH client should explicitly request compression. |
- SSHSettingsGSSAuthTypes | A comma-separated list of authentication types. |
- SSHSettingsGSSDelegateCreds | Switches credential delegation on or off. |
- SSHSettingsGSSHostname | The GSS host name, in form of a FQDN (e. |
- SSHSettingsGSSLib | A path to the GSS-API library (DLL or SO). |
- SSHSettingsGSSMechanisms | A comma-separated list of GSS mechanisms to use. |
- SSHSettingsGSSProtocols | A comma-separated list of SSPI protocols. |
- SSHSettingsHandshakeTimeout | Specifies the maximal time for the SSH handshake to proceed, in seconds. |
- SSHSettingsKexAlgorithms | A list of key exchange algorithms separated with commas or semicolons. |
- SSHSettingsMacAlgorithms | A list of MAC (for message authentication code ) algorithms separated with commas or semicolons. |
- SSHSettingsMaxSSHPacketSize | Specifies the maximum length of one SSH packet in bytes. |
- SSHSettingsMinWindowSize | Specifies the minimal internal window size. |
- SSHSettingsObfuscateHandshake | Enables or disables handshake obfuscation. |
- SSHSettingsObfuscationPassword | Specifies the password used to encrypt the handshake when ObfuscateHandshake is set. |
- SSHSettingsPublicKeyAlgorithms | A list of public key algorithms separated with commas or semicolons. |
- SSHSettingsRequestPasswordChange | Whether to request a password change when connecting. |
- SSHSettingsSoftwareName | The name to be used by the class to identify itself. |
- SSHSettingsTrustAllKeys | Enables or disables explicit trust to all server keys. |
- SSHSettingsUseAuthAgent | Enables or disables the use of external key agent, such as Putty key agent. |
- SSHSettingsVersions | Specifies enabled SSH protocol versions (1 or 2). |
- userCount | The number of records in the User arrays. |
- userAssociatedData:(int)userIndex | Contains the user's Associated Data when SSH AEAD (Authenticated Encryption with Associated Data) algorithm is used. |
- userBasePath:(int)userIndex | Base path for this user in the server's file system. |
- userCert:(int)userIndex | Contains the user's certificate. |
- userData:(int)userIndex | Contains uninterpreted user-defined data that should be associated with the user account, such as comments or custom settings. |
- userHandle:(int)userIndex | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
- userHashAlgorithm:(int)userIndex | Specifies the hash algorithm used to generate TOTP (Time-based One-Time Passwords) passwords for this user. |
- userIncomingSpeedLimit:(int)userIndex | Specifies the incoming speed limit for this user. |
- userOtpAlgorithm:(int)userIndex | The algorithm used to generate one-time passwords (OTP) for this user, either HOTP (Hash-based OTP) or TOTP (Time-based OTP). |
- userOtpValue:(int)userIndex | The user's time interval (TOTP) or Counter (HOTP). |
- userOutgoingSpeedLimit:(int)userIndex | Specifies the outgoing speed limit for this user. |
- userPassword:(int)userIndex | The user's authentication password. |
- userPasswordLen:(int)userIndex | Specifies the length of the user's OTP password. |
- userSharedSecret:(int)userIndex | Contains the user's secret key, which is essentially a shared secret between the client and server. |
- userSSHKey:(int)userIndex | Contains the user's SSH key. |
- userUsername:(int)userIndex | The registered name (login) of the user. |
- useUTF8 | Specifies whether UTF8 conversion is to be used when parsing file names. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
- config | Sets or retrieves a configuration setting. |
- dropClient | Terminates a client connection. |
- getClientBuffer | Acquires a piece of operation data. |
- getClientFileEntry | Acquires file entry details from the class. |
- listClients | Enumerates the connected clients. |
- pinClient | Takes a snapshot of the connection's properties. |
- setClientBuffer | Commits a data buffer to the server class. |
- setClientFileEntry | Commits the file entry details to the class. |
- start | Starts SFTP server operation. |
- stop | Stops SFTP server. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
- onAccept | This event is fired when new incoming connection is accepted. |
- onAfterCreateDirectory | This event indicates completion of directory creation request. |
- onAfterRemove | This event indicates completion of file removal request. |
- onAfterRenameFile | This event indicates completion of a file rename operation. |
- onAfterRequestAttributes | This event indicates completion of file attributes request. |
- onAfterSetAttributes | This event indicates completion of a set attributes request. |
- onAuthAttempt | Reports a user authentication attempt. |
- onAuthFailed | Reports user authentication failure. |
- onAuthPassword | This event is fired on password authentication attempt from a client. |
- onAuthPublicKey | This event is fired on public key authentication attempt from a client. |
- onAuthSucceeded | Reports a successful user authentication. |
- onBeforeCreateDirectory | This event is fired when a client requests to create a directory. |
- onBeforeDownloadFile | This event is fired when a download file request is received. |
- onBeforeFind | This event is fired when a client requests to find files and folders in Path. |
- onBeforeRemove | This event is fired when a client requests to delete a file or directory. |
- onBeforeRenameFile | This event is fired when a client requests to rename a file. |
- onBeforeRequestAttributes | This event is fired when a client requests to get file attributes. |
- onBeforeSetAttributes | This event is fired when a client requests to set file attributes. |
- onBeforeUploadFile | This event is fired when an upload file request is received. |
- onCloseFile | This event instructs the application to close an opened file. |
- onConnect | This event is fired when a remote connection has been established. |
- onCreateDirectory | This event instructs the application to create a directory. |
- onDisconnect | This event is fired when a client has disconnected. |
- onError | Information about errors during data delivery. |
- onExternalSign | Handles remote or external signing initiated by the server protocol. |
- onFindClose | This event signifies the completion of a custom file listing operation. |
- onFindFirst | This event signifies the start of the custom file listing retrieval mechanism. |
- onFindNext | This event retrieves the next entry of a custom file listing. |
- onNotification | This event notifies the application about an underlying control flow event. |
- onOpenFile | This event instructs the application to handle the file open request. |
- onReadFile | This event is fired when a file read request is received. |
- onRemove | This event is fired when a client requests to delete a file or directory. |
- onRenameFile | This event is fired when a client requests to rename a file. |
- onRequestAttributes | This event is fired when a get file attributes request is received. |
- onSessionClosed | Reports session closure. |
- onSessionEstablished | This event is fired when a new session is established. |
- onSetAttributes | This event is fired when an set file attributes request is received. |
- onWriteFile | This event is fired when a file write request is received. |
Configuration Settings
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
AuthMode | Controls dual/multi-type authentication mode. |
CustomDHGroupIndex | Sets a specific Diffie-Hellman group index to enforce. |
DualStack | Allows the use of ip4 and ip6 simultaneously. |
MaxDHGroupSize | Sets the maximal Diffie-Hellman group size. |
MinDHGroupSize | Sets the minimal Diffie-Hellman group size. |
NotifyOnFileOperations | Enables low-level file operation notifications. |
CheckKeyIntegrityBeforeUse | Enables or disable private key integrity check before use. |
CookieCaching | Specifies whether a cookie cache should be used for HTTP(S) transports. |
Cookies | Gets or sets local cookies for the class (supported for HTTPClient, RESTClient and SOAPClient only). |
DefDeriveKeyIterations | Specifies the default key derivation algorithm iteration count. |
EnableClientSideSSLFFDHE | Enables or disables finite field DHE key exchange support in TLS clients. |
GlobalCookies | Gets or sets global cookies for all the HTTP transports. |
HttpUserAgent | Specifies the user agent name to be used by all HTTP clients. |
LogDestination | Specifies the debug log destination. |
LogDetails | Specifies the debug log details to dump. |
LogFile | Specifies the debug log filename. |
LogFilters | Specifies the debug log filters. |
LogFlushMode | Specifies the log flush mode. |
LogLevel | Specifies the debug log level. |
LogMaxEventCount | Specifies the maximum number of events to cache before further action is taken. |
LogRotationMode | Specifies the log rotation mode. |
MaxASN1BufferLength | Specifies the maximal allowed length for ASN.1 primitive tag data. |
MaxASN1TreeDepth | Specifies the maximal depth for processed ASN.1 trees. |
OCSPHashAlgorithm | Specifies the hash algorithm to be used to identify certificates in OCSP requests. |
UseOwnDNSResolver | Specifies whether the client classes should use own DNS resolver. |
UseSharedSystemStorages | Specifies whether the validation engine should use a global per-process copy of the system certificate stores. |
UseSystemOAEPAndPSS | Enforces or disables the use of system-driven RSA OAEP and PSS computations. |
UseSystemRandom | Enables or disables the use of the OS PRNG. |