SSH Configuration
The adapter accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the adapter, access to these internal properties is provided through the Other property.SSH Configuration Settings
| KeyRenegotiationThreshold:
Sets the threshold for the SSH Key Renegotiation.This property allows you to specify the threshold, in the number of bytes, for the SSH Key Renegotiation.
The default value for this property is set to 1 GB.
Example (for setting the threshold to 500 MB):
SSHComponent.Config("KeyRenegotiationThreshold=524288000")
| |||||||||||||||||||||||||||||||
| LogSSHPackets: If True, detailed SSH packet logging is performed.This setting can be enabled to assist in debugging. When set to True the adapter will include detailed information about the SSH level packets in the log. The default value is False. | |||||||||||||||||||||||||||||||
SSHAcceptServerHostKeyFingerPrint:
Instructs the adapter to accept the server's host key with this fingerprint.This may be set to a comma-delimited collection of 16-byte MD5 fingerprints that should be accepted as the host's key. You may supply it by HEX
encoding the values in the form "0a:1b:2c:3d". Example:
SSHAcceptServerHostKeyFingerprint=0a:1b:2c:3d | |||||||||||||||||||||||||||||||
| SSHEncryptionAlgorithms:
A comma-separated list containing all allowable compression algorithms.During the SSH handshake, this list will be used to negotiate the encryption algorithm to be used between the client and server. This list is used for both directions: client to server and server to client.
At least one supported algorithm must appear in this list. The following encryption algorithms are supported by the component:
The default value is "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,arcfour256,arcfour128,arcfour,cast128-cbc,aes256-gcm@openssh.com,aes128-gcm@openssh.com". | |||||||||||||||||||||||||||||||
SSHKeyExchangeAlgorithms:
Specifies the supported key exchange algorithms.This may be used to specify the list of supported Key Exchange algorithms used during SSH negotiation. The value should contain
a comma separated list of algorithms. Supported algorithms are:
| |||||||||||||||||||||||||||||||
SSHMacAlgorithms:
Specifies the supported Mac algorithms.This may be used to specify an alternate list of supported Mac algorithms used during SSH negotiation. This also specifies the order in which the Mac algorithms are preferred.
The value should contain a comma separated list of algorithms. Supported algorithms are:
| |||||||||||||||||||||||||||||||
| SSHPublicKeyAlgorithms:
Specifies the supported public key algorithms.This setting specifies the allowed public key algorithms. This list controls only the public key
algorithm used when authenticating to the server. This list has no bearing on the public key algorithms
that can be used to authenticate the client. The default value is ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss,x509v3-sign-rsa,x509v3-sign-dss.
This setting specifies a list of signature algorithms that may be used when authenticating to the server using public key authentication. This applies only when public key authentication is performed by the client. The setting should be a comma separated list of algorithms. At runtime the adapter will evaluate the specified algorithms and if the algorithm is applicable to the certificate specified in SSHCert it will be used. If the algorithm is not applicable the adapter will evaluate the next algorithm. Possible values are:
The default value in Windows is ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519. rsa-sha2-256 and rsa-sha2-512 notes The adapter will query the server for supported algorithms when connecting. If the server indicates support for rsa-sha2-256 or rsa-sha2-512 and the algorithm is present in the list defined by this setting (as in the default value), that algorithm will be used instead of ssh-rsa even when ssh-rsa appears first in the list. For the rsa-sha2-256 and rsa-sha2-512 algorithms to be automatically preferred the server must support the ext-info-c mechanism. In practice, older servers do not support this and in that case ssh-rsa will be used since it appears first in the list. Newer servers do support this mechanism and in that case rsa-sha2-256 or rsa-sha2-512 will be used even though it appears after ssh-rsa. This behavior has been carefully designed to provide maximum compatibility while automatically using more secure algorithms when connecting to servers which support them. |
General Configuration Settings
| AbsoluteTimeout: Determines whether timeouts are inactivity timeouts or absolute timeouts.If AbsoluteTimeout is set to True, any method which does not complete within Timeout seconds will be aborted. By default, AbsoluteTimeout is False, and the timeout is an inactivity timeout. | |
| LocalHost:
The name of the local host or user-assigned IP interface through which connections are initiated or accepted.The LocalHost configuration contains the name of the local host as obtained by the Gethostname() system call, or if the user has assigned an IP address, the value of that address.
In multihomed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the adapter initiate connections (or accept in the case of server adapters) only through that interface. If the adapter is connected, the LocalHost configuration shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface). | |
| TcpNoDelay:
Whether or not to delay when sending packets.
When true, the socket will send all data that is ready to send at once. When
false, the socket will send smaller buffered packets of data at small intervals.
This is known as the Nagle algorithm.
By default, this config is set to false. | |
| UseInternalSecurityAPI:
Tells the adapter whether or not to use the system security libraries or an internal implementation.
By default the adapter will use the system security libraries to perform cryptographic functions.
When set to False calls to unmanaged code will be made. In certain environments this is not desirable.
To use a completely managed security implementation set this setting to True.
Setting this to True tells the adapter to use the internal implementation
instead of using the system's security API.
Note: This setting is static. The value set is applicable to all adapters used in the application. When this value is set the product's system DLL is no longer required as a reference, as all unmanaged code is stored in that file. |
Supported Macros
The adapter also supports the following Macros. These values are not case sensitive and would be supplied to a property in the form %MacroName%.
| Temp | This is resolved to the full path to the system's temporary directory. |
| MessageID | Globally unique identifier (GUID) of the message in BizTalk Server. |
| SourceFileName | The original file name. This includes the extension and excludes the file path, for example, Sample.xml |
| SourceFileNameNoExt | The original file name without the extension or file path, for example, Sample |
| RemoteFileName | The name of the file as it was uploaded to the remote server. This includes the extension and excludes the file path, for example, Sample.xml. Valid only for AS3, FTP, and SFTP Send Adapters. |
| DestinationParty | Name of the destination party. |
| DestinationPartyQualifier | Qualifier of the destination party. |
| SourceParty | Name of the source party. |
| SourcePartyQualifier | Qualifier of the source party. |
| DateTime:CustomFormat | This special value allows you to specify your own custom time format. For instance DateTime:yyyy would be resolved to the 4 digit year. |
| Date | The date format yyyy-MM-dd. |
| DateTime | The date format yyyy-MM-ddThhmmss. |
| Time | The date format hhmmss. |
| DateTime_BTS2000 | The date format yyyyMMddhhmmssf. |
| DateTime.TZ | The date format yyyy-MM-ddThhmmsszzz. |
| Time.TZ | The date format hhmmsszzz. |
| Property#<Schema>#<Name> | This special value allows you to include a property from the incoming message. For instance "PROPERTY#http://schemas.microsoft.com/BizTalk/2003/system-properties#ReceivePortName" would resolve to the ReceivePortName property of the message. |