Drives

The following values can be configured independently for each drive, at HKEY_LOCAL_MACHINE\SOFTWARE\nsoftware\SFTPDrive\3\Drives\{Drive Name}:

NameTypeDescription
DriveLetterStringContains the drive letter where the drive will be mounted (e.g. "Z:").
DriveNameStringContains the name that will be displayed for the drive.
DriveTypeDWORDDetermines the type of drive that will be mounted:
  • 0 - Network Drive (default)
  • 1 - Local Disk
  • 2 - Removable Disk
EnabledDWORDDetermines whether or not the drive will be mounted when SFTP Drive is started.
  • 0 - Disabled
  • 1 - Enabled
IndexDWORDThe position of the drive in the list of drives.
OpenRemoteFolderDWORDDetermines whether or not SFTP Drive will automatically open a folder after mounting the drive.
  • 0 - Disabled
  • 1 - Enabled
OpenSpecifiedFolderStringContains the folder that SFTP Drive will open if OpenRemoteFolder is enabled.
ReadOnlyDWORDDetermines whether or not SFTP Drive will mount the drive in read-only mode.
  • 0 - Disabled (default)
  • 1 - Enabled
RemoteRootStringContains the folder on the server that SFTP Drive will use as the root of the mounted drive.
SharedDWORDDetermines whether or not other users can access the mounted drive.
  • 0 - Private
  • 1 - Shared (default)
CaseSensitiveNamesDWORDEnabling this setting will turn on case-sensitive mode in the virtual drive. The drive will advertise to Windows that it is sensitive to filename casing. This will allow some applications to work with files on the drive in a case-sensitive manner. Please keep reading for more information.

Windows treats file and directory names as case-insensitive. FOO.txt and foo.txt are treated as equivalent files. Although there are mechanisms to configure case-sensitivity in Windows, some applications may still make the assumption that the file system is case-insensitive. It is not uncommon for applications to transform filenames to use all upper or lower case. Please see the Microsoft Documentation for more information.

It is required for user-mode code of Windows to set the obcasesensitive setting to 0, in order to perform operations in a case-sensitive manner. Despite this setting, applications may assume the file system is case-insensitive. There is not a magic bullet to turn everything into case-sensitive. Applications may stop working in unexpected places.

By default, the virtual drive will advertise to Windows that is case preserving while it remains mounted. If the drive is started and then stopped and started again, you may see the case preserving is not persistent. For performance reasons we do not perform extra search operations to ensure the persistence of case preserving across stopping and starting the drive.

  • 0 - Disabled (default)
  • 1 - Enable case-sensitive mode

SftpServerExecStringA command to start the SFTP server. When this setting is specified, SFTP Drive opens an exec channel and sends the command to start the SFTP server over the channel. The subsequent SFTP requests and data are also sent over the command channel.

Note the server must be configured with passwordless sudo for the current SSH user. The default value is empty and channels are started using an SFTP subsystem instead.

Example: "/usr/bin/sudo -u root /usr/lib/openssh/sftp-server" starts the server as the root user.

UseSingleChannelDWORDEnabling this setting will prevent the drive from starting multiple SFTP channels. SFTP Drive by default will use one channel to read and write files in an asynchronous manner and another channel for synchronous operations such as enumerating files and folders, deleting files, and deleting folders.
  • 0 - Disabled (default)
  • 1 - Enable single channel mode
ConfirmPermissionsDWORDWhen this setting is enabled, SFTP Drive will always attempt to open the file/directory beforehand to verify the user has permission to perform the operation. This improves the experience in Explorer when navigating around the server's filesystem.

Note: Turning this off does not prevent permissions checking altogether. The server will always prevent reads and writes if the SFTP user does not have permission to read or write.

  • 0 - Disabled (default)
  • 1 - Confirm permissions

ServerProfileStringThis setting abstracts multiple different configuration settings into a single setting. When this setting is non-empty, the application will attempt to turn on all the required configuration settings based on the server name. The possible values of this setting are
  • moveit - Progress MOVEit Transfer

Additional values are reserved for future use.

DefaultFilePermissionsStringThis setting controls the file permissions of any new files created on the drive. SFTP Drive will create the file on the remote machine using the default mode mask of the SSH user. If this setting is enabled and non-empty, after the file has been created SFTP Drive will set the file's attributes to the specified permissions. The configuration setting supports a string of three numbers in base 8.

Default - 664

  • # owner: sftpuser
  • # group: sftpuser
  • user::rw-
  • group::rw-
  • other::r--

DefaultFolderPermissionsStringThis setting controls the permissions of any new folders created on the drive. SFTP Drive will create the folder on the remote machine using the default mode mask of the SSH user. If this setting is enabled and non-empty, after the folder has been created SFTP Drive will set the attributes to the specified permissions. The configuration setting supports a string of three numbers in base 8.

Default - 775

  • # owner: sftpuser
  • # group: sftpuser
  • user::rwx
  • group::rwx
  • other::r-x

SSHEncryptionAlgorithmsStringA comma-separated list containing all allowable encryption algorithms in order of preference. When this setting is non-empty, only the specified encryption algorithms will be negotiated.

aes256-ctr256-bit AES encryption in CTR mode
aes256-cbc256-bit AES encryption in CBC mode
aes192-ctr192-bit AES encryption in CTR mode
aes192-cbc192-bit AES encryption in CBC mode
aes128-ctr128-bit AES encryption in CTR mode
aes128-cbc128-bit AES encryption in CBC mode
3des-ctr192-bit (3-key) triple DES encryption in CTR mode
3des-cbc192-bit (3-key) triple DES encryption in CBC mode
cast128-cbcCAST-128 encryption
blowfish-cbcBlowfish encryption
arcfourARC4 encryption
arcfour128128-bit ARC4 encryption
arcfour256256-bit ARC4 encryption
aes256-gcm@openssh.com256-bit AES encryption in GCM mode.
aes128-gcm@openssh.com128-bit AES encryption in GCM mode.
chacha20-poly1305@openssh.comChaCha20 with Poly1305-AES encryption.

The following algorithms are enabled by default:

aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,arcfour256,arcfour128,arcfour,cast128-cbc,aes256-gcm@openssh.com,aes128-gcm@openssh.com,chacha20-poly1305@openssh.com

SSHMacAlgorithmsStringA comma-separated list containing all allowable message authentication algorithms in order of preference. When this setting is non-empty, only the specified MAC algorithms will be negotiated.

  • hmac-sha1
  • hmac-md5
  • hmac-sha1-96
  • hmac-md5-96
  • hmac-sha2-256
  • hmac-sha2-256-96
  • hmac-sha2-512
  • hmac-sha2-512-96
  • hmac-ripemd160
  • hmac-ripemd160-96
  • hmac-sha2-256-etm@openssh.com
  • hmac-sha2-512-etm@openssh.com

The following algorithms are enabled by default:

hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96,hmac-sha2-256-96,hmac-sha2-512-96,hmac-ripemd160-96,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com

SSHKeyExchangeAlgorithmsStringA comma-separated list containing all allowable key exchange algorithms in order of preference. When this setting is non-empty, only the specified key exchange algorithms will be negotiated.

  • curve25519-sha256
  • curve25519-sha256@libssh.org
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group14-sha256
  • diffie-hellman-group16-sha512
  • diffie-hellman-group18-sha512
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group-exchange-sha1
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521

The following algorithms are enabled by default:

curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,ecdh-sha2-nistp256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,ecdh-sha2-nistp384,ecdh-sha2-nistp521

SSHPubKeyAuthSigAlgorithmsStringThis setting specifies a list of signature algorithms that may be used when authenticating to the server using public key authentication. This applies only when public key authentication is performed by the client.

  • ssh-rsa
  • rsa-sha2-256
  • rsa-sha2-512
  • ssh-dss
  • ecdsa-sha2-nistp256
  • ecdsa-sha2-nistp384
  • ecdsa-sha2-nistp521
  • ssh-ed25519
  • x509v3-sign-rsa
  • x509v3-sign-dss

The following algorithms are enabled by default:

ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519

CacheDirectoryString

The local directory where files will be stored temporarily during read and write operations. The default cache directory is C:\ProgramData\SFTPDrive.

Note: The default cache directory is visible to all local users on the machine.

CacheInfoValidityTimeDWORD

The time in seconds for which the current directory information is considered valid. When a file is created SFTP Drive will first check to see if the file already exists in the SFTP server. SFTP Drive will first check the cached listing for the directory. If the directory information is older than CacheInfoValidityTime a request will be made to the SFTP server to update the directory listing. If the directory information is newer than CacheInfoValidityTime it will be considered valid and will not result in a separate request to the SFTP server.

In cases where many new files are copied to a folder in a short period of time this can improve performance since it will reduce the number of requests made to the SFTP server. To disable this functionality set the value to 0. The default value is 30.

CacheLargeFileSizeMinimumDWORD

The minimum size of files in megabytes for which a multipart upload will be used. Files written to the virtual drive which exceed this size will be uploaded to the remote storage as a set of independent parts. This is most helpful for uploading large objects. The default value is 5 (5 MB).

CacheFileUploadDelayDWORD

The delay in seconds to wait after a file is idle before initiating an upload to the SFTP server.

A delay may be beneficial in cases where a file is repeatedly accessed. With a delay in place only one copy of the file will be uploaded after the file has been idle for the specified number of seconds. The default value is 5.
CacheFileUploadDelayThresholdDWORD

The maximum size in bytes of cached files that will be uploaded without waiting for CacheFileUploadDelay to lapse. If a file is smaller than the specified number of bytes it will be uploaded immediately. The default value is 1048576 (1 MB).

Note: Specifying a value of 0 means that this setting will not be used and CacheFileUploadDelay will apply to all files.

CacheEnabledForReadDWORD

Whether file content should be cached locally when an application reads the file content from the virtual drive. The default value is 0 and the file is not cached locally until the first write is performed.

Note: Specifying a value of 1 means that files will be cached locally for read operations and write operations. If the remote files are very large this could significantly increase the amount of disk space used by the cache.

CacheMaxUploadRetriesDWORD

The maximum number of retries for the operation. This setting is applicable when data is uploaded from the local cache to the SFTP server. If an operation related to the upload fails it will be retried up until the maximum number of retries specified in this setting. The default value is 3.

CacheConcurrentUploadFilesMaxDWORD

The maximum number of files being uploaded simultaneously. The default value is 8 meaning up to 8 files may be uploaded concurrently. Note that each file may use multiple connections to the server, see CacheConcurrentUploadThreadsPerFile for details.

CacheConcurrentUploadThreadsPerFileDWORD

The maximum number of parallel upload operations per file. If the file is a large file (greater than 5 MB) it will be uploaded using multiple threads to increase performance. This setting controls how many threads can be used to upload individual parts of the file. The default value is 8.

CacheConcurrentDownloadFilesMaxDWORD

The maximum number of files being downloaded simultaneously. The default value is 8 meaning up to 8 files may be downloaded concurrently. Note that each file may use multiple connections to the server, see CacheConcurrentDownloadThreadsPerFile for details.

Note: This setting is only applicable if CacheEnabledForRead is set to true

CacheConcurrentDownloadThreadsPerFileDWORD

The maximum number of parallel download operations per file. This setting controls how many threads can be used to download individual parts of the file. The default value is 8.

Note: This setting is only applicable if CacheEnabledForRead is set to true

CacheFileDeleteDelayDWORD

The number of seconds to wait before deleting an unused file from the cache.

After the specified number of seconds have passed if no further activity has taken place on the file it will be deleted from the cache. The default value is 5 seconds.
CachePreDownloadSmallFileCountDWORD

The number of small files to pre-download. The application will pre-download small files before they have been requested in order to speed up future requests.

For instance, if a read request is made for a.txt the application will download b.txt so that when a request is made for b.txt it can be returned quickly. The default value is 4.

Files are considered small if they are smaller in size than CachePreDownloadSmallFileSizeLimit. Files which match the criteria are downloaded alphabetically.

CachePreDownloadSmallFileSizeLimitDWORD

The maximum size of a file (in bytes) to be considered for pre-downloading.

This setting works in conjunction with CachePreDownloadSmallFileCount. The default value is 1048576 (1MB)
AuthTypeDWORDDetermines the type of authentication used to connect to the server:
  • 0 - Password
  • 1 - Public key
  • 2 - Keyboard-interactive
  • 3 - Multi-factor
  • 4 - Public key (Pageant)
  • 5 - Public key (Security Key)
  • 6 - Password + OTP (One Time Password)
CertStoreStringThe name of the certificate store for the client certificate
CertStoreTypeDWORDThe type of certificate store for this certificate
  • 0 - User
  • 1 - Machine
  • 2 - PFX File
  • 3 - PFX Blob
  • 4 - JKS File
  • 5 - JKS File
  • 6 - PEM Key File
  • 7 - PEM Key File
  • 8 - Public Key File
  • 9 - Public Key File
  • 10 - SSH Public Key Blob
  • 11 - P7B File
  • 12 - P7B Blob
  • 13 - SSH Public Key File
  • 14 - PPK File
  • 15 - PPK Blob
  • 16 - XML File
  • 17 - XML Blob
  • 18 - JWK File
  • 19 - JWK Blob
  • 20 - Security Key
CertStorePasswordStringIf the certificate store is of a type that requires a password, this registry setting is used to specify that password in order to open the certificate store.
CertSubjectStringThe subject of the certificate used for client authentication. The certificate subject is a comma separated list of distinguished name properties and values. For instance "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com".
ForceRenameDWORD

Determines whether or not to forcefully rename a file if the destination file already exists. By default, renaming a file will fail if the destination file already exists.

If enabled and the destination file already exists, the destination file will be renamed to have a temporary extension as a backup. The original file will be renamed to the destination file and the temporary file will be deleted. If the rename operation fails for any reason the temporary file is renamed back to the destination file so effectively no changes occur when the rename fails.

  • 0 - Disabled (default)
  • 1 - Enabled

HostStringContains the remote host that SFTP Drive will connect to.
PasswordStringContains the password for the SFTP server.
PortDWORDContains the port on the remote host that SFTP Drive will connect to.
QueryAvailableSpaceDWORDWhether to query the remote server for available space when connecting. Possible values are:
  • 0 - Disabled
  • 1 - Enabled (default)
RemoteRootTypeDWORDDetermines how the drive decides what folder to use as the root of the drive.
  • 0 - Server Root (/)
  • 1 - User's home folder (/home)
  • 2 - Specified folder (use RemoteRoot)
SecurityKeyAccountStringAn opaque token holding information about the certificate selected from the security key. This value is created by the application and should not be set manually.
SecurityKeyNameStringA friendly name of the chosen key. This is populated after selecting a key. For instance "PIV AUTH pubkey"
SecurityKeyPINStringThe encrypted PIN of the security key.
SecurityKeyPKCS11LibPathStringThe path to the library which implements the PKCS11 interface. This may be provided by the security key vendor, or may be an alternative implementation like OpenSC. For instance "C:\Program Files\OpenSC Project\OpenSC\pkcs11\onepin-opensc-pkcs11.dll"
SecurityKeySavePINDWORDWhether to save the PIN. If saved, the PIN is encrypted.
SignedSSHCertString

The CA signed client public key used when authenticating. When authenticating via public key authentication this setting may be set to the CA signed client's public key. This is useful when the server has been configured to trust client keys signed by a particular CA. For instance:

SignedSSHCert=ssh-rsa-cert-v01@openssh.com AAAAB3NzaC1yc2EAAAADAQABAAAB...")

The algorithm such as ssh-rsa-cert-v01@openssh.com in the above string is used as part of the authentication process. To use a different algorithm simply change this value. For instance all of the following are acceptable with the same signed public key:

  • ssh-rsa-cert-v01@openssh.com AAAAB3NzaC1yc2EAAAADAQABAAAB...
  • rsa-sha2-256-cert-v01@openssh.com AAAAB3NzaC1yc2EAAAADAQABAAAB...
  • rsa-sha2-512-cert-v01@openssh.com AAAAB3NzaC1yc2EAAAADAQABAAAB...

UseIPv6DWORDControls which IP version is used for the connection. These are the valid options:
  • 0 - Use IPv4 (default)
  • 1 - Use IPv6
  • 2 - Try IPv6, but fallback to IPv4 on failure.
UsernameStringContains the username for the SFTP server.

Copyright (c) 2022 /n software inc. - All rights reserved.
SFTP Drive V3 - Version 3.0 [Build 8318]