SFTPServer Class
Properties Methods Events Configuration Settings Errors
The SFTPServer class provides server-side functionality for SFTP connections.
Syntax
SecureBlackboxSFTPServer
SecureBlackboxSFTPServerSwift
Remarks
TElSFTPServer is an implementation for SSH File Transfer Protocol server. It works over a secure SSH channel, and should not be confused with the FTP/FTPS protocol.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
| - active | Specifies whether the SFTP server has started and ready to accept connections. |
| - authTypes | Defines allowed authentication types. |
| - baseDir | Specifies the server's base (root) directory. |
| - clientFileEntryATime | Contains the last access time for this file, in UTC. |
| - clientFileEntryCTime | Contains this file's creation time, in UTC. |
| - clientFileEntryDirectory | Specifies whether this entry is a directory. |
| - clientFileEntryFileType | Specifies the type of this entry, one of the following: cftFile 0 cftDirectory 1 cftSymblink 2 cftSpecial 3 cftUnknown 4 cftSocket 5 cftCharDevice 6 cftBlockDevice 7 cftFIFO 8 . |
| - clientFileEntryGroupExecute | Controls file execution permission for the group users. |
| - clientFileEntryGroupRead | Controls file read permission for the group users. |
| - clientFileEntryGroupWrite | Controls file write permission for the group users. |
| - clientFileEntryHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| - clientFileEntryLongName | Contains the long name of the file (human-readable, ftp-like). |
| - clientFileEntryMTime | Specifies the last modification time, in UTC. |
| - clientFileEntryName | Specifies the file name. |
| - clientFileEntryOtherExecute | Controls file execution permission for other users (users that are neither owners, nor belong to the same group). |
| - clientFileEntryOtherRead | Controls file read permission for other users (users that are neither owners, nor belong to the same group). |
| - clientFileEntryOtherWrite | Controls file write permission for other users (users that are neither owners, nor belong to the same group). |
| - clientFileEntryOwner | Specifies the owner of the file/directory. |
| - clientFileEntryPath | Contains the full path to the file. |
| - clientFileEntrySize | The size of the file in bytes. |
| - clientFileEntryUserExecute | Controls file execution permission for the file owner. |
| - clientFileEntryUserRead | Controls file read permission for the file owner. |
| - clientFileEntryUserWrite | Controls file write permission for the file owner. |
| - compressionLevel | Specifies the preferable compression level. |
| - externalCryptoCustomParams | Custom parameters to be passed to the signing service (uninterpreted). |
| - externalCryptoData | Additional data to be included in the async state and mirrored back by the requestor. |
| - externalCryptoExternalHashCalculation | Specifies whether the message hash is to be calculated at the external endpoint. |
| - externalCryptoHashAlgorithm | Specifies the request's signature hash algorithm. |
| - externalCryptoKeyID | The ID of the pre-shared key used for DC request authentication. |
| - externalCryptoKeySecret | The pre-shared key used for DC request authentication. |
| - externalCryptoMethod | Specifies the asynchronous signing method. |
| - externalCryptoMode | Specifies the external cryptography mode. |
| - externalCryptoPublicKeyAlgorithm | Provide public key algorithm here if the certificate is not available on the pre-signing stage. |
| - forceCompression | This property specifies whether server explicitly requires data compression. |
| - host | Specifies server's host name. |
| - keyFingerprintSHA1 | Contains the SHA-1 fingerprint (hash) of the key. |
| - keyFingerprintSHA256 | Contains the SHA-256 fingerprint (hash) of the key. |
| - keyHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| - maxSFTPVersion | Maximum SFTP version supported. |
| - minSFTPVersion | Minimum SFTP version supported. |
| - pinnedClientAddress | The client's IP address. |
| - pinnedClientClientKeyAlgorithm | Specifies the client's key algorithm. |
| - pinnedClientClientKeyBits | Specifies the length of the client's key. |
| - pinnedClientClientKeyFingerprint | The fingerprint (hash value) of the client's public key. |
| - pinnedClientClientSoftwareName | Returns the name of the SSH software running on the client side. |
| - pinnedClientCloseReason | Contains the line sent by the client just before closing the connection. |
| - pinnedClientCompressionAlgorithmInbound | Compression algorithm for the incoming traffic. |
| - pinnedClientCompressionAlgorithmOutbound | Compression algorithm for the outgoing traffic. |
| - pinnedClientEncryptionAlgorithmInbound | Encryption algorithm for the incoming traffic. |
| - pinnedClientEncryptionAlgorithmOutbound | Encryption algorithm for the outgoing traffic. |
| - pinnedClientID | The client connection's unique identifier. |
| - pinnedClientInboundEncryptionKeyBits | Specifies the length of the key used to encrypt the incoming traffic. |
| - pinnedClientKexAlgorithm | The key exchange algorithm used during the SSH handshake. |
| - pinnedClientKexBits | The number of bits used by the key exchange algorithm. |
| - pinnedClientKexLines | The contents of the received KexInit packet. |
| - pinnedClientMacAlgorithmInbound | MAC algorithm used for the incoming connection. |
| - pinnedClientMacAlgorithmOutbound | MAC algorithm used for outbound connection. |
| - pinnedClientOutboundEncryptionKeyBits | Specifies the length of the key used to encrypt the outgoing traffic. |
| - pinnedClientPort | The remote port of the client connection. |
| - pinnedClientPublicKeyAlgorithm | Specifies the public key algorithm which was used during the SSH handshake. |
| - pinnedClientServerKeyBits | Specifies the number of bits in the server's key. |
| - pinnedClientServerKeyFingerprint | The fingerprint (hash value) of the server's public key. |
| - pinnedClientTotalBytesReceived | Returns the total number of bytes received over this connection. |
| - pinnedClientTotalBytesSent | Returns the total number of bytes sent over this connection. |
| - pinnedClientVersion | Specifies SSH protocol version. |
| - port | Specifies the listening port number. |
| - readOnly | Specifies whether files on the server are read-only. |
| - serverKeyCount | The number of records in the ServerKey arrays. |
| - serverKeyAlgorithm:(int)serverKeyIndex | Specifies the key algorithm. |
| - serverKeyBits:(int)serverKeyIndex | The number of bits in the key: the more the better, 2048 or 4096 are typical values. |
| - serverKeyFingerprintMD5:(int)serverKeyIndex | Contains the MD5 fingerprint (hash) of the key. |
| - serverKeyFingerprintSHA1:(int)serverKeyIndex | Contains the SHA-1 fingerprint (hash) of the key. |
| - serverKeyHandle:(int)serverKeyIndex | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| - socketIncomingSpeedLimit | The maximum number of bytes to read from the socket, per second. |
| - socketLocalAddress | The local network interface to bind the socket to. |
| - socketLocalPort | The local port number to bind the socket to. |
| - socketOutgoingSpeedLimit | The maximum number of bytes to write to the socket, per second. |
| - socketTimeout | The maximum period of waiting, in milliseconds, after which the socket operation is considered unsuccessful. |
| - socketUseIPv6 | Enables or disables IP protocol version 6. |
| - SSHSettingsAutoAdjustCiphers | Whether the SSH client should adjust its list of supported ciphers 'on-the-fly' for greater compatibility with the server it is connecting to. |
| - SSHSettingsBaseConfiguration | Allows to choose base configuration of SSH settings, tuned up for different purposes such as high security or higher compatibility. |
| - SSHSettingsCompressionAlgorithms | A list of session compression algorithms separated with commas or semicolons. |
| - SSHSettingsCompressionLevel | Possible values for the Compression Level range from 0 (minimum compression) to 9 (maximum compression). |
| - SSHSettingsDefaultWindowSize | The SSH window size specifies how many bytes the client can send to the server in the command channel without obtaining pre-authorization for the further send from the server. |
| - SSHSettingsEncryptionAlgorithms | A list of session encryption algorithms separated with commas or semicolons. |
| - SSHSettingsForceCompression | Whether the SSH client should explicitly request compression. |
| - SSHSettingsGSSAuthTypes | A comma-separated list of authentication types. |
| - SSHSettingsGSSDelegateCreds | Switches credential delegation on or off. |
| - SSHSettingsGSSHostname | The GSS host name, in form of a FQDN (e. |
| - SSHSettingsGSSLib | A path to the GSS-API library (DLL or SO). |
| - SSHSettingsGSSMechanisms | A comma-separated list of GSS mechanisms to use. |
| - SSHSettingsGSSProtocols | A comma-separated list of SSPI protocols. |
| - SSHSettingsHandshakeTimeout | Specifies the maximal time for the SSH handshake to proceed, in seconds. |
| - SSHSettingsKexAlgorithms | A list of key exchange algorithms separated with commas or semicolons. |
| - SSHSettingsMacAlgorithms | A list of MAC (for message authentication code ) algorithms separated with commas or semicolons. |
| - SSHSettingsMaxSSHPacketSize | Specifies the maximum length of one SSH packet in bytes. |
| - SSHSettingsMinWindowSize | Specifies the minimal internal window size. |
| - SSHSettingsObfuscateHandshake | Enables or disables handshake obfuscation. |
| - SSHSettingsObfuscationPassword | Specifies the password used to encrypt the handshake when ObfuscateHandshake is set. |
| - SSHSettingsPublicKeyAlgorithms | A list of public key algorithms separated with commas or semicolons. |
| - SSHSettingsRequestPasswordChange | Whether to request a password change when connecting. |
| - SSHSettingsSoftwareName | The name to be used by the class to identify itself. |
| - SSHSettingsTrustAllKeys | Enables or disables explicit trust to all server keys. |
| - SSHSettingsUseAuthAgent | Enables or disables the use of external key agent, such as Putty key agent. |
| - SSHSettingsVersions | Specifies enabled SSH protocol versions (1 or 2). |
| - userCount | The number of records in the User arrays. |
| - userAssociatedData:(int)userIndex | Contains the user's Associated Data when SSH AEAD (Authenticated Encryption with Associated Data) algorithm is used. |
| - userBasePath:(int)userIndex | Base path for this user in the server's file system. |
| - userCert:(int)userIndex | Contains the user's certificate. |
| - userData:(int)userIndex | Contains uninterpreted user-defined data that should be associated with the user account, such as comments or custom settings. |
| - userHandle:(int)userIndex | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| - userHashAlgorithm:(int)userIndex | Specifies the hash algorithm used to generate TOTP (Time-based One-Time Passwords) passwords for this user. |
| - userIncomingSpeedLimit:(int)userIndex | Specifies the incoming speed limit for this user. |
| - userOtpAlgorithm:(int)userIndex | The algorithm used to generate one-time passwords (OTP) for this user, either HOTP (Hash-based OTP) or TOTP (Time-based OTP). |
| - userOtpValue:(int)userIndex | The user's time interval (TOTP) or Counter (HOTP). |
| - userOutgoingSpeedLimit:(int)userIndex | Specifies the outgoing speed limit for this user. |
| - userPassword:(int)userIndex | The user's authentication password. |
| - userPasswordLen:(int)userIndex | Specifies the length of the user's OTP password. |
| - userSharedSecret:(int)userIndex | Contains the user's secret key, which is essentially a shared secret between the client and server. |
| - userSSHKey:(int)userIndex | Contains the user's SSH key. |
| - userUsername:(int)userIndex | The registered name (login) of the user. |
| - useUTF8 | Specifies whether UTF8 conversion is to be used when parsing file names. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
| - config | Sets or retrieves a configuration setting. |
| - dropClient | Terminates a client connection. |
| - getClientBuffer | Acquires a piece of operation data. |
| - getClientFileEntry | Acquires file entry details from the class. |
| - listClients | Enumerates the connected clients. |
| - pinClient | Takes a snapshot of the connection's properties. |
| - setClientBuffer | Commits a data buffer to the server class. |
| - setClientFileEntry | Commits the file entry details to the class. |
| - start | Starts SFTP server operation. |
| - stop | Stops SFTP server. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
| - onAccept | This event is fired when new incoming connection is accepted. |
| - onAfterCreateDirectory | This event indicates completion of directory creation request. |
| - onAfterRemove | This event indicates completion of file removal request. |
| - onAfterRenameFile | This event indicates completion of a file rename operation. |
| - onAfterRequestAttributes | This event indicates completion of file attributes request. |
| - onAfterSetAttributes | This event indicates completion of a set attributes request. |
| - onAuthAttempt | Reports a user authentication attempt. |
| - onAuthFailed | Reports user authentication failure. |
| - onAuthPassword | This event is fired on password authentication attempt from a client. |
| - onAuthPublicKey | This event is fired on public key authentication attempt from a client. |
| - onAuthSucceeded | Reports a successful user authentication. |
| - onBeforeCreateDirectory | This event is fired when a client requests to create a directory. |
| - onBeforeDownloadFile | This event is fired when a download file request is received. |
| - onBeforeFind | This event is fired when a client requests to find files and folders in Path. |
| - onBeforeRemove | This event is fired when a client requests to delete a file or directory. |
| - onBeforeRenameFile | This event is fired when a client requests to rename a file. |
| - onBeforeRequestAttributes | This event is fired when a client requests to get file attributes. |
| - onBeforeSetAttributes | This event is fired when a client requests to set file attributes. |
| - onBeforeUploadFile | This event is fired when an upload file request is received. |
| - onCloseFile | This event instructs the application to close an opened file. |
| - onConnect | This event is fired when a remote connection has been established. |
| - onCreateDirectory | This event instructs the application to create a directory. |
| - onDisconnect | This event is fired when a client has disconnected. |
| - onError | Information about errors during data delivery. |
| - onExternalSign | Handles remote or external signing initiated by the server protocol. |
| - onFindClose | This event signifies the completion of a custom file listing operation. |
| - onFindFirst | This event signifies the start of the custom file listing retrieval mechanism. |
| - onFindNext | This event retrieves the next entry of a custom file listing. |
| - onNotification | This event notifies the application about an underlying control flow event. |
| - onOpenFile | This event instructs the application to handle the file open request. |
| - onReadFile | This event is fired when a file read request is received. |
| - onRemove | This event is fired when a client requests to delete a file or directory. |
| - onRenameFile | This event is fired when a client requests to rename a file. |
| - onRequestAttributes | This event is fired when a get file attributes request is received. |
| - onSessionClosed | Reports session closure. |
| - onSessionEstablished | This event is fired when a new session is established. |
| - onSetAttributes | This event is fired when an set file attributes request is received. |
| - onWriteFile | This event is fired when a file write request is received. |
Configuration Settings
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
| AuthMode | Controls dual/multi-type authentication mode. |
| CustomDHGroupIndex | Sets a specific Diffie-Hellman group index to enforce. |
| DualStack | Allows the use of ip4 and ip6 simultaneously. |
| MaxDHGroupSize | Sets the maximal Diffie-Hellman group size. |
| MinDHGroupSize | Sets the minimal Diffie-Hellman group size. |
| NotifyOnFileOperations | Enables low-level file operation notifications. |
| CheckKeyIntegrityBeforeUse | Enables or disable private key integrity check before use. |
| CookieCaching | Specifies whether a cookie cache should be used for HTTP(S) transports. |
| Cookies | Gets or sets local cookies for the class (supported for HTTPClient, RESTClient and SOAPClient only). |
| DefDeriveKeyIterations | Specifies the default key derivation algorithm iteration count. |
| EnableClientSideSSLFFDHE | Enables or disables finite field DHE key exchange support in TLS clients. |
| GlobalCookies | Gets or sets global cookies for all the HTTP transports. |
| HttpUserAgent | Specifies the user agent name to be used by all HTTP clients. |
| LogDestination | Specifies the debug log destination. |
| LogDetails | Specifies the debug log details to dump. |
| LogFile | Specifies the debug log filename. |
| LogFilters | Specifies the debug log filters. |
| LogFlushMode | Specifies the log flush mode. |
| LogLevel | Specifies the debug log level. |
| LogMaxEventCount | Specifies the maximum number of events to cache before further action is taken. |
| LogRotationMode | Specifies the log rotation mode. |
| MaxASN1BufferLength | Specifies the maximal allowed length for ASN.1 primitive tag data. |
| MaxASN1TreeDepth | Specifies the maximal depth for processed ASN.1 trees. |
| OCSPHashAlgorithm | Specifies the hash algorithm to be used to identify certificates in OCSP requests. |
| UseOwnDNSResolver | Specifies whether the client classes should use own DNS resolver. |
| UseSharedSystemStorages | Specifies whether the validation engine should use a global per-process copy of the system certificate stores. |
| UseSystemOAEPAndPSS | Enforces or disables the use of system-driven RSA OAEP and PSS computations. |
| UseSystemRandom | Enables or disables the use of the OS PRNG. |