Question
Tim Miller · Sep 5, 2019

Setting up sFTP operations

So we are in the midst of setting up a bunch of sFTP operations where we will have Ensemble send files to our various customers.

My questions about the set up are these:

1) For a simple test, I set up an Operation using EnsLib.FTP.PassthroughOperation.  Is this the one I should be using?

2) if the receiving system has a username and password, then all I have to do is put that username and password into a Credential and assign that credential to my operation correct?

3) if the receiving system's directory is just the root directory, do I need to put anything in File Path?

4) Since this is an sFTP, I set the port to 22.  My question is, since this is an sFTP, do I also need to set up an SSL Configuration?  If so, what needs to be in it?

I am asking these because I was unable to connect to the site via Ensemble.  However, if I went into Linux and did the sFTP operation, everything worked.

Just trying to figure out what I did wrong on the Ensemble operation set up.

Thanks,

Tim

 

00
5 1 5 696
Log in or sign up to continue

1. Sure, this will work find for just passing a file through to the target system.

2. Yes. You can use public/private key authentication as well.

3. Do you really want to put the files into the root directory? Normally, a FTP/SFTP server will default to the "home" directory for the account your operation logs in under. If you don't specify a path, that's where the data you're transferring will end up. If the account has its home directory set to the root directory and has permission to write there, your files will end up there.

4. You'll need to set the SSL configuration to the special value "!SFTP". There's no profile for it; it's just an indicator for the operation that you'll be using the SFTP protocol.

Hi Jeffrey

I have the problem that when trying to connect to the SFTP server the error appears, the user and password are wrong. However, these are correctly stored under login data and I entered! SFTP in SSL Config. The connection works wonderfully with Filezilla. Anyone else has a tip for me?

greeting
Markus

In the latest versions of HealthConnect/IRIS for Health, sftp is now a specific protocol that can be selected from a drop-down list in the Connection Settings section. And if you are on one of the latest versions, make sure you're selecting the correct Credentials field as there are two: Credentials in the Basic Settings section, and SFTP Passphrase Credentials in the SFTP section. The former is where you want your logon user ID and password credentials selected; the latter is specifically for the passphrase used to unlock the private key when using public/private key authentication. It does nothing for SFTP password-based authentication.

Hi Jeffrey, Thank you for your answer. I only have login information for the basic settings. I have also saved this in the basic settings. I don't have SFTP passphrase credentials. I only entered! SFTP in the SSL configuration (no profile created) because I understood it to be only an indicator. But unfortunately I always get this error when connecting: ERROR <Ens> ErrFailureTimeout: FailureTimeout of 15 seconds was exceeded in EnsLib.FTP.PassthroughOperation; last attempt had the status ERROR <Ens> ErrOutConnectFailed: SFTP connection was established for (externIP: 22 / profil_FTP_User / SSL = '! SFTP' / PubKey = '' / PrivKey = '' with the error ERROR # 7500: SSH error '- 2146430958 ': SSH Error [80101012]: Authentication failed (username / password) [80101012] at Session.cpp: 284.0 aborted  

Do you have a space character between the ! and SFTP in your service settings? You shouldn't ... I'm not sure that's related to the problem you're having but that's the first thing I would fix.

Can you establish a connection to the target system from the HealthConnect server itself, using the command-line sftp utility? I believe you mentioned FileZilla in another post, but it wasn't clear that you were attempting to connect from your own desktop or the HealthConnect server itself (which I suppose could be the same thing for a local, personal installation).

Finally, to be clear, you've created a Credentials entry in Ensemble (Interoperability in most recent versions) | Configure | Credentials, called something other than !SFTP, that contains the user ID and password for the remote system? And you've specified that entry name in the Credentials field? You mention "login information in Basic Settings" which I would assume means credentials, but I just want to make sure ...