Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DEV and version r0712

...

  1. D s config
  2. Locate the following parameters and set their values according to the table below:

    Code Block
    "fileStorage.whitelist": ["sftp"],
    "fileStorage.defaultBaseUris": ["sftp:///"],
    ParameterDescription
    filestorage.whitelist

    A comma-separated list of protocols that are permitted to access SFTP.

    Info

    NOTE: The protocol identifier "sftp" must be included in this list.

    filestorage.defaultBaseUris

    For each supported protocol, this param must contain a top-level path to the location where

    D s platform
    files can be stored. These files include uploads, samples, and temporary storage used during job execution.

    Info

    NOTE: A separate base URI is required for each supported protocol. You may only have one base URI for each protocol.

    Info

    NOTE: For SFTP, three slashes at the end are required, as the third one is the end of the path value. This value is used as the base URI for all SFTP connections created in

    D s product
    .

    Example:

    Code Block
    sftp:////

    The above example is the most common example, as it is used as the base URI for all SFTP connections that you create. If you add a server value to the above URI, you limit all SFTP connections that you create to that specified server.

  3. Save your changes and restart the platform.

Enforce authentication methods

By default, the 

D s webapp
 enables use of two different authentication mechanisms:

  • Basic - use a password to access the SFTP server
  • SSHKey - use a public SSHKey and password to access the SFTP server

Along with basic and SSH key, the SFTP servers in your environment may be configured with other authentication methods, and those methods sometimes take precedence. As a result, when using default authentication methods, SFTP connections from the 

D s platform
 can fail to connect to the SFTP server.

To eliminate these issues, you can configure the 

D s webapp
 to enforce usage of one of the following authentication schemes. These schemes are passed to the SFTP server during connection time, which forces the server to use the appropriate method of authentication. When the following parameter is specified, SFTP connections can be configured using the listed methods and should work for connecting to the server. 

Info

NOTE: Enforcement applies to connections created via the APIs as well. After configuration, please be sure to use one of the enforced authentication methods when configuring your SFTP connections through the application or the APIs.

Steps:

  1. D s config
    methodt
  2. Locate the following parameter in the configuration file:

    Code Block
    "batchserver.workers.filewriter.hadoopConfig.sftp.PreferredAuthentications"
  3. Set the parameter value according to the following:

    Preferred authentication methodParameter valueDescription
    Basic"password"

    Basic password authentication method is used to connect to the SFTP server.

    Info

    NOTE: You must configure your SFTP server connection in the platform to use the Basic method.

    SSHKey"publickey"

    SSH Key authentication method is used.

    Info

    NOTE: You must configure your SFTP server connection in the platform to use the SSHKey method.

    both"publickey,password"Both methods of authentication are supported.
  4. Save your changes and restart the platform.

Java VFS service

Use of SFTP connections requires the Java VFS service in the 

D s platform
.

...