This document provides information about a step-by-step guide on how to perform file transfer using SFTP in remote Terminal Proxy sessions.
Some SSH tools, such as MobeXterm, automatically set an SFTP connection to transfer files after logging in with SSH. These SFTP connections won’t work, as the Segura® proxy treats them separately.
Requirements
- Terminal Proxy type credential active.
- Start a connection via Multihop Terminal Proxy.
To transfer files directly to a destination server using SFTP, you must use the Multihop connection because binaries traveling under SFTP have no way to interact with the intermediate terminal.
Transfer via SFTP on the terminal
Due to limitations of the protocol the user can’t use a personal credential to perform the file transfer. Only with a credential registered in Segura® will be possible to perform the transfer.
Also, it won’t be possible to record the session, but it’s still possible to enable logging with a report of transferred files. To learn how to enable this log, access the File transfer document.
To start, follow the steps and replace the strings with the values described in the table below.
| String | Description |
|---|---|
segura_user |
User of the Segura® vault. |
segura_vault |
Hostname or IP address of the Segura® vault. |
credential |
Credential user you want to use for access. |
target_device |
Hostname or IP address of the device you want to access. |
mfa_token |
Code generated by MFA Token. |
file_name |
Name of the file to be transferred. |
- Open the command prompt application of your preference.
- Type
sftp segura_user[credential@target_device]@segura_vaultAttentionIf the use of the OTP token is registered, it must be entered as the example:
sftp segura_user[credential@target_device]token@segura_vault.
- Type
- Use the commands below to:
- Perform the file upload, type:
put [file_name]- Press the Enter key to start.
- When the file is complete, a
<file_name> 100%message will be displayed.
- Perform the file download, type:
get [file_name]- Press the Enter key to start.
- When the file is complete, a
<file_name> 100%message will be displayed.
- Perform the file upload, type:
- When finished, type:
exit
After completion, the files will be saved. When performing an upload it’ll be saved on the target machine and when downloading it’ll be saved on the user's machine. For the files to be saved within the Segura® shell, it’s necessary to perform the sftp without the use of Multihop.
Via WinSCP application
- Open the WinSCP application on your machine.
- On the Login screen fill in the fields in Session section.
- File protocol: select SFTP.
- Host name: type the hostname or IP address of the Segura® vault.
- Port number: type 22.
- User name: type
sftp segura_user[credential@target_device]@segura_vault - Password: enter your Segura® access password
- Click Login.
After these steps, the connection will be ready for use, follow the tool's instructions to transfer the files.
With the use of OTP token
For the connection using an OTP token, when the Trust this computer parameter is enabled, it’s necessary to provide the answer in the connection code line.
Both uppercase and lowercase letters (Y/y) (N/n) are recognized for the parameter's response.
- Trust this computer enabled and positive response (the computer will be trusted for the configured number of hours):
sftp senhasegura_user[credential@target_device]mfa_tokenY@senhasegura_vault - Trust this computer enabled and negative response (it will be necessary to inform the token again in the next connection): `sftp senhasegura_user[credential@target_device]mfa_tokenN@senhasegura_vault``
If the Trust this computer parameter is disabled, it isn’t necessary to use Y/y or N/n in the connection line: sftp senhasegura_user[credential@target_device]mfa_token@senhasegura_vault
The Segura® Terminal Proxy also offers another type of file transfer via SCP. To find out how to perform this, access the How to transfer a file in Terminal Proxy sessions using SCP document.
Do you still have questions? Reach out to the Segura® Community.