|
Setting
|
Description
|
| SFTP enabled |
If checked, the SFTP protocol is enabled. If not checked, the SFTP protocol will not be supported by the server. |
| SCP enabled (not available in Standard Edition) |
If checked, the SCP protocol is enabled. If not checked, the SCP protocol will not be supported by the server. |
| SSH terminal access enabled (not available in Standard Edition) |
If checked, users may (if permitted) log into the server using an SSH terminal. If not checked, SSH terminal access will not be supported by the server. |
| Advanced SFTP/SCP/SSH Settings |
| Port for SFTP/SCP/SSH |
Port that is used for SFTP, SCP and SSH. The standard port number is port 22. All of these protocols use the same port number. |
| Listening IP addresses |
Lists the IP addresses to listen on for these protocols. All network interfaces can be selected, or individual interfaces selected. |
| Authentication methods |
Methods of user-authentication that the server accepts. Available methods are:
- Password - only a password is required. A password must be set for
each user using the Users view.
- PublicKey - public key cryptography is used to authenticate the user.
For every user the server must have a public key that matches the client's
private key. Note that this method of authentication does not work for Windows
users, since a password is required by Windows to log the user in. Thus
Password or PublicKeyAndPassword should be enabled if Windows
users are to be allowed to connect.
- PublicKeyAndPassword - both password and public-key authentication
is used.
|
| RSA key |
The RSA server key - the private key that the server uses to identify itself. The server normally has a DSA and an RSA key set.
This can be imported, exported or generated via the menu that appears when selecting the elipses (...) in the text box displaying the key's details.
Note that generation of a new server key can take up to 30 seconds. The private key can only be imported or exported if the CompleteFTP manager is
running on the server that the CompleteFTP service is running on.
|
| DSA key |
The DSA server key - the private key that the server uses to identify itself. The server normally has a DSA and an RSA key set.
This can be imported, exported or generated via the menu that appears when selecting the elipses (...) in the text box displaying the key's details.
Note that generation of a new server key can take up to 30 seconds. The private key can only be imported or exported if the CompleteFTP manager is
running on the server that the CompleteFTP service is running on.
|
| Algorithms |
| Available key exchange methods |
Controls what key exchange methods are supported by the server. It is rare that the defaults should be changed. It is possible that an administrator may want to disable weaker key exchange methods.
|
| Available ciphers |
Controls what ciphers are available to SSH for encrypting data. The default setting of All should generally be used unless some ciphers are required to be disabled.
|
| Available ciphers |
Controls what ciphers are available to SSH for encrypting data. The default setting of All should generally be used unless some ciphers are required to be disabled.
|
| Compression algorithms |
Permits the compression algorithms used in SSH to be selected. For example, if zlib compression is to be forced, then 'None' would need to be unselected.
|
| MAC algorithms |
Permits the MAC algorithms used in SSH to be selected. The default setting of All should generally be used unless some MACs are required to be disabled.
|
| Public key algorithms |
Controls what public key algorithms are supported by the server. For example, RSA public keys can be forced by disabling DSA.
|
