1. Getting Started with SFTPPlus¶
This page assumes you have been through the Installation section of our Documentation and have successfully initialized the default configuration.
Three different types of accounts are available in SFTPPlus:
- Manager accounts - only for management operations
- OS accounts - only for file transfer operations
- Application accounts - only for file transfer operations
Accounts dedicated to file transfer operations have multiple Authentication Methods by which remote file transfer clients can be verified and given permission to perform file transfer operations.
Note that, by default, SFTPPlus will only allow operating system accounts from the example-group1 or example-group2 OS groups. You will need to update the configuration to match your target group or groups.
If you have installed the software correctly, and the software is running, then you should be able to log in to the Local Manager as the default administrator. The software is shipped with a default account called admin, with a default password of pass.
Navigate to https://127.0.0.1:10020, enter those credentials, and you will see the local manager’s status screen similar to that below.
Once you have logged in and can access the Local Manager, you can begin the process of customizing your instance.
To change the default admin credentials, go to the Administrators section.
Select the account and edit both the username and password. Ensure to apply all changes.
To create a new administrator account, select Add administrator and configure its username and password. Ensure that this account is enabled and that the default admin account is disabled as shown in the screenshot below:
For security purposes, the default configuration has no accounts enabled for file transfer services. You can enable the sample accounts or create your own accounts.
Once you have enabled an account and the software is running with default configuration, you can try both server-side and client-side basic functionality.
You can access the HTTP Service at http://127.0.0.1:10080 using your browser or the SFTP Service at 127.0.0.1:10022 using a SFTP client such as FileZilla or WinSCP to test the server and transfer a file.
Other Server side services are available as well.
The Local Manager has a default administrator account with username admin and password pass. This account will be authenticated for logging in to the Local Manager itself, but it will not be authenticated for file transfers. As a safety measure, ensure that the default admin credentials for this account have been changed.
The default configuration provides set of authentications one of which is named deny-admin-accounts. This can be re-configured or deleted entirely based on your use case.
As a safety feature, the software ships such that one can only log in to the Local Manager locally. This can be re-configured such that you can log in remotely. For example, in the following INSTALL_ROOT/configuration/server.ini file segment, the Local Manager’s listening address is set to 203.0.113.13 and the default port of 10020:
[services/DEFAULT-MANAGER] enabled = Yes name = local-manager type = manager description = Service used for managing the server configuration. address = 203.0.113.13 port = 10020
Depending on your architecture, this could change the service to make the default administrative account accessible over the Internet. Care must be taken to ensure that the default administrative account is altered or deleted.
To prevent creating huge log files, the default configuration creates a log file which is automatically rotated at the end of the day.
To prevent data loss, the default configuration will not delete any rotated files. If no action is taken on installations experiencing high transfer volumes, this can lead to log files filling up available disk space.
For further details on changing the log configuration, please go to the Event Handlers section.
Please take the time to alter the log file configuration option to suit your needs.