FTP - Log on

Declaration

<AMFTPLOGIN SERVER="text" USERNAME="text" PASSWORD="text" PORT="number" LOGFILE="text" PASSIVEMODE="yes/no" PROXYTYPE="text [options]" PROXYSERVER="text" PROXYPORT="text" PROXYUSERNAME="text" PROXYPASSWORD="text" SESSION="text">

Related Topics   

Description

Starts a transaction with a File Transfer Protocol (FTP) server and creates a session for the current connection. Other FTP related actions can follow this step. This activity allows simultaneous FTP connections using the same username/password.

NOTE: Be sure to end FTP sessions with an FTP - Log Off step.

Practical Usage

Used to connect to an FTP server. Other FTP activities can be used to following this step.

Parameters

Connection

Property
Type
Required
Default
Markup
Description

Host

Text

Yes

(Empty)

  1. SERVER="ftp.netauto.com

  2. SERVER="123.456.789.012"

The FTP server to connect to. This can be an IP address (i.e. xxx.xxx.xxx.xxx) or a server and domain name (i.e. server.domain.com). This property is active only if Custom is selected under the Provide Credentials property.

Username

Text

Yes

(Empty)

USERNAME="Clark.Kent"

The username that should be used when logging on to the FTP Server. The Username should be pre-configured at the server level. This property is active only if Custom is selected under the Provide Credentials property.

Password

Text

Yes

(Empty)

PASSWORD="password"

The password that should be used when logging on to the FTP Server. When the step is created using the Task Builder it is written to the task encrypted. This property is active only if Custom is selected under the Provide Credentials property.

Use anonymous logon

Yes/No

 

No

 

No

 

ANONYMOUSLOGIN="YES"

 

If set to YES, the FTP server should be logged onto as an "Anonymous" user. The server must be configured to accept Anonymous connections. If set to YES, the Username/Password parameters are ignored. The default value is NO. This property is active only if Custom is selected under the Provide Credentials property.

Session

Text

Yes

FTPSession

SESSION="FTPSession2"

The session name that this activity should originate from. This allows several FTP activities to be linked to a specific session. Numerous sessions can be used within a single task. This property is active only if Session Based is selected under the Provide Credentials property.

Advanced

Property

Type

Required

Default

Markup

Description

Connection type

Options

Yes

FTP (Standard FTP)

  1. TYPE="standard"

  2. TYPE="ftps_implicit"

  3. TYPE="ftps_explicit"

  4. TYPE="sftp"

  5. TYPE="sftp_public_key""

The type of FTP connection that should be used. The available options are:

  • FTP (Standard FTP): Connect using standard FTP .

  • FTP with SSL (Implicit): Connect using FTPS (also known as FTP Secure or FTP-SSL). This connection type adds support for the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) cryptographic protocols. In Implicit mode, a client immediately sends the FTPS server a TLS/SSL "ClientHello" message. If such a message is not received by the FTPS server, the connection is dropped.

  • FTP with SSL (Explicit): Connect using FTPS (also known as FTP Secure or FTP-SSL). This connection type adds support for the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) cryptographic protocols. In Explicit mode, a client must "explicitly request" security from a FTPS server and then use a mutually agreed encryption method.

  • SFTP (Password): Connect using SFTP (also known as Secure FTP). SFTP uses SSH (Secure Shell) protocol to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing sensitive information from being transmitted in the clear over the network. In Password mode, a password is used to authenticate the SFTP connection.

  • SFTP (Public Key File): Connect using SFTP (also known as Secure FTP). SFTP uses SSH (Secure Shell) protocol to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing sensitive information from being transmitted in the clear over the network. For more details, see Public/Private Key Encryption below.

Port

Text

Yes

21

PORT="1000"

The port that should be used to connect to the FTP server. Most standard FTP servers operate on port 21 (the default port specified) however, this parameter can be customized in case the FTP server operates on other ports.

NOTE: Other default ports may be assigned depending on the server connection type selected.

FTP options

 

 

 

  1. FTPOPTIONS="ForceSilentCcc"

  2. FTPOPTIONS="ForceAvtiveCcc"

  3. FTPOPTIONS="UseLargeBuffers"

Specifies the advanced FTP option to apply during the transfer. The following lists all FTP options supported by AutoMate's  built-in FTP client:

  • None - Apply no FTP options (default).
  • DoNotSendSignals - Do not send abort signals when aborting download.
  • DoNotSendAbort - Do not send the ABOR command when aborting download.
  • KeepAliveDuringTransfer - Keeps connection alive during transfers by sending the NOOP command every 10 minutes.
  • ForceSilentCcc - This option is deprecated and should no longer be used.
  • SendDataAsynchronously - Sends the data being transferred asynchronously.
  • TimeoutAsynchronousMethod - Allows the Timeout property to support asynchronous transfers as well. By default, it only affects synchronous transfers.
  • DoNotDetectFeatures - Disables feature detection using FEAT and other commands.
  • IgnorePassiveModeAddress - Overrides an IP address announced by the server in response to PASV command with an IP used by the control connection
  • EnableMultipleBlockingCalls - Makes it possible to call multiple methods from different threads at once. The calls will block until the operation is completed.
  • PauseBeforeUploadClose - Performs a short pause before closing the encrypted upload connection when the transfer is finished. Used as a workaround for servers that are unable to correctly handle the last block data if it is followed by a TLS CloseNotify message in the same TCP block.
  • DisableInvalidPassiveModeAddressWorkaround - Disables a workaround for FTP servers that announce private range IP addresses even though a public IP was used to connect to them. By default, when such server is detected, an IP address announced by the server in response to PASV command used is overrode with an IP used by the control connection.
  • EnableControlConnectionFlushing - Enables reading and throwing out any unexpected incoming responses when sending an FTP command.
  • ConnectPassiveLater - Makes the passive mode transfer initialize the connection only after the LIST/NLST/RETR/STOR command has been sent.
  • ForceActiveCcc - Forces the CCC command behavior that was used by older FTP clients.
  • UseLargeBuffers - Uses larger receive buffer for incoming and outgoing data.
  • ReuseControlConnectionSession - Re-use control connection session ID for data connections.
  • ForceListHiddenFiles - Uses the "LIST -la" instead of "LIST" command to allow listing of hidden files.
  • DisableProgressPercentage - Disables progress percentage reporting.

FTP log file

Text

No

(Empty)

LOGFILE="c:\temp\error.log"

The location of a detailed FTP log file. This log file contains the exact text of the FTP session which can be useful in diagnosing particular errors or elusive problems.

Overwrite existing log file

Yes/No

No

Yes

OVERWRITELOG="NO"

If set to YES, specifies that the log file should be overwritten if the same file already exists.  If set to NO, the file will not be overwritten, however, an error will occur at runtime as a result. The default value is YES.

Timeout

Number

Yes

30 Seconds

TIMEOUT="60"

Indicates a connection time out to customize how long AutoMate will wait before aborting a connection attempt. If connection is not established within the time out value specified, it is automatically aborted. The default value is 30 seconds.

Upload buffer size

Number

Yes

65536 Bytes

UPLOADBUFFERSIZE="54443"

The upload buffer size value for files being uploaded. In some cases changing the upload buffer size can make a difference; particularly in transfers over high loss, high speed connections where latency plays an important role. The default value is 65536 bytes, which is the maximum buffer size.

Note: Setting the Upload Buffer Size value too high for slow connections might cause time-outs and the transfer speed calculation becomes inaccurate.

Passive mode (For Firewalls)

 

Yes/No

No

No

PASSIVEMODE="YES"

 

Determines how an FTP data connection is made. If set to YES, AutoMate issues the PASV command and the server tells AutoMate where to establish the data connection. AutoMate initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. If set to NO, the PORT method is used. AutoMate listens for a data connection which is established by the server and the PORT command tells the server where to connect to. AutoMate then connects to the server where the server indicated. This method is sometimes used with some proxy configurations. However, some proxy configurations require PORT transfers and some FTP servers do not support PASV transfers.

This option is available only if the FTP (Standard FTP), FTP with SSL (Implicit) or FTP with SSL (Explicit) option is selected from the Server Connection Type parameter.

Encrypt data channel

Yes/No

No

No

ENCRYPTDATACHANNEL="YES"

If set to YES, specifies that all data channel communication between the client and server are to be encrypted. The default value is NO. This parameter is available only if the FTP with SSL (Implicit) or FTP with SSL (Explicit) option is selected from the Server Connection Type parameter.

It may NOT be advantageous to use data channel encryption when performing transfers under the following scenarios:

  • Files being transferred are of a non-sensitive nature, making encryption unnecessary.

  • Files being transferred are already encrypted at the file level, making encryption redundant.

Ignore invalid server certificates

Yes/No

No

No

IGNOREINVALIDCERTIFICATE="YES"

If set to YES, specifies that this action will ignore invalid certificates when connecting to an FTP server using SSL. The default value is NO. This option is available only if the FTP with SSL (Implicit) or FTP with SSL (Explicit) option is selected from the Server Connection Type parameter.

Clear Command Channel

Yes/No

No

No

CLEARCOMMANDCHANNEL="YES"

If YES, this option enables support for the Clear Command Channel (CCC) functionality. The CCC command can be issued by a remote FTPS client and will cause AutoMate's FTP client to fall out of secure mode and back in to unsecured mode. This option is useful for clients who only need to secure the authentication portion of the session. Once the USER/PASS has completed, some clients will use CCC to return to unsecured mode, which is faster. The default value is NO. This option is available only if the FTP with SSL (Implicit) or FTP with SSL (Explicit) option is selected from the Server Connection Type parameter.

Enable Tumbleweed compatibility mode

Yes/No

No

No

TUMBLEWEEDSERVER="YES"

If set to YES, allows compatibility with Tumbleweed Secure Content Delivery.

Client certificate source

Options

No

No Certificate

  1. "CERTIFICATESOURCE="none"

  2. "CERTIFICATESOURCE="store"

  3. "CERTIFICATESOURCE="file"

  4. "CERTIFICATESOURCE="auto"

FTP over SSL allows sessions to be encrypted between an FTP client and server. This property is used to select the source of the certificate. A certificate is a digitally-signed statement that binds the value of a public key to the identity of the person, device, or service that holds the corresponding private key. One of the main benefits of certificates is that hosts no longer have to maintain a set of passwords for individual subjects who need to be authenticated as a prerequisite to access. Instead, the host merely establishes trust in a certificate issuer. This parameter is available only if the FTP with SSL (Implicit) or FTP with SSL (Explicit) option is selected from the Server Connection Type parameter. The available options are:

  • No Certificate (Default)

  • Certificate Store - Allows selection of a certificate using the Window's trusted certificate store for certificate approval.

  • File(s) - Allows selection of a certificate file.

  • Automatically select certificate - AutoMate will select the best suitable certificate from the user store that matches the FTP server request.

Certificate issuer

Text

No

(Empty)

CERTIFICATEISSUERID="Name"

Specifies information regarding the certification authority that issued the certificate. This parameter is available only when Certificate Store option is selected from the Client Certificate Source parameter.

Certificate Serial Number

Number

No

(Empty)

CERTIFICATESERIAL=

"c7 f5 fa f8 6d ab 77 87 43 4a 11 43 f1 cd 3c 0f"

Specifies the unique serial number that the issuing certification authority assigns to the certificate. The serial number is unique for all certificates issued by a given certification authority. This parameter is available only when Certificate Store option is selected from the Client Certificate Source parameter.

Certificate file

Text

No

(Empty)

CERTIFICATE=

"C:\Temp\Certificate_Location"

Specifies the path and filename of the certificate file. This parameter is available only when the File(s) option is selected from the Client Certificate Source parameter.

Passphrase

Text

No

(Empty)

PASSPHRASE="passphrase"

Specifies the pass phrase used to authenticate connection. A pass phrase is a password that comprises a whole phrase. This parameter is available only when the File(s) option is selected from the Client Certificate Source parameter.

Certificate private key

Text

No

(Empty)

CERTIFICATEPRIVATEKEY=

"C:\Temp\Private_Key"

Specifies the path and filename of the Private key file. This parameter is available only when the File(s) option is selected from the Client Certificate Source parameter.

Proxy

Property
Type
Required
Default
Markup
Description

Proxy Type

Text (options)

No

None

  1. PROXYTYPE="default"

  2. PROXYTYPE="none"

  3. PROXYTYPE="socks4"

  4. PROXYTYPE="socks4a"

  5. PROXYTYPE="socks5"

  6. PROXYTYPE="http"

  7. PROXYTYPE="ftp_site"

  8. PROXYTYPE="ftp_user"

  9. PROXYTYPE="ftp_open"

Specifies proxy protocol that should be used.  If you are unsure of the value to use in this parameter, contact your network administrator. The available options are:

  • System Default - The settings specified in the Task Administrator preferences are used.

  • None (Default) - Instructs the activity not to use a proxy server regardless of the system default.

  • Socks 4: Instructs the activity to go through a Socks 4 compliant server.

  • Socks 4a: Instructs the activity to go through a Socks 4a compliant server.

  • Socks 5: Instructs the activity to go through a Socks 5 compliant server.

  • HTTP - Instructs the activity to go through a HTTP compliant server.

  • FTP Site - Instructs the activity to go through an FTP Site compliant server.

  • FTPUser - Instructs the activity to go through an FTP User compliant server.

  • FTPOpen - Instructs the activity to go through an FTP Open compliant server.

Proxy Host

Text

No

(Empty)

PROXYSERVER="proxy.host.com"

The host name (i.e. server.domain.com) or IP address i.e. (xxx.xxx.xxx.xxx) of the proxy server.

Proxy Port

Text

Yes

21

PORT="1000"

The port that should be used to connect to the FTP server. Most standard FTP servers operate on port 21 (the default port specified) however, this parameter can be customized in case the FTP server operates on other ports. Note that other default ports may be assigned depending on the server connection type selected.

Proxy Username

Text

No

(Empty)

ROXYUSERNAME="username"

The username that should be used to authenticate when connecting through the proxy server. This option is only valid when Socks 5 is specified in the Proxy type as it is the only version that supports authentication.

Proxy Password

text

No

(Empty)

PROXYPASSWORD="encrypted"

The password that should be used to authenticate when connecting through the proxy server. When the step is created using the Task Builder it is written to the task encrypted. This option is only valid when Socks 5 is specified in the Proxy type as it is the only version that supports authentication.

 

Description

Error Causes

On Error

additional Notes

Public/Private Key Encryption

In public/private key encryption, different keys are used to encrypt and decrypt information. The first key is a private key (a key that is known only to its owner), while the second key (called the public key) can be made known and available to other entities on the network. The two keys are different but complementary in function. For example, a user’s public key can be published in a certificate in a directory so that it is accessible to other people in the organization. The sender of a message can retrieve the user’s certificate from Active Directory, obtain the public key from the certificate, and then encrypt the message by using the recipient's public key. Information that is encrypted with the public key can be decrypted only by using the corresponding private key of the set, which remains with its owner, the recipient of the message.

When you authenticate with a public/private key pair using the SFTP (Public) connection type, you have a private key on your computer, a key that only you have access to (this is crucial). The server to which you are connecting has a copy of your public key. This key is safe for anyone to have. When you logon using your key pair, the server sends a challenge, encrypted with your public key (to which it has access to, since you uploaded it to the appropriate place in your home directory). The only key that will unencrypt the challenge is your private key. Your SSH/SCP/SFTP program (in this case, AutoMate) does this, and the server then knows you are who you claim to be.

Examples

NOTE: The sample AML code below can be copied and pasted directly into the Steps panel of the Task Builder.

Sample 1:

This task will log onto an FTP site, download a single file and log off.

<AMFTP ACTIVITY="logon" SERVER="YourFTPHost" USERNAME="YourUsername" PASSWORD="AM1MoyAfpKHilpraHBIX6ei1E/2ZhM5egRHalje6g6YThM=aME" />

<AMFTP SOURCE="/home/ftp/filename.txt" DEST="C:\Temp\*.*" />

<AMFTP ACTIVITY="logoff" />

Sample 2:

This sample task demonstrates the activities used to download files from one FTP server to another. The first two steps logs onto two separate FTP hosts and creates a unique session name for each connection. The third step performs the file transfer from one server to another. The last two steps are used to log off each FTP server.  In order for this task to work in your environment, please make the appropriate modifications in the properties of each activity.

<AMFTP ACTIVITY="logon" SESSION="Server1Session" SERVER="ftp.server1.com" USERNAME="theuser" PASSWORD="AM2WknKdIcXr7JaSdh0lRfctA==aME" />

<AMFTP ACTIVITY="logon" SESSION="Server2Session" SERVER="ftp.server2.com" USERNAME="theuser" PASSWORD="AM2WknKdIcXr7JaSdh0lRfctA==aME" />

<AMFTP ACTIVITY="fxp" SOURCE="/Server1/myFolder/*.*" DEST="/Server2/myFolder/*.*" SUBFOLDERS="YES" KEEPFOLDERSTRUCT="YES" OVERWRITE="YES" RESULTDATASET="theDataset" SESSION="Server1Session" DESTINATIONSESSION="Server2Session" />

<AMFTP ACTIVITY="logoff" SESSION="Server1Session" />

<AMFTP ACTIVITY="logoff" SESSION="Server2Session" />