Skip to content
CA Workload Automation DE - 11.3.3
Documentation powered by DocOps

Define an SFTP Job

Last update February 16, 2017

You can define an SFTP job to transfer binary and ASCII files using the Secure File Transfer Protocol (SFTP). The SFTP protocol supports wildcard transfers, so you can upload multiple files to a remote FTP server or download multiple files to the agent computer.

The SFTP job supports the following types of authentication for file transfer:

  • User authentication
    This authentication requires the FTP user ID and password for authentication to the SFTP server.
  • Public-key authentication
    This authentication requires the private key and passphrase for authentication to the SFTP server. If you create the private key using a blank passphrase, the passphrase is not required for the authentication.

    Note: The SFTP job does not support public or private keys that are generated using Putty Gen or that are encrypted in DES3 format.
  • Multifactor authentication
    This authentication requires both the FTP user ID and password and the private key and passphrase for authentication to the SFTP server.

Note: To run these jobs, your system requires CA WA Agent for UNIX, Linux, Windows, or i5/OS.

Follow these steps:

  1. Open the Application that you want to add the job to in the Define perspective.
    The Application appears in the workspace.
  2. Select the SFTP job from the File Transfer group in the Palette view, and drag the job to the workspace.
    The SFTP icon appears on the Application workspace view.
  3. Right-click the SFTP icon, and select Edit from the pop-up menu.
    The Basic page of the SFTP dialog opens.
  4. Complete the following required fields:
    • Name

      Defines the name of the job that you want to schedule.

      Limits: 128 alphanumeric characters, plus the special characters commercial at (@), pound (#), dollar sign ($), underscore (_), square brackets ([]), brace brackets ({}), and percent sign (%) as a symbolic variable introducer character.

    • Agent name

      Specifies the name of the agent where the secure transfer takes place.

      Note: The drop-down list displays all the agents that are defined in the Topology for the specified job type.

    • Transfer direction

      Indicates the direction of transfer (Download or Upload).

      Default: Download

    • Transfer code type
      Specifies the type of data you are transferring. Options are as follows:
      • Binary
        Indicates a binary transfer.
      • ASCII
        Indicates an ASCII transfer.
        i5/OS: If the ASCII file to be transferred already exists on the target computer, the file is written using the encoding of the existing file. If the file does not exist, the file is written using the ASCII CCSID (Coded Character Set Identifier) defined on the agent. The default is 819.

        Note: To transfer ASCII files, we recommend that the SFTP server that your agent computer communicates with is compliant with protocol level 4 or higher. To transfer ASCII files to or from an SFTP server that is compliant with protocol level 3 or lower, select the operating system type of the SFTP server from the The remote os type drop-down.

      Default: Binary
    • SFTP commands

      Specifies the command you issue against the SFTP job.

      • Delete source file(s)

        Indicates the deletion of the local source files (if uploading) after they are uploaded from the agent computer or the remote source files (if downloading) after they are downloaded from the remote SFTP server.

        Note: To delete multiple source files, use wildcards for the file name in the local file name field (if uploading) or remote file name field (if downloading). The asterisk (*) is a wildcard for zero or more characters and the question mark (?) is a wildcard for a single character.

        • Delete source directory

          Indicates the deletion of the directory containing the local source file (if uploading) or the remote source file (if downloading) after the file is uploaded or downloaded. To delete the source directory along with the source file, select this checkbox.

          Note: If the source directory is not empty or if it contains files other than the source file you are uploading or downloading, the source directory cannot be deleted.

      Default: None

      Note: To use SFTP commands, update the server and CA WA Desktop Client with the latest 11.3 SP3 cumulative patches.

    • Server address

      Specifies the DNS name or IP address of a remote server.
      Example: 172.24.36.107 (IPv4) or 0:0:0:0:0:FFFF:192.168.00.00 (IPv6)

    • Remote directory

      Specifies the file's remote source directory (if downloading) or the file's remote destination directory (if uploading).

    • Remote file name
      Specifies the file's source location (if downloading) or the file's destination (if uploading). This field is not required if you are uploading multiple files.

      Notes:

      • For uploads, you must specify the file name without wildcards.
      • For downloads, you can use wildcards for the file name. The asterisk (*) is a wildcard for zero or more characters and the question mark (?) is a wildcard for a single character.
      • If a wildcard is used in a remote file name for download, the local file name (the target) must refer to a directory. A wildcard transfer is equivalent to an mget transfer using an FTP client.
      • You cannot rename files if wildcards are used.
    • Local file name
      Specifies the file's destination (if downloading) or the file's source location (if uploading).

      Notes:

      • For downloads, you must specify the full path and file name without wildcards.
      • For uploads, you can use wildcards for the file name. The asterisk (*) is a wildcard for zero or more characters and the question mark (?) is a wildcard for a single character.
      • If a wildcard is used in a local file name for upload, the Remote file name field is not required. A wildcard transfer is equivalent to an mget transfer using an FTP client.
      • You cannot rename files if wildcards are used.
      • You cannot use wildcards in the path.
      • If the agent user does not have access to the file's location, specify the user that has access to the location in the Run as user field.
    • User
      Specifies the user ID of the user with the authority to download the file from the remote FTP server or upload the file to the remote FTP server. This field is required for user authentication and multifactor authentication. The user must be defined in the Topology. This field supports the use of a namespace for a user that has more than one password. Contact your administrator for the user name defined in the Topology.
      Examples: Bob, Production:Bob

      Notes:
      • The drop-down list displays all the user IDs that are defined in the Topology for the specified agent. You must have at least Read access to the ADMIN.Network Topology permission to view this list.
      • If you use public-key authentication, this field is optional. You can specify a user that is not defined in the Topology and run the SFTP job without a password.
    • PrivateKey Path
      Specifies the full path for the private key file on the FTP client. This field is required for public-key and multifactor authentication.
      Limits: 256 characters
    • PrivateKey passphrase
      Specifies the passphrase for the private key.
      Limits: 256 characters

      Note: If you created the private key using a blank passphrase, this field is not required for authentication.
  5. (Optional) Specify the following additional information:
    • Server port

      Specifies the port number of the remote server.

      Default: 22

    • Local user

      Specifies a user ID on the UNIX or Linux computer where the agent is installed. This user ID determines the access permissions of a downloaded file on the agent computer and does not apply to uploads. When the file is downloaded, the file is created with this user as the file owner. To set the owner of a downloaded file, the agent must run as root.

      Notes:

      • The local user does not need to be defined in the Topology.
      • Your agent administrator can specify a default local user for all FTP, Secure Copy, and Secure FTP jobs by setting the ftp.download.owner parameter in the agent's agentparm.txt file.
      • The value in this field overrides the default setting specified in the ftp.download.owner parameter in the agent's agentparm.txt.
    • Run as user

      Specifies the user ID that runs the job on behalf of the agent user. You can use this field to access remote resources that the agent user does not have access to. You are restricted to how you can access data on remote computers. To access restricted remote resources, you can run the job under a user ID that has access to those resources. The user must be defined in the Topology. This field supports the use of a namespace for a user that has more than one password. Contact your administrator for the user name defined in the Topology.
      Examples: Bob, Production:Bob

      Notes:

      • The drop-down list displays all the user IDs that are defined in the Topology for the specified agent. You must have at least Read access to the ADMIN.Network Topology permission to view this list.
      • This user must have access to the file’s location that you specify in the Local file name field.
      • On UNIX, the password for this user is not required.
    • The remote os type

      Specifies the remote operating system type in a secure file transfer (UNIX or Windows). The remote operating system type is used to determine the path separator on the remote system.

      Note: To transfer ASCII files to or from an SFTP server that is compliant with protocol level 3 or lower, select the operating system type of the SFTP server.
  6. Click OK.
    The Secure FTP job is defined.

Example: Upload a File Using User Authentication

Suppose that you want to upload the logs.tar file to the /u/tmp directory on the hpsupport server using user authentication. The job uses the Secure File Transfer Protocol (SFTP).

Follow these steps:

  1. Enter the following information in the Basic page:
    • Name—SFTP_UPLOAD
    • Agent name—WINAGENT
    • Server address—hpsupport
    • Remote directory—/u/tmp
    • Remote file name—logs.tar
    • Local file name—D:\temp\logs.tar
    • User—causer
  2. Select the Upload and Binary option buttons.
  3. Click OK.

Example: Upload Multiple Files Using User Authentication

This example uploads the files in the c:\temp\upload directory to the /u1/build/uploaded directory on the aixunix server using user authentication. The job uses the Secure File Transfer Protocol (SFTP). Since the value in the Local file name field contains a wildcard, no value is specified in the Remote file name field.

Follow these steps:

  1. Enter the following information in the Basic page:
    • Name—SFTP_UPLOAD_MULTIPLE
    • Agent name—WINAGENT
    • Server address—aixunix
    • Remote directory—/u1/build/uploaded
    • Local file name—c:\temp\upload\*
    • User—causer
  2. Select the Upload and Binary option buttons.
  3. Click OK.

Example: Upload a File Using Public-Key Authentication

This example uploads the upload_test.txt file from the C:\ca directory to the E:\ftp directory on a remote FTP server using public-key authentication.

Follow these steps:

  1. Enter the following information in the Basic page:
    • Name—SFTP_UPLOAD
    • Agent name—SFTPAGENT
    • Server address—winserver
    • Remote directory—E:\ftp
    • Remote file name—upload_test.txt
    • Local file name—C:\ca\upload_test.txt
    • PrivateKey path—C:\rsa_user1
    • PrivateKey passphrase—abcd
  2. Select the Upload and ASCII option buttons.
  3. Click OK.

Example: Upload a File Using Multifactor Authentication

This example uploads the upload_test.txt file from the C:\ca directory to the E:\ftp directory on a remote FTP server using multifactor authentication.

Follow these steps:

  1. Enter the following information in the Basic page:
    • Name—SFTP_UPLOAD
    • Agent name—SFTPAGENT
    • Server address—winserver
    • Remote directory—E:\ftp
    • Remote file name—upload_test.txt
    • Local file name—C:\ca\upload_test.txt
    • User—causer
    • PrivateKey path—C:\rsa_user1
    • PrivateKey passphrase—abcd
  2. Select the Upload and ASCII option buttons.
  3. Click OK.

Example: Download a File from an FTP server to a Remote Location using Run as User

Suppose that you want to download a file (download_test.txt) from a remote FTP server to a remote location that the agent user does not have access to. An additional user (user2) that has access to the remote location is specified.

Follow these steps:

  1. Enter the following information in the Basic page:
    • Name—SFTP_DOWNLOAD
    • Agent name—SFTPAGENT
    • Server address—linuxserver
    • Remote directory—/home/user1
    • Remote file name—download_test.txt
    • Local file name—/mnt/share1/download_test.txt
    • User—user1
    • Run as user—user2
  2. Select the Download and ASCII option buttons.
  3. Click OK.

Example: Download an ASCII File from an SFTP Server that is Compliant with Protocol Level 3 or Lower

Suppose that you want to download an ASCII file (download_test.txt) from a remote SFTP server (linuxserver) that is compliant with protocol level 3 or lower. Select the operating system (UNIX) of the SFTP server from the The remote os type drop-down.

Follow these steps:

  1. Enter the following information in the Basic page:
    • Name—SFTP_UPLOAD
    • Agent name—SFTPAGENT
    • Server address—linuxserver
    • Remote directory—/home/user1
    • Remote file name—download_test.txt
    • Local file name—/mnt/share1/download_test.txt
    • User—user1
    • The remote os type—UNIX
  2. Select the Download and ASCII option buttons.
  3. Click OK.

Example: Delete the Source File After Uploaded From the Agent Computer

This example uploads the abc.txt file from the D:\temp directory on the agent computer to the /test/upload directory on the hpsupport server and deletes the file in the D:\temp directory after it is uploaded. The file is uploaded using user authentication.

Follow these steps:

  1. Enter the following information in the Basic page:
    • Name—SFTP_UPLOAD
    • Agent name—AGENT_SFTP
    • Server address—hpsupport
    • Remote directory—/test/upload
    • Remote file name—abc.txt
    • Local file name—D:\temp\abc.txt
    • User—causer
  2. Select the Upload and Binary option buttons.
  3. Select the Delete source file(s) option button.
  4. Click OK.

Example: Delete Multiple Source Files After Downloaded From the Remote FTP Server

This example downloads all the files that start with X from the /ftproot/download directory on the SFTP Linux server to the /abcde01/test/read directory on the agent computer and deletes the files in the /ftproot/download directory after they are downloaded. The files are downloaded using user authentication.

Follow these steps:

  1. Enter the following information in the Basic page:
    • Name—SFTP_DOWNLOAD
    • Agent name—AGENT_SFTP_LINUX
    • Server address—abcde01-i12345
    • Remote directory—/ftproot/download
    • Remote file name—X*
    • Local file name—/abcde01/test/read
    • User—causer
  2. Select the Download and ASCII option buttons.
  3. Select the Delete source file(s) option button.
  4. Click OK.

Example: Delete the Source File Directory After the Source File is Downloaded From the Remote FTP Server

Suppose that you want to download the abc.txt file from the /ftproot/download directory on the SFTP server to the D:\temp directory on the agent computer and delete the /ftproot/download directory after the file is downloaded.

The file is downloaded using user authentication. The /test/upload directory contains only the abc.txt file.

Follow these steps:

  1. Enter the following information in the Basic page:
    • Name—SFTP_DOWNLOAD
    • Agent name—AGENT_SFTP
    • Server address—abcde01-i12345
    • Remote directory—/ftproot/download
    • Remote file name—abc.txt
    • Local file name—D:\temp
    • User—causer
  2. Select the Download and ASCII option buttons.
  3. Select the Delete source file(s) option button and the Delete source directory checkbox.
  4. Click OK.
Was this helpful?

Please log in to post comments.