I am trying to have an SSH server going in the CA gateway and have gone through every article around it on the CA platform, forums and other materials available online. i am trying to use an SFTP client (WinSCP) to do the various
operations (say LIST, PUT, GET) against the SSH Server for it process and respond back appropriately.
Please find below the list of steps that I have already followed to get the SSH server going.
I have gone through a lot of posts to get a good understanding of the SSH fundamentals however am not sure how to get it working from an API gateway point of view. I will be very grateful for any support or feedback in this regard to get me going in the right track. Looking forward to the community for some guidelines here.
Thank you for your time. Cheers.
1. When I connect using the SFTP client (WinSCP in this case), I get the following error:Error listing directory '/'
Response: The gateway does not expose the local file system through the Gateway application. You would need to connect to another source to pull the data. We see a lot of people using SFTP to SFTP on another server so the gateway is a bridging mechanism between or SFTP to S3 buckets.
2. Does the Gateway support a LIST, PUT and GET commands for SFTP?
Response: Yes it supports these commands plus more.
3. What should I do to save a PUT command when the client tries to send a file? I assume that will be available as part of the request.mainPart context variable
Response: Correct any file sent in will be stored in the request message context and can be accessed through the normal means.
4. Where does the the physical file reside once the gateway receives it? Does the Gateway has means of storing it in dedicated SFTP folders/directories? I can see that the current SSH path is "/" - is it possible to have custom paths
Response: As the file system is not exposed through the JAVA application, the information pushed or pulled through the gateway is held in memory as it executes the policy.
5. Is it possible for the SSH request received to have an AD based authentication instead of the Internal Identity Provider?
Response: You can connect to any LDAP provider or Authentication system that can validate user/password combination or certificates.
Stephen HughesBroadcom Support