FTP - Logon

Declaration

<AMFTP ACTIVITY="logon" SERVER="text" USERNAME="text" PASSWORD="text (encrypted)"  ANONYMOUSLOGIN="YES/NO" SESSION="text" TYPE="text (options)" PORT="number" PASSIVEMODE="YES/NO" COMPRESSION="YES/NO" ENCRYPTDATACHANNEL="YES/NO" IGNOREINVALIDCERTIFICATE="YES/NO" CLEARCOMMANDCHANNEL="YES/NO" TUMBLEWEEDSERVER="YES/NO" FIPS="YES/NO" FTPOPTIONS="text (options)" CERTIFICATESOURCE="text (options)" CERTIFICATEISSUERID="text" CERTIFICATESERIAL="text" CERTIFICATE="text" CERTIFICATEPASSPHRASE="text (encrypted)" CERTIFICATEPRIVATEKEY="text" TLSCIPHERS="text (options)" TLSOPTIONS="text (options)" SSLVERSION="text (options)" SFTPVERSIONS="text (options)" SFTPAUTHTYPE="text (options)" SFTPHOSTKEY="text (options)" SFTPHOSTKEYNOTFOUND="text (options)" CIPHERSELECTION="text (options)" SSHENCRYPTION="text (options)" SSHKEYEXCHANGE="text (options)" SSHMAC="text (options)" SSHPUBLICKEY="text (options)" LOGFILE="text" OVERWRITELOG="YES/NO" TRANSFERBLOCKSELECTION="text (options)" "PIPELINELENGTH="number" UPLOADSIZE="number" DOWNLOADSIZE="number" TIMEOUT="number" MEASURE="text (options)" UPLOADBUFFERSIZE="number" PROXYTYPE="text (options)" PROXYSERVER="text" PROXYPORT="number" PROXYUSERNAME="text" PROXYPASSWORD="text (encrypted)" />

Related Topics

Description

Starts a transaction with a File Transfer Protocol (FTP) server and creates a session for the current connection. Other FTP related actions can follow this step. This activity allows simultaneous FTP connections using the same username/password.

NOTE: Be sure to end FTP sessions with an FTP - Log Off step.

Practical usage

Used to connect to an FTP server. Other FTP activities can be used to following this step.

Parameters

Connection

Property Type Required Default Markup Description
Host Text Yes (Empty)
  • SERVER="ftp.netauto.com"
  • SERVER="123.456.789.012"
The IP address (xxx.xxx.xxx.xxx) or the server and domain name (for example, server.domain.com) of the FTP server.
Username Text Yes (Empty) USERNAME="Clark.Kent" The username to use when logging on to the FTP Server. The username is preconfigured at the server level.
Password Text No (Empty) PASSWORD="password" The password to use when logging on to the FTP Server. When the step is created using the Task Builder it is written to the task encrypted.
Use anonymous log on Yes/No No No ANONYMOUSLOGIN="YES" If selected, the FTP server is logged on as an "Anonymous" user and the Username and Password parameters are disabled (disabled by default). The server must be configured to accept anonymous connections.
Session Text Yes FTPSession1 SESSION="FTPSession2" The session name to assign to this activity. This allows several FTP activities to be linked to a specific session. Numerous sessions can be used within a single task.

Advanced

Property Type Required Default Markup Description
Connection type Text (options) Yes FTP (standard)
  • TYPE="standard"
  • TYPE="ftps_implicit"
  • TYPE="ftps_explicit"
  • TYPE="sftp"
  • TYPE="sftp_public_key"
The type of FTP connection to use. The available options are:
  • FTP (standard): Connect using standard FTP .
  • FTP with SSL/TLS (implicit): Connect using FTPS (also known as FTP Secure or FTP-SSL). This connection type adds support for the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) cryptographic protocols. In implicit mode, a client immediately sends the FTPS server a TLS/SSL "ClientHello message. If such a message is not received by the FTPS server, the connection is dropped.
  • FTP with SSL/TLS (explicit): Connect using FTPS (also known as FTP Secure or FTP-SSL). This connection type adds support for the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) cryptographic protocols. In explicit mode, a client must "explicitly request" security from a FTPS server and then use a mutually agreed encryption method.
  • SFTP (password): Connect using SFTP (also known as Secure FTP). SFTP uses SSH (Secure Shell) protocol to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing sensitive information from being transmitted in the clear over the network. In password mode, a password is used to authenticate the SFTP connection.
  • SFTP (key): Connect using SFTP (also known as Secure FTP). SFTP uses SSH (Secure Shell) protocol to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing sensitive information from being transmitted in the clear over the network. For more details, see Public/private key encryption below. Once this has been selected the Cipher(s) selection parameter will appear.
Port Text Yes 21 PORT="1000" The port to use to connect to the FTP server. Most standard FTP servers operate on port 21 (the default port specified) however, this parameter can be customized in case the FTP server operates on other ports.
NOTE: Other default ports may be assigned depending on the server connection type selected.
Passive mode (for firewalls)  Yes/No No No PASSIVEMODE="YES"  Determines how an FTP data connection is made. If selected, Automate Desktop issues the PASV command and the server tells Automate Desktop where to establish the data connection. Automate Desktop initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. If disabled (default), the PORT method is used. Automate Desktop listens for a data connection which is established by the server and the PORT command tells the server where to connect to. Automate Desktop then connects to the server where the server indicated. This method is sometimes used with some proxy configurations. However, some proxy configurations require PORT transfers and some FTP servers do not support PASV transfers.

This parameter is available only if the FTP (standard), FTP with SSL/TLS (implicit), or FTP with SSL/TLS (explicit) option is selected from the Connection type parameter.

Use compression Yes/No No No COMPRESSION="YES" If selected, data is compressed using a single algorithm to reduce the total amount of data that is transmitted. If transmission speeds are slow, transfers can be sped up significantly when using compression, particularly if text files are being transferred. Media files  (for example, JPEG and MPEG) are usually compressed already, thus, there will be little or no benefit in using compression.
Encrypt data channel Yes/No No No ENCRYPTDATACHANNEL="YES" If selected, specifies that all data channel communication between the client and server are to be encrypted (disabled by default). This parameter is available only if the FTP with SSL/TLS (implicit) or FTP with SSL/TLS (explicit) option is selected from the Connection type parameter.

It may not be advantageous to use data channel encryption when performing transfers under the following scenarios:

  • Files being transferred are of a non-sensitive nature, making encryption unnecessary.
  • Files being transferred are already encrypted at the file level, making encryption redundant.
Ignore invalid server certificates Yes/No No No IGNOREINVALIDCERTIFICATE="YES" If selected, specifies that this action will ignore invalid certificates when connecting to an FTP server using SSL (disabled by default). This parameter is available only if the FTP with SSL/TLS (implicit) or FTP with SSL/TLS (explicit) option is selected from the Connection type parameter.
Clear command channel Yes/No No No CLEARCOMMANDCHANNEL="YES" If selected, this option enables support for the Clear Command Channel (CCC) functionality (disabled by default). The CCC command can be issued by a remote FTPS client and will cause Automate Desktop's FTP client to fall out of secure mode and back in to unsecured mode. This option is useful for clients who only need to secure the authentication portion of the session. Once the USER/PASS has completed, some clients will use CCC to return to unsecured mode, which is faster.

This parameter is available only if the FTP with SSL/TLS (implicit) or FTP with SSL/TLS (explicit) option is selected from the Connection type parameter.

Enable Tumbleweed mode Yes/No No No TUMBLEWEEDSERVER="YES" If selected, allows compatibility with Tumbleweed Secure Content Delivery (disabled by default). This parameter is available only if the FTP with SSL/TLS (implicit) or FTP with SSL/TLS (explicit) option is selected from the Connection type parameter.
Enable FIPS mode Yes/No No No FIPS="YES" If selected, FIPS 140-2 validated cryptography mode is enabled (disabled by default). The Federal Information Processing Standard (FIPS) Publication 140-2 specifies the security requirements of cryptographic modules used to protect sensitive information. Most government agencies such as the Department of Defense and companies in the public sector such as healthcare, financial and manufacturing require FIPS validation to protect the integrity of data traffic traveling across their networks.

This parameter is available only if the FTP with SSL/TLS (implicit), FTP with SSL/TLS (explicit), SFTP (password), or SFTP (key) option is selected from the Connection type parameter

FTP options Text (options) Yes None
  • FTPOPTIONS="ForceSilentCcc"
  • FTPOPTIONS="ForceAvtiveCcc"
  • FTPOPTIONS="UseLargeBuffers"
Specifies the advanced FTP option to apply during the transfer. The following lists all FTP options supported by Automate Desktop's  built-in FTP client:
  • None - Apply no FTP options (default).
  • DoNotSendSignals - Do not send abort signals when aborting download.
  • DoNotSendAbort - Do not send the ABOR command when aborting download.
  • KeepAliveDuringTransfer - Keeps connection alive during transfers by sending the NOOP command every 10 minutes.
  • ForceSilentCcc - This option is deprecated and should no longer be used.
  • SendDataAsynchronously - Sends the data being transferred asynchronously.
  • TimeoutAsynchronousMethod - Allows the Timeout property to support asynchronous transfers as well. By default, it only affects synchronous transfers.
  • DoNotDetectFeatures - Disables feature detection using FEAT and other commands.
  • IgnorePassiveModeAddress - Overrides an IP address announced by the server in response to PASV command with an IP used by the control connection
  • EnableMultipleBlockingCalls - Makes it possible to call multiple methods from different threads at once. The calls will block until the operation is completed.
  • PauseBeforeUploadClose - Performs a short pause before closing the encrypted upload connection when the transfer is finished. Used as a workaround for servers that are unable to correctly handle the last block data if it is followed by a TLS CloseNotify message in the same TCP block.
  • DisableInvalidPassiveModeAddressWorkaround - Disables a workaround for FTP servers that announce private range IP addresses even though a public IP was used to connect to them. By default, when such server is detected, an IP address announced by the server in response to PASV command used is overrode with an IP used by the control connection.
  • EnableControlConnectionFlushing - Enables reading and throwing out any unexpected incoming responses when sending an FTP command.
  • ConnectPassiveLater - Makes the passive mode transfer initialize the connection only after the LIST/NLST/RETR/STOR command has been sent.
  • ForceActiveCcc - Forces the CCC command behavior that was used by older FTP clients.
  • UseLargeBuffers - Uses larger receive buffer for incoming and outgoing data.
  • ReuseControlConnectionSession - Re-use control connection session ID for data connections.
  • ForceListHiddenFiles - Uses the "LIST -la" instead of "LIST" command to allow listing of hidden files.
  • DisableProgressPercentage - Disables progress percentage reporting.
Client certificate source Text (options) No No certificate
  • CERTIFICATESOURCE="none"
  • CERTIFICATESOURCE="store"
  • CERTIFICATESOURCE="file"
  • CERTIFICATESOURCE="auto"
FTP over SSL allows sessions to be encrypted between an FTP client and server. This property is used to select the source of the certificate. A certificate is a digitally-signed statement that binds the value of a public key to the identity of the person, device, or service that holds the corresponding private key. One of the main benefits of certificates is that hosts no longer have to maintain a set of passwords for individual subjects who need to be authenticated as a prerequisite to access. Instead, the host merely establishes trust in a certificate issuer. The available options are:
  • No Certificate (default)
  • Certificate store - Allows selection of a certificate using the Window's trusted certificate store for certificate approval.
  • File(s) - Allows selection of a certificate file.
  • Automatically select certificate - Automate Desktop will select the best suitable certificate from the user store that matches the FTP server request.

This option is available only if the FTP with SSL/TLS (implicit) or FTP with SSL/TLS (explicit) option is selected from the Connection type parameter.

Certificate issuer Text No (Empty) CERTIFICATEISSUERID="Name" Specifies information regarding the certification authority that issued the certificate. This parameter is available only when Certificate store option is selected from the Client certificate source parameter.
Certificate serial number Number No (Empty) CERTIFICATESERIAL="c7 f5 fa f8 6d ab 77 87 43 4a 11 43 f1 cd 3c 0f" Specifies the unique serial number that the issuing certification authority assigns to the certificate. The serial number is unique for all certificates issued by a given certification authority. This parameter is available only when Certificate store option is selected from the Client certificate source parameter.
Certificate file Text No (Empty) CERTIFICATE="C:\Temp\Certificate_Location" Specifies the path and file name of the certificate file. This parameter is available only when the File(s) option is selected from the Client certificate source parameter.
Passphrase Text No (Empty) CERTIFICATEPASSPHRASE="passphrase" Specifies the passphrase used to authenticate connection. A passphrase is a password that comprises a whole phrase. This parameter is available only when the File(s) option is selected from the Client certificate source parameter.
Certificate private key Text No (Empty) CERTIFICATEPRIVATEKEY="C:\Temp\Private_Key" Specifies the path and file name of the Private key file. This parameter is available only when the File(s) option is selected from the Client certificate source parameter.
TLS cipher(s) Text (options) Yes All TLSCIPHERS="All" The specified group of allowed TLS/SSL cipher suites. Connection type must be host to use. The following cipher options are:
  • None - No cipher suite.
  • RSA_EXPORT_WITH_RC4_40_MD5 - Export-grade Transport Layer Security (TLS EXPORT) protocol versions 1.0/1.1/1.2, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Rivest Cipher 4 with 40-bit key (RC4 40) encryption, and Message Digest 5 (MD5) hash.
  • RSA_WITH_RC4_128_MD5 - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Rivest Cipher 4 with 128-bit key (RC4 128) encryption, and Message Digest 5 (MD5) hash.
  • RSA_WITH_RC4_128_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Rivest Cipher 4 with 128-bit key (RC4 128) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • RSA_EXPORT_WITH_RC2_CBC_40_MD5 - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Rivest Cipher 2 with 40-bit key in Cipher Block Chaining mode (RC2 CBC 40) encryption, and Message Digest 5 (MD5) hash.
  • RSA_EXPORT_WITH_DES40_CBC_SHA - Export-grade Transport Layer Security (TLS EXPORT) protocol versions 1.0/1.1, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Data Encryption Standard with 40-bit key in Cipher Block Chaining mode (DES40 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • RSA_WITH_DES_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Data Encryption Standard with 56-bit key in Cipher Block Chaining mode (DES CBC) encryption, Secure Hash Algorithm 1 (SHA) hash.
  • RSA_WITH_3DES_EDE_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Triple-DES (Encrypt Decrypt Encrypt) in Cipher Block Chaining mode (3DES EDE CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • RSA_EXPORT1024_WITH_DES_CBC_SHA - Exportable 56-bit DES in CBC mode with SHA-1 hash and message authentication code.
  • RSA_EXPORT1024_WITH_RC4_56_SHA - Exportable 56-bit RC4 mode with SHA-1 hash and message authentication code.
  • RSA_WITH_AES_128_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • RSA_WITH_AES_256_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DHE_DSS_EXPORT_WITH_DES40_CBC_SHA - Export-grade Transport Layer Security (TLS EXPORT) protocol versions 1.0/1.1, Diffie-Hellman Ephemeral (DHE) key exchange, Digital Signature Standard (DSS) authentication, Data Encryption Standard with 40-bit key in Cipher Block Chaining mode (DES40 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DHE_DSS_WITH_DES_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1, Diffie-Hellman Ephemeral (DHE) key exchange, Digital Signature Standard (DSS) authentication, Data Encryption Standard with 56-bit key in Cipher Block Chaining mode (DES CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DHE_DSS_WITH_3DES_EDE_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1, Diffie-Hellman Ephemeral (DHE) key exchange, Digital Signature Standard (DSS) authentication, Triple-DES (Encrypt Decrypt Encrypt) in Cipher Block Chaining mode (3DES EDE CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DHE_DSS_WITH_AES_128_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Digital Signature Standard (DSS) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DHE_DSS_WITH_AES_256_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Digital Signature Standard (DSS) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA - Exportable 56-bit DES in CBC mode with SHA-1 hash and message authentication code.
  • DHE_DSS_EXPORT1024_WITH_RC4_56_SHA - Exportable 40-bit RC4 with SHA-1 hash and message authentication code.
  • DHE_DSS_WITH_RC4_128_SHA - 128-bit RC4 with SHA-1 hash and message authentication code.
  • DHE_RSA_EXPORT_WITH_DES40_CBC_SHA - Export-grade Transport Layer Security (TLS EXPORT) protocol versions 1.0/1.1, Diffie-Hellman Ephemeral (DHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Data Encryption Standard with 40-bit key in Cipher Block Chaining mode (DES40 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DHE_RSA_WITH_DES_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Data Encryption Standard with 56-bit key in Cipher Block Chaining mode (DES CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DHE_RSA_WITH_3DES_EDE_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1, Diffie-Hellman Ephemeral (DHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Triple-DES (Encrypt Decrypt Encrypt) in Cipher Block Chaining mode (3DES EDE CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DHE_RSA_WITH_AES_128_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DHE_RSA_WITH_AES_256_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • RSA_WITH_AES_128_CBC_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • RSA_WITH_AES_256_CBC_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • DHE_DSS_WITH_AES_128_CBC_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Digital Signature Standard (DSS) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • DHE_RSA_WITH_AES_128_CBC_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • DHE_DSS_WITH_AES_256_CBC_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Digital Signature Standard (DSS) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • DHE_RSA_WITH_AES_256_CBC_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • ECDHE_RSA_WITH_AES_128_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • ECDHE_RSA_WITH_AES_256_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • ECDHE_RSA_WITH_AES_128_CBC_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • ECDHE_RSA_WITH_AES_256_CBC_SHA384 - Transport Layer Security (TLS) protocol version 1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 384 (SHA384) hash.
  • ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Triple-DES (Encrypt Decrypt Encrypt) in Cipher Block Chaining mode (3DES EDE CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • ECDHE_RSA_WITH_RC4_128_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Rivest Cipher 4 with 128bit key (RC4 128) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • ECDHE_ECDSA_WITH_AES_128_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Elliptic Curve Digital Signature Algorithm (ECDSA) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • ECDHE_ECDSA_WITH_AES_256_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Elliptic Curve Digital Signature Algorithm (ECDSA) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Elliptic Curve Digital Signature Algorithm (ECDSA) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - Transport Layer Security (TLS) protocol version 1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Elliptic Curve Digital Signature Algorithm (ECDSA) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 384 (SHA384) hash.
  • ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Elliptic Curve Digital Signature Algorithm (ECDSA) authentication, Triple-DES (Encrypt Decrypt Encrypt) in Cipher Block Chaining mode (3DES EDE CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • ECDHE_ECDSA_WITH_RC4_128_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Elliptic Curve Digital Signature Algorithm (ECDSA) authentication, Rivest Cipher 4 with 128-bit key (RC4 128) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • Vulnerable - Specifies all ciphers that are currently considered vulnerable.
  • RSA_WITH_AES_128_GCM_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 128-bit key in Galois/Counter mode (AES 128 GCM) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • RSA_WITH_AES_256_GCM_SHA384 - Transport Layer Security (TLS) protocol version 1.2, Rivest Shamir Adleman algorithm (RSA) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 256-bit key in Galois/Counter mode (AES 256 GCM) encryption, and Secure Hash Algorithm 384 (SHA384) hash.
  • DHE_RSA_WITH_AES_128_GCM_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 128-bit key in Galois/Counter mode (AES 128 GCM) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • DHE_RSA_WITH_AES_256_GCM_SHA384 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 256-bit key in Galois/Counter mode (AES 256 GCM) encryption, and Secure Hash Algorithm 384 (SHA384) hash.
  • DHE_DSS_WITH_AES_128_GCM_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Digital Signature Standard (DSS) authentication, Advanced Encryption Standard with 256-bit key in Galois/Counter mode (AES 256 GCM) encryption, and Secure Hash Algorithm 384 (SHA384) hash.
  • DHE_DSS_WITH_AES_256_GCM_SHA384 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Digital Signature Standard (DSS) authentication, Advanced Encryption Standard with 256-bit key in Galois/Counter mode (AES 256 GCM) encryption, and Secure Hash Algorithm 384 (SHA384) hash.
  • Weak - Specifies all ciphers that are considered weak.
  • ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Elliptic Curve Digital Signature Algorithm (ECDSA) authentication, Advanced Encryption Standard with 128-bit key in Galois/Counter mode (AES 128 GCM) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - Transport Layer Security (TLS) protocol version 1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Elliptic Curve Digital Signature Algorithm (ECDSA) authentication, Advanced Encryption Standard with 256-bit key in Galois/Counter mode (AES 256 GCM) encryption, and Secure Hash Algorithm 384 (SHA384) hash.
  • ECDHE_RSA_WITH_AES_128_GCM_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, Advanced Encryption Standard with 128bit key in Galois/Counter mode (AES 128 GCM) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • ECDHE_RSA_WITH_AES_256_GCM_SHA384 - Transport Layer Security (TLS) protocol version 1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Rivest Shamir Adleman (RSA) algorithm authentication, Advanced Encryption Standard with 256-bit key in Galois/Counter mode (AES 256 GCM) encryption, and Secure Hash Algorithm 384 (SHA384) hash.
  • Fast - Specifies all ciphers that are considered fast.
  • ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, ChaCha stream cipher and Poly1305 authenticator (CHACHA20 POLY1305) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • DH_anon_WITH_AES_256_CBC_SHA -Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Diffie-Hellman (DH) key exchange, Anonymous (anon) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DH_anon_WITH_AES_128_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Diffie-Hellman (DH) key exchange, Anonymous (anon) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DH_anon_WITH_AES_128_CBC_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman (DH) key exchange, Anonymous (anon) authentication, Advanced Encryption Standard with 128-bit key in Cipher Block Chaining mode (AES 128 CBC) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • DH_anon_WITH_AES_256_CBC_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman (DH) key exchange, Anonymous (anon) authentication, Advanced Encryption Standard with 256-bit key in Cipher Block Chaining mode (AES 256 CBC) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange, Elliptic Curve Digital Signature Algorithm (ECDSA) authentication, ChaCha stream cipher and Poly1305 authenticator (CHACHA20 POLY1305) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 - Transport Layer Security (TLS) protocol version 1.2, Diffie-Hellman Ephemeral (DHE) key exchange, Rivest Shamir Adleman algorithm (RSA) authentication, ChaCha stream cipher and Poly1305 authenticator (CHACHA20 POLY1305) encryption, and Secure Hash Algorithm 256 (SHA256) hash
  • Secure - Specifies all ciphers that are currently considered secure.
  • All - Specifies all ciphers, including weak ciphers, and excludes anonymous ciphers.
  • DH_anon_WITH_DES_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1, Diffie-Hellman (DH) key exchange, Anonymous (anon) authentication, Data Encryption Standard with 56-bit key in Cipher Block Chaining mode (DES CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DH_anon_WITH_3DES_EDE_CBC_SHA - Transport Layer Security (TLS) protocol versions 1.0/1.1, Diffie-Hellman (DH) key exchange, Anonymous (anon) authentication, Triple-DES (Encrypt Decrypt Encrypt) in Cipher Block Chaining mode (3DES EDE CBC) encryption, and Secure Hash Algorithm 1 (SHA) hash.
  • DH_anon_WITH_RC4_128_MD5 - Transport Layer Security (TLS) protocol versions 1.0/1.1/1.2, Diffie-Hellman (DH) key exchange, Anonymous (anon) authentication, Rivest Cipher 4 with 128-bit key (RC4 128) encryption, and Message Digest 5 (MD5) hash.
  • Anonymous - Specifies all anonymous ciphers.
  • TLS_AES_128_GCM_SHA256 - Transport Layer Security (TLS) protocol version 1.3, Advanced Encryption Standard with 128-bit key in Galois/Counter mode (AES 128 GCM) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
  • TLS_AES_256_GCM_SHA384 - Transport Layer Security (TLS) protocol version 1.3, Advanced Encryption Standard with 256-bit key in Galois/Counter mode (AES 256 GCM) encryption, and Secure Hash Algorithm 384 (SHA384) hash.
  • TLS_CHACHA20_POLY1305_SHA256 - Transport Layer Security (TLS) protocol version 1.3, ChaCha stream cipher and Poly1305 authenticator (CHACHA20 POLY1305) encryption, and Secure Hash Algorithm 256 (SHA256) hash.
TLS options Text (options) Yes None TLSOPTIONS="None" The specified TLS/SSL versions allowed. Connection type must be host to use. Connection type must be host to use. The following cipher options are:
  • None - No options.
  • DoNotCacheSessions - Do not cache any sessions.
  • StayConnected - This option is no longer supported.
  • DoNotInsertEmptyFragment - Do not send empty record after successful handshake with CBC ciphers.
  • SkipRollbackDetection - Ignore the client version in premaster secret. This only affects server sockets.
  • SilentUnprotect - Forces the Unprotect() method to do immediate unprotect without exchange of CloseNotify alert messages. This is in violation of the RFC, but some broken servers need it, unfortunately.
  • Reserved - This option is currently unused.
  • AllowCloseWhileNegotiating - Causes an exception not to be thrown when a socket is closed by the server during negotiation. Instead, the negotiation will appear as successful, followed by an immediate socket closure.
  • SilentClose - Forces the Close() method to do immediate close without exchange of CloseNotify alert messages. This is in violation of the RFC, but some broken servers (IIS with TLS 1.1) need it, unfortunately.
  • DisableRenegotiationExtension - Disables Renegotiation Indication Extension (RFC 5746).
  • DisableServerNameIndication - Disables Server Name Indication Extension (RFC 6066).
SSL versions Text (options) No SSL30,TLS10,TLS11 SSLVERSION="SSL3" Specifies the versions of SSL (Secure Sockets Layer) and/or TLS (Transport Layer Security) protocols to use to secure the connection to the server. To select multiple versions, manually enter and separate each version with a comma (see default setting). The available options are:
  • SSL30
  • TLS10
  • TLS11
  • TLS12
  • TLS13
SFTP versions Options No Sftp2,Sftp3,Sftp4 SFTPVERSIONS="Sftp5,Sftp6" Indicates the SFTP versions that the server supports.  To select multiple versions, manually enter and separate each version with a comma (see default setting). The available options are:
  • Sftp0
  • Sftp1
  • Sftp2
  • Sftp3
  • Sftp4
  • Sftp5
  • Sftp6

This parameter is available only if the Connection type parameter is set to SFTP (password) or SFTP (key).  

Authentication type Text (options) No Auto SFTPAUTHTYPE="Password" Indicates the SFTP authentication type that the server supports.  To select multiple types, manually enter and separate each version with a comma (for example, Password,Hostbased). The available options are:
  • Auto
  • RHosts
  • Publickey
  • Password
  • Hostbased
  • Keyboard

This parameter is available only if the Connection type parameter is set to SFTP (password) or SFTP (key).

Ignore sftp server's host key/Validate sftp server's host key Options No None SFTPHOSTKEY="validate" Indicates whether to ignore or validate the SFTP server's host key. This parameter is available only if the Connection type parameter is set to SFTP (password) or SFTP (key).
If server host key is not found then Options No Store it SFTPHOSTKEYNOTFOUND="throw_error" Indicates what action to perform if the server host key is not found. The available options are:
  • Store it (default) - Store the SFTP server's host key in the cache.
  • Throw an error - Generate a "No host key found" error.

This parameter is available only if the Validate sftp server's host key parameter is selected.

Cipher(s) selection Options No Auto CIPHERSELECTION="custom" Specifies the cypher algorithm to use. The available options are:
  • Auto- Connect using the auto cipher. Automate Desktop will figure out what algorithm to use.
  • Legacy- Connect using the legacy cipher. 3DES and DES (encryption), HMAC_SHA1 and HMAC_MD5 (Mac), DSS and RSA (public key), and DH_GROUP and DH_GROUP_EXCHANGE (key exchange) are the algorithms set in Automate Desktop's back end.
  • CustomConnect using the custom cipher.
Encryption algorithm(s) Text (options) Yes All SSHENCRYPTION="EA_DES" Specifies the encryption algorithms to use during the SSH session. To select multiple algorithms, manually enter and separate each one with a comma (for example, EA_3DES,EA_AES256). The encryption algorithms supported by Automate Desktop are:
  • EA_3DES_CBC
  • EA_BLOWFISH
  • EA_TWOFISH256
  • EA_TWOFISH192
  • EA_TWOFISH128
  • EA_AES256 _CBC
  • EA_AES192_CBC
  • EA_AES128_CBC
  • EA_SERPENT256
  • EA_SERPENT192
  • EA_SERPENT128
  • EA_ARCFOUR
  • EA_IDEA
  • EA_CAST128
  • EA_NONE
  • EA_DES
  • EA_AES128_CTR
  • EA_AES192_CTR
  • EA_AES256_CTR
  • EA_3DES_CTR
  • EA_BLOWFISH_CTR
  • EA_TWOFISH128_CTR
  • EA_TWOFISH192_CTR
  • EA_TWOFISH256_CTR
  • EA_SERPENT128_CTR
  • EA_SERPENT192_CTR
  • EA_SERPENT256_CTR
  • EA_IDEA_CTR
  • EA_ARCFOUR128
  • EA_CAST128_CTR
  • EA_ARCFOUR256
  • EA_AES128_GCM
  • EA_AES256_GCM
  • EA_AES128_GCM_OPENSSH
  • EA_AES256_GCM_OPENSSH
  • EA_CHACHA20
  • EA_CHACHA20_OPENSSH

This parameter is available only if the Cipher selection(s) parameter is set to Custom.

Key-Exchange algorithm(s) Text (options) Yes All SSHKEYEXCHANGE="DH_GROUP" Specifies the key-exchange algorithms to use during the SSH session. To select multiple algorithms, manually enter and separate each one with a comma (for example, DH_GROUP,RSA1024_SHA1). The key-exchange algorithms supported by Automate Desktop are:
  • DH_GROUP_EXCHANGE
  • DH_GROUP
  • DH_GROUP_14
  • DH_GROUP_EXCHANGE256
  • RSA1024_SHA1
  • RSA2048_SHA256
  • ECDH_NIST_P256
  • ECDH_NIST_P384
  • ECDH_NIST_P512
  • ECDH_NIST_K163
  • ECDH_NIST_P192
  • ECDH_NIST_P224
  • ECDH_NIST_K233
  • ECDH_NIST_B233
  • ECDH_NIST_K283
  • ECDH_NIST_K409
  • ECDH_NIST_B409
  • ECDH_NIST_K571
  • ECDH_CURVE25519
  • CURVE25519
  • CURVE448

  • GSS_GROUP_EXCHANGE
  • GSS_GROUP
  • GSS_GROUP_14
  • DH_GROUP_14_SHA256

  • DH_GROUP_15_SHA512

  • DH_GROUP_16_SHA512

  • DH_GROUP_17_SHA512

  • DH_GROUP_18_SHA512

This parameter is available only if the Cipher selection(s) parameter is set to Custom.

MAC algorithm(s) Text (options) Yes All SSHMAC="HMAC_SHA1_96" Specifies the MAC algorithms to use during the SSH session. To select multiple algorithms, manually enter and separate each one with a comma (for example, HMAC_SHA1,UMAC32). The MAC algorithms supported by Automate Desktop are:
  • HMAC_SHA1
  • HMAC_SHA1_96
  • HMAC_MD5
  • HMAC_MD5_96
  • NONE
  • HMAC_RIPEMD160
  • HMAC_RIPEMD
  • HMAC_RIPEMD_OPENSSH
  • HMAC_SHA256
  • HMAC_SHA256_96
  • UMAC32
  • UMAC64
  • UMAC96
  • UMAC128
  • HMAC_SHA2_256
  • HMAC_SHA2_512
  • AES128_GCM
  • AES256_GCM
  • POLY1305

This parameter is available only if the Cipher selection(s) parameter is set to Custom.

Public key algorithm(s) Text (options) Yes All SSHPUBLICKEY="X509_SIGN_RSA" Specifies the public key algorithms to use during the SSH session. To select multiple algorithms, manually enter and separate each one with a comma (for example, DSS,RSA). The public key algorithms supported by Automate Desktop are:
  • DSS
  • RSA
  • X509_SIGN_RSA
  • X509_SIGN_DSS
  • SPKI_SIGN_RSA
  • SPKI_SIGN_DSS
  • PGP_SIGN_RSA
  • PGP_SIGN_DSS
  • ECDSA_NIST_P256
  • ECDSA_NIST_P384
  • ECDSA_NIST_P521
  • ECDSA_NIST_K163
  • ECDSA_NIST_P192
  • ECDSA_NIST_P224
  • ECDSA_NIST_K233
  • ECDSA_NIST_B233
  • ECDSA_NIST_K283
  • ECDSA_NIST_K409
  • ECDSA_NIST_B409
  • ECDSA_NIST_K571
  • ECDSA_CURVE25519
  • X509_SSH_DSS

  • X509_SSH_RSA

  • X509_RSA2048_SHA256

  • X509_ECDSA_SHA2_NIST_P256

  • X509_ECDSA_SHA2_NIST_P384

  • X509_ECDSA_SHA2_NIST_P521

  • X509_ECDSA_SHA2_NIST_K163

  • X509_ECDSA_SHA2_NIST_P192

  • X509_ECDSA_SHA2_NIST_P224

  • X509_ECDSA_SHA2_NIST_K233

  • X509_ECDSA_SHA2_NIST_B233

  • X509_ECDSA_SHA2_NIST_K283

  • X509_ECDSA_SHA2_NIST_K409

  • X509_ECDSA_SHA2_NIST_B409

  • X509_ECDSA_SHA2_NIST_K571

  • X509_ECDSA_SHA2_CURVE25519

  • ED25519

  • ED448

  • RSA_SHA256

  • RSA_SHA512

This parameter is available only if the Cipher selection(s) parameter is set to Custom.

Log file Text No (Empty) LOGFILE="c:\temp\error.log" The location of a detailed FTP log file. This log file contains the exact text of the FTP session which can be useful in diagnosing particular errors or elusive problems.
Overwrite existing log file Yes/No No Yes OVERWRITELOG="NO" If selected (default), specifies the log file should be overwritten if the same file already exists.  If disabled, the file will not be overwritten, however, an error will occur at runtime as a result.
Transfer blocks Text (options) Yes, if the Connection type parameter is set to SFTP (password) or SFTP (key) Auto-Adjust
  • TRANSFERBLOCKSELECTION="auto-adjust"
  • TRANSFERBLOCKSELECTION="legacy"
  • TRANSFERBLOCKSELECTION="custom"
Specifies how blocks are transferred over SFTP. The available options are:
  • Auto-Adjust - Transfers blocks using settings automatically determined by Automate Desktop.

  • Legacy - Transfer blocks using legacy settings from Automate Desktop versions prior to 11.5.0.

    NOTE: If this option is selected, the Pipeline length, Upload block size, and Download block size parameters are pre-populated with values from Automate Desktop versions prior to 11.5.0 and are not editable.

  • Custom - Transfer blocks based on custom settings determined by you. Selecting this option makes the Pipeline length, Upload block size, and Download block size parameters available and required.

Pipeline length Number Yes, if the Transfer blocks parameter is set to Custom 1 PIPELINELENGTH="13" Specifies the pipeline length to use when transferring blocks over SFTP.
Upload block size Number Yes, if the Transfer blocks parameter is set to Custom 16384 UPLOADSIZE="163548" Specifies the upload block size to use during SFTP transfers.
Download block size Number Yes, if the Transfer blocks parameter is set to Custom 16384 DOWNLOADSIZE="163548" Specifies the download block size to use during SFTP transfers.
Timeout Number Yes 30 TIMEOUT="60" Indicates a connection time out to customize how long Automate Desktop will wait before aborting a connection attempt. If connection is not established within the time out value specified, it is automatically aborted. The default value is 30 seconds.
Measure (unlabeled) Text (options) Yes seconds
  • MEASURE="milliseconds"
  • MEASURE="seconds"
  • MEASURE="minutes"
  • MEASURE="hours"
The time measurement corresponding to the value entered in the Timeout parameter. The available options are:
  • Milliseconds - Timeout value set to milliseconds.
  • Seconds (default) - Timeout value set to seconds.
  • Minutes - Timeout value set to minutes.
  • Hours - Timeout value set to hours.
Upload buffer size (bytes) Number Yes
  • 65536
  • 131702
UPLOADBUFFERSIZE="54443" The upload buffer size value (in bytes) for files being uploaded. In some cases changing the upload buffer size can make a difference; particularly in transfers over high loss or high speed connections where latency plays an important role.

Depending on the connection type, the default value/maximum buffer size will vary:

  • FTP - 65536
  • SFTP - 131702
NOTE: Setting the Upload buffer size value too high for slow connections might cause timeouts and the transfer speed calculation may become inaccurate.

Proxy

Property Type Required Default Markup Description
Proxy type Text (options) No None
  • PROXYTYPE="default"
  • PROXYTYPE="none"
  • PROXYTYPE="socks4"
  • PROXYTYPE="socks4a"
  • PROXYTYPE="socks5"
  • PROXYTYPE="http"
  • PROXYTYPE="ftp_site"
  • PROXYTYPE="ftp_user"
  • PROXYTYPE="ftp_open"
Specifies the proxy protocol to use. If you are unsure of the value to use in this parameter, contact your network administrator. The available options are:
  • Default - The settings specified in the Task Administrator preferences are used.
  • None - Instructs the activity not to use a proxy server regardless of the system default.
  • Socks 4 - Instructs the activity to go through a Socks 4 compliant server.
  • Socks 4a - Instructs the activity to go through a Socks 4a compliant server.
  • Socks 5 - Instructs the activity to go through a Socks 5 compliant server.
  • HTTP - Instructs the activity to go through a HTTP compliant server.
  • FTP Site - Instructs the activity to go through an FTP Site compliant server.
  • FTPUser - Instructs the activity to go through an FTP User compliant server.
  • FTPOpen - Instructs the activity to go through an FTP Open compliant server.
Proxy server Text Yes (Empty) PROXYSERVER="proxy.host.com" The hostname (for example, server.domain.com) or IP address (for example, xxx.xxx.xxx.xxx) of the proxy server.
Proxy port Text Yes 1028 PROXYPORT="1000" The port to use to connect to the FTP server. Most standard FTP servers operate on port 1028 (the default port specified), however, this parameter can be customized in case the FTP server operates on other ports.
NOTE: Other default ports may be assigned depending on the server connection type selected.
Use authentication --- --- --- --- If selected, specifies the connection to the proxy server requires authentication (disabled by default).
NOTE: This parameter does not contain markup and is only displayed in visual mode for task construction and configuration purposes.
Proxy username Text No (Empty) PROXYUSERNAME="username" The username to use to authenticate with the proxy server. This option is only valid when Socks 5 is specified in the Proxy type as it is the only version that supports authentication.
Proxy password Text No (Empty) PROXYPASSWORD="encrypted" The password to use to authenticate with the proxy server. When the step is created using the Task Builder it is written to the task encrypted. This option is only valid when Socks 5 is specified in the Proxy type as it is the only version that supports authentication.

Description

Error Causes

On Error

Additional notes

Public/private key encryption

In public/private key encryption, different keys are used to encrypt and decrypt information. The first key is a private key (a key that is known only to its owner), while the second key (called the public key) can be made known and available to other entities on the network. The two keys are different but complementary in function. For example, a user’s public key can be published in a certificate in a directory so that it is accessible to other people in the organization. The sender of a message can retrieve the user’s certificate from Active Directory, obtain the public key from the certificate, and then encrypt the message by using the recipient's public key. Information that is encrypted with the public key can be decrypted only by using the corresponding private key of the set, which remains with its owner, the recipient of the message.

When you authenticate with a public/private key pair using the SFTP (key) connection type, you have a private key on your computer, a key that only you have access to (this is crucial). The server to which you are connecting has a copy of your public key. This key is safe for anyone to have. When you logon using your key pair, the server sends a challenge, encrypted with your public key (to which it has access to, since you uploaded it to the appropriate place in your home directory). The only key that will unencrypt the challenge is your private key. Your SSH/SCP/SFTP program (in this case, Automate Desktop) does this, and the server then knows you are who you claim to be.

Examples

NOTE:
  • Copy and paste the sample AML code below directly into the Task Builder Steps Panel.
  • To successfully run the sample code, update parameters containing user credentials, files, file paths, or other information specific to the task to match your environment.

Example 1

This sample task will log onto an FTP site, download a single file, and then log off.

Copy
<AMFTP ACTIVITY="logon" SERVER="YourFTPHost" USERNAME="YourUsername" PASSWORD="AM1MoyAfpKHilpraHBIX6ei1E/2ZhM5egRHalje6g6YThM=aME" />
<AMFTP SOURCE="/home/ftp/filename.txt" DEST="C:\Temp\*.*" />
<AMFTP ACTIVITY="logoff" />

Example 2

This sample task demonstrates the activities used to download files from one FTP server to another. The first two steps logs onto two separate FTP hosts and creates a unique session name for each connection. The third step performs the file transfer from one server to another. The last two steps are used to log off each FTP server.  In order for this task to work in your environment, please make the appropriate modifications in the properties of each activity.

Copy
<AMFTP ACTIVITY="logon" SESSION="Server1Session" SERVER="ftp.server1.com" USERNAME="theuser" PASSWORD="AM2WknKdIcXr7JaSdh0lRfctA==aME" />
<AMFTP ACTIVITY="logon" SESSION="Server2Session" SERVER="ftp.server2.com" USERNAME="theuser" PASSWORD="AM2WknKdIcXr7JaSdh0lRfctA==aME" />
<AMFTP ACTIVITY="fxp" SOURCE="/Server1/myFolder/*.*" DEST="/Server2/myFolder/*.*" SUBFOLDERS="YES" KEEPFOLDERSTRUCT="YES" OVERWRITE="YES" RESULTDATASET="theDataset" SESSION="Server1Session" DESTINATIONSESSION="Server2Session" />
<AMFTP ACTIVITY="logoff" SESSION="Server1Session" />
<AMFTP ACTIVITY="logoff" SESSION="Server2Session" />