FTP / SFTP / FTPS Path¶
Use this path to retrieve the file from an FTP server (FTP, SFTP or FTPS). The parameters required to configure this path are the URL and credentials of the server.
The credentials of the server can be a login/password or a login and an SSH private key (the SSH key can be password protected).
By default, the data sources use Binary transfer mode. To change it to ASCII transfer mode,
add ;type=A
to the URL.
Examples:
URL to obtain the file “employee.csv” from an FTP server:
ftp://ftp.example.com/pub/employee.csv
URL to an SFTP server:
sftp://example.com/home/joe/employee.csv
URL to an FTP server with ASCII transfer mode enabled:
ftp://example.com/pub/employee.csv;type=A
URL to an FTP server with ASCII transfer mode enabled retrieving all the files located at
pub
folder:ftp://example.com/pub/;type=A
It is possible to specify whether the FTPS connection mode is implicit or explicit.
To enable explicit mode: EXPLICIT=true
.
On the other hand, for implicit mode: EXPLICIT=false
(Default value).
You can also specify whether the FTP connection is passive or active.
To activate passive mode: PASSIVE=true
(Default value).
To activate active mode: PASSIVE=false
.
In addition, we can specify the PROT (Data Channel Protection Level).
To activate it, it will be necessary to specify EXECUTEPROTCOMMAND=true
. Then, the level of
protection must then be indicated. For this we have PROTECTIONLEVEL = '[P|C]'
. This
parameter can take the values C (Clear) and P (Private).
Additionally, when the PROT is enabled but it requires the negotiation of the protection buffer:
PBSZ = <buffer_size>
Note
In SFTP connections, the RSA/SHA1 signature
algorithm is disabled by default. If your SFTP server only supports RSA/SHA1 signatures and you require their use in your
application, then you will need to manually reenable them. For compatibility with OpenSSH and improved security,
the order of crypto algorithms was changed. If you still want to use older or deprecated algorithms, you need to
change the configuration.
The OpenSSL documentation page Legacy Options explains how to configure OpenSSH to enable insecure algorithms.
In addition, you can enable rsa-sha1 without modifying your SSH configuration by adding the JVM option -Djsch.kex=ssh-ed25519,diffie-hellman-group14-sha1
to the
Virtual DataPort server.