Help Center/ Cloud Bastion Host/ User Guide/ Resource Operation/ Host Resource Operation/ Using an FTP or SFTP Client to Log In to File Transfer Resources
Updated on 2025-07-18 GMT+08:00

Using an FTP or SFTP Client to Log In to File Transfer Resources

You can use file transfer clients to transfer files between authorized managed hosts. This means you can transfer files the way you are used to. A bastion host can log all activities performed on a host resource. The logs can be used for audits.

This topic describes how to obtain client login information and log in to resources that use a file transfer protocol.

Constraints

  • If the primary/secondary account operation method is selected for the FTP/SFTP protocol, only resource accounts with Login Type set to Auto Login can be used. The Empty resource account cannot be used.
  • Transferring file over SFTP is not supported for host resources with MFA enabled. For details, see Configuring Multifactor Verification.
  • Only hosts with Protocol set to FTP or SFTP can be logged in to using a web browser. Client tools must meet the requirements in the following table.
    Table 1 Tools supported

    Host Protocol

    Client Tool Required

    SFTP

    Xftp 6 or later, WinSCP 5.14.4 or later, and FlashFXP 5.4 or later

    FTP Protocol

    Xftp 6 or later, WinSCP 5.14.4 or later, FlashFXP 5.4 or later, and FileZilla 3.46.3 or later

    Table 2 Supported clients

    Algorithm Type

    SSH Client

    Key exchange

    • diffie-hellman-group-exchange-sha256
    • diffie-hellman-group-exchange-sha1
    • diffie-hellman-group14-sha1
    • diffie-hellman-group1-sha1
    • ecdh-sha2-nistp521
    • ecdh-sha2-nistp384
    • ecdh-sha2-nistp256

    Encryption

    • aes128-ctr
    • aes192-ctr
    • aes256-ctr
    • aes128-cbc
    • aes192-cbc
    • aes256-cbc
    • 3des-cbc
    • blowfish-cbc
    • arcfour128
    • arcfour256

    HMAC

    • hmac-md5
    • hmac-md5-96
    • hmac-sha1
    • hmac-sha1-96
    • hmac-sha2-256
    • hmac-sha2-512

    Host Key

    • ssh-rsa
    • ssh-dss
    • rsa-sha2-256
    • rsa-sha2-512
    • ecdsa-sha2-nistp256
    • ecdsa-sha2-nistp384
    • ecdsa-sha2-nistp521

Prerequisites

  • You have the management permissions for the Host Operations module.
  • You have obtained the access permissions for the resources.
  • You have installed the client tool.
  • The network connection between the managed host and the system is normal, and the account username and password for logging in to the managed host are correct.
  • You have enabled FTP and opened ports 2222 (for SFTP) and 2121 (for FTP). For details, see Configuring the Operation Ports.
  • You have configured an SSO client on the local PC if you want to select the client operation method for the FTP or SFTP protocol.

Procedure

  1. Obtain the login information.

    1. Log in to your bastion host.
    2. Choose Operation > Host Operations to go to the Host Operations page.
    3. Select an FTP or SFTP host resource, and click Login.

  2. Log in to the host using a client tool.

    1. Start the local FTP or SFTP client tool.
    2. Enter the host address, port number, user name, and login password.

      You can use APIs to log in to host resources using the FTP or SFTP protocol.

      Table 3 Parameter description

      Parameter

      Description

      Host Addr

      IP address for logging in to the bastion host.

      Port

      Port number. The default port number is 2222.

      UserName

      Username in the configuration information in the format of login name@resource account name@host address, for example, admin@root@192.168.1.1.

      Password

      Password for the user to log in to the bastion host.