Skip to main content

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Share your experience with the FAS IT-Playbook by taking this brief survey

SFTP

The current process involves registering the Source IP of the client/vendor into the FCR to get the SFTP account. Once the account is set up the client can send the files to the SFTP server only using its Source IP.

"External Clients" get their SFTP (SSH File Transfer Protocol) account using the linked form. While submitting the form the vendor has to provide information like the account name, folder structure, size allocation and the Source IP or Fully qualified domain name of the server(s) from which the vendor applications will be connecting to the SFTP server. Once they obtain an account, they can submit their files using the SFTP endpoints which are provided at the Stennis or North Carolina data centers. These servers are reachable from the GSA Cloud and commonly a script is added to the Pentaho Data Integration service which, on a schedule, pulls new files from the SFTP file system and places them in the specified S3 bucket within the GSA Cloud.

SFTP graphic

On Premise SFTP Server: sftp://ftp.fss.gsa.gov/

Currently there are two servers in the on premise:

To use SFTP:

  1. The client needs credentials to access the server which they get when their account is provisioned.

  2. An S3 bucket needs to be provisioned with public and secret access keys.

  3. A Pentaho script needs to be created which pulls incoming files from the SFTP file system and places them in the target S3 bucket.

Issues:

If the Source IP changes from the vendor side or from the agency side then they will have to add the new IP address to the FCR by submitting a request form for the SFTP account.