Skip to main content

Troubleshooting Outbound SFTP

Outbound SFTP connections can be interrupted by a variety of issues. Some are fixed by changing configuration settings in your Files.com site. Others must be addressed in the configuration of the remote SFTP system or its firewall.

SFTP Configuration

Verify that you are using the correct SFTP configuration setting to connect to the remote SFTP server. Check that the hostname, authentication information, and port are correct.

Confirm that the outbound server is an SFTP server. The default SFTP port is 22, but a different customized port can be used. If the connection information you were given specifies ports 21 or 990, the remote server supports FTP(S) instead of SFTP.

Concurrent Connection Limits

SFTP servers typically support a limited number of simultaneous concurrent connections. Enterprise-grade SFTP servers allow a higher number of connections, while other SFTP servers allow fewer. Refer to the SFTP server documentation, or contact the operator of the SFTP server, to determine whether connection limits exist.

We recommend setting the maximum number of connections value to 25.

If you need to change it, adjust gradually to find the optimal setting for the remote SFTP server.

Rate Limits

SFTP servers can implement rate limits that cap the number of times the server can be connected to within a specified duration.

Implementing dedicated IP addresses for your Files.com site helps mitigate rate limit issues.

Timeout Issues

Timeout issues can occur in various ways.

When intermittent network issues exist between Files.com and the remote server, SFTP commands or their responses can fail to occur within the time allowed by the SFTP protocol.

When the remote server is overloaded or runs out of resources, such as its CPU or memory hitting 100%, SFTP commands take much longer to execute.

When the remote SFTP server changes something, such as the authentication method or the SFTP port, SFTP connections from Files.com can time out because they are trying to connect using outdated information.

SFTP commands fail if the remote SFTP server does not respond within 45 seconds. We expect responses to take less than 5 to 10 seconds under normal conditions. A response time exceeding 45 seconds indicates a problem on the remote server.

Resolve any network issues and confirm that the remote SFTP server can support the connection load being sent to it from Files.com.

Scalability Issues

Files.com is designed for Enterprise scalability. As a cloud-native solution, our platform provides elastic scalability with effectively no limits for file sizes or number of connections.

Remote SFTP servers do not always offer the same scalability. Modern Enterprise-level SFTP solutions are generally able to match our throughput and capacity. SFTP connectivity can also be implemented by systems that expect casual use and are not designed to handle large amounts of SFTP traffic.

Confirm that combined workloads from all Syncs, Remote Mounts, and Automations to the remote server stay within its operational limits.

Compatibility Issues

The SFTP protocol has been widely adopted since the late 1990s, with improvements and updates still being applied today.

Backwards compatibility with older versions of SFTP is not always possible, depending on the security issues present in those older versions.

We provide options for you to allow connections to older insecure versions of SFTP.

Some SFTP servers allow customization or are implemented in a non-standard way. Connectivity to non-standard SFTP servers is not always successful.

Firewalls

Firewalls or other restrictions on the remote server can require an IP address to be allowlisted.

Verify that connections from Files.com IP addresses are allowed by the remote SFTP server.

Verify the IP addresses that are being used for connections from your Files.com site, and confirm that these IP addresses are not blocked by any firewalls.

Ciphers Used For Connection

Connections to a remote SFTP server use the algorithm cipher agreed upon by both Files.com and the remote system. Files.com presents a list of algorithm ciphers, starting with the strongest and ending with the weakest, to the remote SFTP server. The remote server decides which algorithms are used for Key Exchange, Server Host Key, Encryption, and MAC. Contact the administrator of the remote SFTP server to determine which SSH algorithm ciphers that system supports.