Unlike SFTP, FTP is disabled by default in Couchdrop. This is because FTP is comparitively buggy and insecure and so we do not recommend using it where there are other options.

Enabling FTPs

To enable FTPs access, you must be an administrator or the owner in Couchdrop.

• Login to Couchdrop's web app

• Click SFTP Server

• Click FTP Connectivity

• Click Enable FTP

This setting will activate immediately.

Getting Started

Most Couchdrop users are interested in one core feature of Couchdrop

Common Questions

The primary use case for Couchdrop is as a SFTP server. It's easy to setup, fast, autoscaling and works with your cloud storage.

Introduction to SFTP

What is SFTP you might ask?

SFTP is currently the most robust and well supported protocol for backend and automated file transfers over the internet. File transfers have been a part of the internet since it was first invented and file transfers are amongst the most frequent operations on the internet today.

The successor to FTP

If you have not heard of FTP, you might have been living in a cave. A pretty big cave. Go back inside, you're probably lost.

SFTP is the successor to FTP and is simpler, faster and more robust than the traditional FTP protocol. FTP was a great solution for how the internet used to work, before NAT and private ip addresses. Before firewalls and hackers. The modern internet has changed a bit and FTP has not stood the test of time.

SFTP fixes a lot of the underlying issues with FTP and adds asymmetric encryption (the magic behind HTTPS) to the mix, which means along with it being incredibly robust and simple in design, it's also extremely secure.

Both FTP and SFTP are well supported

As protocols, both SFTP and FTP are very well supported by systems, which make them ideal for transferring data in an automated way between disparate systems. SFTP is used across the board to transfer anything from banking transactions to power grid logs and everything in between.

Not a file sharing tool

It's worth noting at this point, that SFTP is not a file sharing or collaboration tool.

It could be used in that way, but it's really not well suited to it. Dropbox, Box, SharePoint and Google Drive are just better for this use case. Where SFTP and FTP really shine is when there are robots (computers) talking to each other. You can think of it like a pipe rather than a piece of paper.

Neat huh.

SFTP is not Secure File Transfers. It is SFTP.

Couchdrop SFTP

So, you might ask, where does Couchdrop fit in. Well remember ^above how I mentioned that Dropbox, Google Drive and SharePoint are not SFTP servers. Well, sometimes you need them to be. And sometimes, you want to standup a SFTP or FTP server, without the "Server Part". This is where Couchdrop shines.

Couchdrop is your scalable SFTP server in the cloud, allowing direct connection of your own storage (or ours) with no need to deploy and manage infrastructure.

Getting Started with Couchdrop

When you first register for Couchdrop, SFTP based access is enabled by default. You have a SFTP server and you didn't have to raise a finger.

Introduction

Creating a new transfer automation is a simple process. It can be done in a few steps from the Couchdrop Web App, by administrators and authorised users.

Requirements

To get started, you will most likely need the following:

• A folder, or connection details to a remote server or cloud storage provider that you want to poll for new files or changes

• A destination folder

• Details regarding required actions

Steps to Create Automation

Follow the steps below to create a new automation:

1. Login to the Couchdrop Web App

2. Click Transfer Automations and then Create New Transfer

3. Choose a name for your new automation. This is to make management easier.

4. Choose a source and select a file or folder for Couchdrop to poll

5. Choose matching conditions

6. Choose required actions

7. Configure notifications

8. Configure scheduling. Scheduling is optional and automations can be triggered on-demand through web hooks or manually from the Couchdrop Web App.

Your automation should now be configured.

Introduction

Traditional SFTP and FTP servers use local storage and most cloud hosted SFTP servers provide some level of storage. Couchdrop is a bit different in this regard. Rather than including storage that is on disk, Couchdrop connects to your storage platform.

We support over 30 different cloud storage engines, including:

• Dropbox

• SharePoint

• Google Drive

• Amazon S3

• Backblaze B2

• Wasabi

• Azure Files

• External SFTP and FTP servers

• Microsoft Windows File Servers

This means that you can bring your own storage to Couchdrop and use SFTP on top of your existing collection of folders and documents.

We do offer storage, but we are using Amazon S3 buckets to store that data. Meaning that you benefit from the amazing reliability and security of Amazon S3 without having to worry about the config.

Connecting Storage to Couchdrop

Learn about connecting Cloud Storage:

Accessing Couchdrop via SFTP or FTP requires a user account. We do not recommend using your owner account as they have elevated permissions to Couchdrop and generally SFTP users are shared with external systems and providers.

User Management in Couchdrop

Checking SFTP and FTP Access

You can see who has access directly in the Couchdrop SFTP section from the web app.

Granting access rights

Access to SFTP and FTP is granted on a user level and on a group level. Account administrators and owners can manage these settings from Couchdrop Administration section.

To manage, open a user or group and click the Access Controls tab.

Introduction

Couchdrop supports several key actions when configuring and managing automations. These actions modify or move files that are being processed by Couchdrop.

Action Nestling

Actions can be nestled in Automations, which means one action depends on the success and output of the previous action. This is a unique feature of Couchdrop and allows for very complex scenarios.

If a sub-action fails, then Couchdrop will not continue to process any child actions

Available Actions

The following actions are available in Couchdrop

Introduction

Shared links are a simple feature in Couchdrop to facilitate link-based sharing of files and folders. They are relatively simple in nature and are not designed as a replacement for more comprehensive sharing facilities available in some of the cloud platforms on the market.

Using Shared Links

To use shared links, you can simply create one from the Couchdrop App under Browse Files.

1. From the dropdown menu on a folder or file, click Create Shared Link

2. Couchdrop will then create a new shared link, with a unique url

3. You can customise the shared link, with a Password or by making it a One Time Use link

To access the shared link, copy the link provided in the Couchdrop App.

Troubleshooting transfer automations is done through the Couchdrop Web App. Most failures or issues come down to configuration or connectivity issues. To make things easy, we provide verbose logging around each.

Introduction

Web upload inboxes are the most popular type of inboxes in Couchdrop. Inboxes can be created by any user and can be mapped directly to a folder or cloud storage platform, either existing or new.

It's a simple process and at the end of it, you will have an upload link that can be shared with external parties in a secure way.

Requirements

To setup an inbox, generally you will need the following:

• Access to Couchdrop, with the appropriate user rights. Talk to your admin to get these.

• A folder or details for a cloud storage drive and rights to manage it

How to create the Inbox

To create the inbox, follow the steps below:

1. Login to Couchdrop and click Inboxes

2. Click Create New Inbox. If you don't see this option, talk to your administrator.

3. Provide a name for the inbox. This is simply so you can identify it.

4. Select a location for files to arrive. This is the place where user delivered files will be located. You can choose an existing folder, or configure a new cloud storage connection here. Once you are done, click Save and Continue.

5. Enable the Web Inbox for uploads by toggling the Enabled checkbox

6. If you want to collect metadata with the uploads, you can configure this at this step.

7. Click Save and Continue and skip over the Email Inbox step

8. Choose an expiry. This is an optional step.

Now you will see your newly created Inbox. Copy the web url field by clicking Web Link and test it.

Introduction

Transfer automations are a key feature in Couchdrop. At a simple level, Transfer Automations automate the exchange of data in backend systems.

Automations allow you to push, pull, or modify files automatically based on activation triggers or on a set schedule with robust set and forget configurations.

Automations can work with any one of the supported Couchdrop storage connections, including external SFTP, FTP, Windows file servers and over 30 different cloud storage platforms including SharePoint and Amazon S3.

Automations support not only transferring files, but also the automatic encryption/decryption, renaming, duplication and more.

Overview Demo

Couchdrop provides a public host key that can be used to verify the authenticity of the endpoint you are connecting to. This key is static and we do not expect it to change in the future.

The host key for all Couchdrop endpoints

AAAAB3NzaC1yc2EAAAADAQABAAAAgQCFzDO6AiZhK4ks4Bz/VBysjB3fpExCfOmy2EuI2gXJDYgom4nvZK4eEEgHRrkNoRUww4RJ7CTRKKXWodP7OthQw2AfppgBfR8dUK3zYdp/IClqTZ0+yxk72lLV9k8HwbtalOEzlJNc6AKlAkDi+WtG8RRZbJeaQZf3pe0k6oa7yQ==

Introduction

File actions are traditional automations. While Transfer Automationswill poll for files and transfer them on a set cadence, File Actions bind to an existing event inside Couchdrop.

A file action can be configured to perform a certain action after another action occurs. You can have as many file actions as you like and they reuse a lot of the existing functionality from Transfer Automations.

Introduction

Variables are used in Couchdrop to support custom filename and path creation in automations. Whenever setting a location or path in an automation, you can use variables to generate an appropriate path.

Available Variables

The following variables are available for automations

Connecting to Couchdrop with a SFTP or FTP client is simple. To get started, you will need:

• A username and password or

• A username and key

• The hostname for your Couchdrop POP. This can be found by clicking Connect

• A SFTP or FTP client

General Connection Details

Couchdrop uses the default ports for both SFTP and FTP.

SFTP Connection Options

SFTP is beautifully simple in terms of configuration options. There are normally only two.

FTP Connection Options

FTP has a few options around networking and security. Couchdrop attempts to support as many clients as feasible, but these are the recommendations.

Couchdrop supports data ingestion via webhooks.

Example 1: Upload via CURL

To upload via curl:

curl -v -F content=@CHRIS.txt 
-H "Authorization: Bearer <token>" 
https://my.couchdrop.io/webhook/0479ae21-a677-49bb-9937-d5841b3b9ed1

Example 2: Upload with Python using a stream

import requests

binary_file_path = "/Users/donald/testing/trophy.jpg"
webhook_id = "<webhook_id>"
token = "<token>"

with open(binary_file_path, 'rb') as f:
 data = f.read()
    
 res = requests.post(
     url='https://my.couchdrop.io/webhook/' + webhook_id, data=data,
     headers={
      'filename': 'trophy_webhook.jpg', 
      'Content-Type': 'application/octet-stream', 
      'Authorization': 'Bearer ' + token
     })

Example 3: Upload JSON data to a file

curl -H "Filename: json_test_file.json" 
-H "Content-Type: application/json" 
-XPOST https://my.couchdrop.io/webhook/0479ae21-a677-49bb-9937-d5841b3b9ed1 
-d '{"id": "dasflk34masd", "event": "purchase", "customer": "testaccount"}'

Introduction

Mail inboxes are a very useful feature of Couchdrop. Mail Inboxes can be created by any user and can be mapped directly to a folder or cloud storage platform, either existing or new.It's a simple process and at the end of it, you will have a unique email address that can be shared with clients or partners. When an email is sent to the email address in question, any included attachments will be uploaded to the folder specified in the inbox.

Requirements

To setup an inbox, generally you will need the following:

• Access to Couchdrop, with the appropriate user rights. Talk to your admin to get these.

• A folder or details for a cloud storage drive and rights to manage it

• A list of email addresses that Couchdrop should allow uploads from

How to create the Inbox

To create the inbox, follow the steps below:

1. Login to Couchdrop and click Inboxes

2. Click Create New Inbox. If you don't see this option, talk to your administrator.

3. Provide a name for the inbox. This is simply so you can identify it.

4. Select a location for files to arrive. This is the place where user delivered files will be located. You can choose an existing folder, or configure a new cloud storage connection here. Once you are done, click Save and Continue.

5. Skip the the Web Inbox step and Enable the mailbox for uploads, by toggling the Enabled checkbox

6. Configure the allowed senders. Wildcards are supported and you can include as many addresses as you like by using a comma.

7. Click Save and Continue

8. Choose an expiry. This is an optional step.

Now you will see your newly created Inbox. Copy the email address by clicking Email.

Couchdrop has a very simple role structure. When thinking about users in Couchdrop, there are Internal Users and External Users.

Internal Users

Internal Users are users within your organisation. Typically, they are management users with permission to configure and manage file transfers and can create/manage External Users.

External Users

External Users are users that are sending and/or receiving files to/from your organisation. These accounts are normally very limited in scope and are often headless.

Available Roles in Couchdrop

Couchdrop has four different types of user accounts.

When creating a user, you must specify a role. This role can be adjusted at any time.

Feature Restrictions

Feature access can be managed at multiple levels.

Introduction

Create an AS2 Station to receive files from your trading partners using the AS2 protocol and map them directly to a folder or cloud storage platform. Once created, every station will have a unique URL where your partners can send you files.

Requirements

To set up an AS2 Station, generally, you will need the following:

• Access to Couchdrop, with the appropriate user rights. Talk to your admin to get these.

• A folder or details for a cloud storage drive and rights to manage it.

• Information from the partners you wish to receive files such as their AS2 ID and the signing certificate to validate the signature of the incoming files.

How to create the AS2 Station

To create the AS2 Station, follow the steps below:

1. Login to Couchdrop and click AS2 Stations

2. Click Create New AS2 Station. If you don't see this option, talk to your administrator.

3. Provide a name for the AS2 Station. This is simply so you can identify it.

4. Provide the AS2 ID for your station. You will need to share this ID with your trading partners.

5. Add your private key and public certificate for file decryption and MDN (Message disposition notification) signing. You can choose to use the same key pair for decryption and signing or use a different pair for each.

6. Select a location for files to arrive. This is the place where files sent by your AS2 trading partners will be located. You can choose an existing folder, or configure a new cloud storage connection here. Once you are done, click Save and Continue.

7. Add your AS2 trading partner

   1. Click Create New AS2 Trading Partner.

   2. Provide a name for your AS2 partner

   3. Add the partner's AS2 ID provided by them.

   4. Add the partner's signing certificate provided by them.

   5. Once you are done, click Save and Back.

8. Now you will see your recently added trading partner in the AS2 Trading Partners table, you could add more trading partners by repeating the steps described above. When done, click Save and Continue.

9. Optionally, you can set alerts to receive email notifications for successful and/or failed file transactions for this AS2 Station. Click Save and Continue

Now you will see your newly created AS2 Station. For the file transmission to be successful you will need to share the following information with your AS2 trading partners:

• Station AS2 ID

• Station URL

• Certificate file for signing

• Certificate file for encryption

As an option, you can use the Share Instructions action to send this information.

Creating users in Couchdrop is a simple process and can be done a couple of different ways.

Creating Users Manually

To add a user to Couchdrop manually:

• Login to Couchdrop

• Navigate to Administration --> Users

• Click Create New User

From here, you will need to provide details for their account:

• Pick a username, this needs to be unique across Couchdrop

• Supply an email address. This is optional but is important if you expect the user to be used for more than just SFTP and FTP access

• Set a password.

• Choose the user's role

The final step is choosing the user's root directly. Information on what is a root directory can be found The Root Directory.

Inviting Users to Couchdrop

Users can be invited via email to Couchdrop. When invited, users will be provided with a password and basic settings.

To invite users to Couchdrop:

• Login to Couchdrop

• Navigate to Administration --> Users

• Click the ... menu button and choose Invite User

Video Guide

Authentication in Couchdrop comes in two flavours. Password based authentication, and for SFTP and SCP, RSA based authentication. Couchdrop has extensive support for both, and users can self manage keys and passwords if granted access to the Couchdrop Web App.

Password only authentication

Password only authentication is the default setting for Couchdrop. When a user is first configured, they will need to provide a secure password that is used to login to both the web app and the SFTP and SCP server.

Passwords can be managed and changed by an administrator and the user themselves.

All users, regardless of key settings, need a password to be configured.

RSA (and others) key based authentication

Couchdrop supports standard key based authentication for SFTP and SCP. Key based authentication requires a private key and a public key. The public key is shared with Couchdrop and the private key remains a secret.

Keys can be re-used across multiple users and are configurable under Administration --> Users --> RSA Public Keys

Supported Key Types

We support the following key types.

Generating a new key

Creating a new key is not something that we facilitate inside Couchdrop. This is to ensure that Couchdrop is never the holder (even by accident) of SSH private keys. Not to worry, creating a key pair is simple.

On a Mac, Linux Box or any other Unix Server:

From a console:

This will generate two files.

• abc

• abc.pub

The abc.pub file is what we need.

Open the file and copy it to Couchdrop: The file will look something like this:

Adding the public key to Couchdrop

Arguably the easiest step in the process.

• Login to Couchdrop

• Navigate to the user Administration --> Users --> User --> RSA Public Keys

• Paste the public key into the field and click add.

Password and Key Authentication

For additional security, some clients support requiring both a key and a password for successful authentication. Couchdrop supports this out of the box and this can be enforced by toggling the option: Require Password and Public Key

The root directory in Couchdrop is a key security mechanism.

When users are added, you must choose a root directory. The root directory in Couchdrop behaves a bit like the home directory in a unix environment with a couple of caveats.

• Users cannot navigate outside the root directory

• Users can only see paths relative to the root directory

• The true location of the root directory is hidden

• Users can share the same root directory

Root directories can have permissions to give added controls.

• Read only users: Can only download and view content in directory

• Write only users: Users can only upload files to the directory, they cannot view existing files or folders

Example Root Directory:

Managing Users In Couchdrop

User management in Couchdrop is done under Administration --> Users or under the Users section from the main navigation.

Introduction

Connecting to SharePoint online is fast to set up and fully supported in Couchdrop. Couchdrop uses the Microsoft Graph API, which is the recommended method for connecting to SharePoint and OneDrive.

There are two different authentication methods available with SharePoint Online, Delegate Access or Application Access. The Couchdrop team recommends you use the default Delegate Access method, as it's simpler to configure.

Configuring Delegate access involves a standard OAuth login, and Application Access requires creating a custom application in your Azure Domain.

Requirements

To connect to SharePoint online in Couchdrop using Delegate Access you will need:

• An account in SharePoint

• The account needs to be licensed

• The account has access to the sites you are wanting to connect to

• You have the SharePoint domain/hostname on hand

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Select SharePoint from the list of available connections and set the connection name

3. Provide your SharePoint domain/hostname in the field required

4. Click Connect to Sharepoint and authorize the connection through the popup window. You will be required to log in to SharePoint with your account

5. Check that the status is connected successfully

6. Choose a SharePoint Site, Document Library, User or Folder

7. Click Save Settings

Video Guide

Outside of the standard user roles, access to various features can be managed on an individual user and a group basis.

When adding a user, we pick reasonable defaults based on your environment and then you can modify this access.

The key difference between Couchdrop and other SFTP servers, is that Couchdrop works with your Cloud Storage instead of local hard disks. This means you can turn any storage platform, shared drive or server into a SFTP and MFT server in a matter of seconds.

Couchdrop is also not limited to one particular storage integration, rather you can mount hundreds of stores in Couchdrop and they appear as independent folders. Neato right!

Connecting External Storage

To connect to over 30 different cloud platforms of a server the process is simple. You will of course need credentials or an API keyset for the storage you want to connect, but that aside, the process is simple.

Step 1: Create new Connection

From the Browser or Storage Admin, click Add Storage Integration. This will pop open a modal window with some options.

Step 2: Choose a new folder name

Storage connections appear as folders in Couchdrop. So a crucial step in this process is to choose a folder name and location. Couchdrop supports nestling storage connections as well.

Step 3: Choose a connection type and configure it

Next up - choose a connection type. At this stage, you will be redirected to the configuration panel to manage this connection.

For detailed information, see the child articles here or reach out to support.

Common Storage Integrations

Couchdrop supports over 30 different storage platforms. The most common ones are well documented.

Introduction

Connecting to Azure Files online is fast to set up and fully supported in Couchdrop.

Requirements

To connect to Azure Files online in Couchdrop you will need:

• Azure Account Name

• Azure Secret Key

• Azure Share Name

To learn how to configure Azure - you can visit https://docs.microsoft.com/en-us/azure/storage/common/storage-account-manage

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Select Azure Files from the list of available connections

3. Provide your account name, secret and share name.

4. Click Test Connection

5. Choose a subfolder in Azure

6. Click Save Settings

A key security mechanism in Couchdrop is ACLs. ACLs limit access to particular IP addresses or netwrok ranges.

There are three levels of ACL controls in Couchdrop:

• User based

• Group based

• Tenant based

ACLs are additive, in that if the user authenticating originates from an IP address in a range at all three levels, then we will allow the request.

Configuring an IP address or network range is simple:

Introduction

Connecting Couchdrop to an Amazon S3 bucket is done using an IAM keyset. It can be completed in a few minutes if you have the right access in AWS.

Requirements

To connect to Amazon S3 in Couchdrop you will need:

• An S3 Bucket already configured

• An AWS IAM Key

• An AWS IAM Secret

• The AWS region

• The IAM role must have adequate access to S3 and the targeted bucket

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Select Amazon S3 from the list of available connections

3. Provide the details above

4. Click Test Connection

5. Select a subfolder or bucket in S3 from the browser

6. Click Save Settings

Introduction

Couchdrop can be connected to a Google Drive folder in a few simple steps. Couchdrop works with Personal Google Drive accounts and Google Workspaces.

Requirements

To connect to Google Drive online in Couchdrop you will need:

• A licensed Google Drive Account

• A folder in Google Drive

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Select Google Drive Personal from the list of available connections

3. Click Connect to Google.

4. Click Test Connection

5. Choose a subfolder in Google Drive from the folder selector (Optional)

6. Click Save Settings

Introduction

Couchdrop can be connected to a Google Workspace by creating a service account, which Couchdrop can do for you automatically. Couchdrop works with both Personal Google Drive accounts and Google Workspace accounts.

Requirements

To connect to Google Workspace in Couchdrop you will need:

• A licensed Google Workspace Account

• A folder in Google Drive

• Access to an Admin User account in Google Workspace

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Select Google Workspace from the list of available connections

3. Enter the email of an admin user and the domain of the Google Workspace Account you wish to connect to.

4. Click Create Service Account. Couchdrop will create a service account and generate a Client ID.

1. After granting Domain Wide Authority, click Test Connection

2. Choose a user or subfolder in Google Drive from the folder selector to be used as the root in Couchdrop (Optional)

3. Click Save Settings.

Introduction

Connecting to Box is fast to set up and fully supported in Couchdrop.

Requirements

To connect to Box in Couchdrop you will need:

• A licensed Box account

• Access as a Team Admin (if connecting to other Box users in the organization)

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Provide a name for the connection. This is how the Box connection will appear in Couchdrop

3. Select Box from the list of available connections

4. Choose Authorize Now and grant access to Couchdrop. Check "As Team Admin" if you wish to connect to folders from other users in the organization

5. Click Test Connection

6. Select a user or sub-folder in Box (Optional)

7. Click Save Settings.

Introduction

Connecting to Dropbox is fast to set up and fully supported in Couchdrop. Couchdrop can connect to both Dropbox Personal and Dropbox Business accounts.

Requirements

To connect to Dropbox in Couchdrop you will need:

• A licensed Dropbox account

• Access to an Admin account to connect to Couchdrop (if connecting to Dropbox Business)

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Provide a name for the connection. This is how the Dropbox connection will appear in Couchdrop

3. Select Dropbox Personal or Dropbox Team from the list of available connections

4. Choose Authorize Now and grant access to Couchdrop.

5. Click Test Connection

6. Select a User or sub-folder in Dropbox (Optional)

7. Click Save Settings.

Introduction

Connecting to Egnyte is fast to set up and fully supported in Couchdrop.

Requirements

To connect to Egnyte in Couchdrop you will need:

• A licensed Egnyte account

• A folder in Google Drive

• Your Egnyte Domain

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Provide a name for the connection. This is how the Egnyte connection will appear in Couchdrop

3. Select Egnyte from the list of available connections

4. Type in your Egnyte domain without egnyte.com (yourdomain.egnyte.com)

5. Choose Authorize Now. A window will open to grant access to Couchdrop. Click Allow Access.

6. Click Test Connection in Couchdrop

7. Select a user or sub-folder in Egnyte (Optional)

8. Click Save Settings.

In networks where internet access is only allowed behind a proxy server some additional manual configuration is needed.

Configuration steps

1. Install and run the agent

2. Set the token

3. Stop the agent and then add the proxy configuration manually

4. To add the proxy configuration, you will need to locate the Movebot configuration file, normally it's located in the directory, C:\Users\%username%\AppData\Local\CouchdropCloudConnector.

   Open the file with Notepad, or something similar, and you will find a JSON with a base config.

5. Edit the "proxies" section, adding an HTTP and HTTPS proxy with the syntax below:

{
...
"proxies": {
"http": "", 
"https": ""
}, 
...
}

1. Save the file, and start the agent again.

Proxy URL syntax examples:

Debugging

To debug connection issues, check the log files located in the same directory as the configuration files and feel free to contact support for help at support@couchdrop.io.

Install the agent on your Workstation

First, you need to install and configure the Couchdrop agent (Couchdrop Cloud Connector) on your workstation.

On your workstation, browse to the folder

Copy configuration.conf to a location you can access on the new server and also copy the Couchdrop Cloud Connector installer. Now you can uninstall the Agent from your workstation.

Set up the agent on the Server

On the server, you will need to open the command prompt as an administrator. Once you have done that, you will need to locate where you copied your installer and configuration.conf file on the server.

Below is an example command of how to install silently, but your path may vary on your location.

Once this is complete, you need to apply the configuration to the server. To do this, copy your configuration.conf.

On the server, you will need to browse to this location. You may need to create the CouchdropCloudConnector folder under your Appdata\Local as the agent has not run yet.

Once you have completed installing the agent as a service and the service is running, you can check your Couchdrop Cloud Connector configuration integration in Couchdrop and see if it shows a successful connection.

The Couchdrop Agent (Couchdrop Cloud Connector) can be run as a Windows service.

Installing the agent as a service requires some understanding of how Windows services work and the service must be configured to run as the same user that is performing the configuration.

Next in a command line, open the Couchdrop Cloud Connector folder located under Program Files and run the following command.

Next, open the service manager:

Find the service for "Couchdrop Cloud Connector" and open it.

Adjust the Log On configuration specifying the user account that you are logged in as the account to run the service under. This step is important as the agent configuration is stored under the user's profile. Without configuring the correct user, the service will not properly connect.

Finally, you can start the service. Once it's running, you can reopen the Couchdrop Cloud Connector configuration application and it should show the service as Running in Background.

The Windows agent has a collection of logfiles that can be useful for debugging issues. Our support team might also ask for them from time to time.

You can find the default location for the logs here:

C:\Users\%username%\AppData\Local\CouchdropCloudConnector

You can also jump directly to the local logs and configuration file within the settings (gear) within the Couchdrop agent.

Couchdrop allows administrators to define complex permissions on folders and their child files. Permissions apply across the board regardless of the accessing system and can be used to ensure that appropriate access levels are maintained.

Folder Permissions

When viewing a folder, permissions can be applied. Couchdrop applies an inheritance model to permissions, which means folders inherit the permissions of their closest parent.

When enabling permissions on a folder you must keep in mind:

• By default, access to the folder will be denied to all users

• Enabling permissions on a folder breaks the inherited permissions

To grant access you must:

• Select a user or group for the permission

• Add user roles.

User roles in Couchdrop are very granular:

Folder Sharing

Folder sharing works the same as folder permissions with one caveat. If a folder is shared, then it will appear in the users root directory as a link.

Folder sharing is enabled by checking "Appear in users home directory" when configuring permissions.

Introduction

Connecting to Azure Blob is fast to set up and fully supported in Couchdrop.

Requirements

To connect to Azure Blob in Couchdrop you will need:

• A Licensed Microsoft Azure account

• Azure Account Name

• Azure Account Key

• Azure Container Name

• Endpoint Suffix (Optional)

To learn how to configure Azure - you can visit https://docs.microsoft.com/en-us/azure/storage/common/storage-account-manage

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Select Azure Blob from the list of available connections

3. Provide your Azure Account Name, an Azure Account Access Key, and the name of the Container you wish to connect to.

4. Click Test Connection

5. Choose a subfolder or bucket in Azure Blob (Optional)

6. Click Save Settings

Introduction

Couchdrop can be connected to an external SFTP (or FTPs) server folder in a few simple steps.

Requirements

To connect to an external SFTP server with Couchdrop you will need:

• The hostname or IP address for the external server

• The port number (normally 22)

• A username for the external server

• The password or private key for the server

• Access to the folder you want to connect

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Select SFTP Server from the list of available connections

3. Provide the configuration details as listed above

4. Click Test Connection

5. Choose a subfolder from the folder selector

6. Click Save Settings

Introduction

Couchdrop can be connected to a OneDrive folder in a few simple steps. Couchdrop works with Personal OneDrive accounts and SharePoint Sites.

Requirements

To connect a personal OneDrive folder in Couchdrop you will need:

• A licensed OneDrive Account

• A folder in OneDrive

Configuration Steps

1. Log in to Couchdrop and add a new storage connection

2. Select OneDrive from the list of available connections

3. Choose whether or not to connect as an Administrator User,

4. Click Authorize Now. This will open a page to connect to Microsoft via OAuth. Click Accept.

5. Click Test Connection

6. Choose a subfolder in OneDrive from the folder selector (Optional)

7. Click Save Settings

Create your own secure, customer-facing file transfer portals by applying your branding to Couchdrop.

Before beginning this process, we recommend you have good quality logos and your brand guide (with hex colours) available.

Configure Couchdrop Whitelabelling

1. Log in to Couchdrop as the Owner user.

2. Navigate to Administration → Whitelabelling
3. Whitelabelling can be configured separately for the main Couchdrop web portal and/or the Shared Link and Inbox landing pages. Check the options you wish to enable and provide a Company Name. Optionally, provide your own domain which is configured to point to Couchdrop. Use a DNS CNAME for this, eg: files.mycompany.com -> mycompany.couchdrop.io
4. Enter hex codes for your custom colours and upload your logos. You may need to manipulate the dimensions of your logo files to best suit the page layout before uploading them. Portal settings apply to the main Couchdrop login page and web portal interface. Inbox Branding applies to Shared Links and Inboxes.
5. Click Save Settings when all configuration is complete.

Custom branding examples:

1. Couchdrop login page.
2. Couchdrop main web portal.
3. Inbox portal.

This guide will help you if you want to provision Users between Okta and Couchdrop.

Supported Features

• Push Users Users created in Okta will also be created in Couchdrop

• Push User Updates User updates in Okta will be pushed to the corresponding users in Couchdrop

• User deactivation Users deactivated in Okta will be deactivated in Couchdrop

• Push Groups Groups created in Okta will also be created in Couchdrop

• Push Group updates Group updates in Okta will be pushed to the corresponding users in Couchdrop

• Group deactivation Groups deactivated in Okta will be deactivated in Couchdrop

• Import Users Users created in Couchdrop can be imported into Okta

• Import Groups Groups created in Couchdrop can be imported into Okta

Configuration Steps

Create User Provisioning Token in Couchdrop

Navigate to User Provisioning in Couchdrop’s interface and create a new Provisioning Token. This will be used in the Azure Active Directory provisioning process.

Setup an SCIM Application for User Provisioning in Okta

Select and configure the Couchdrop SCIM application from the Okta Application Catalogue.

Under Application - Application select Browse App Catalog

Search for Couchdrop SCIM and select the application

Click on Add Integration and then on Done

Assign User and Groups to the Application

Then configure the user provisioning by selecting the Provisioning tab and click Configure API Integration

Check the Enable API integration checkbox, provide the User Provisioning Token which you configured in the Couchdrop SSO interface into the API Token field and click Test API Credentials to verify the token and hit Save.

Select Edit and enable Create User, Update User Attributes and Deactivate Users

To push groups and their memberships from Okta into Couchdrop you can use the Push Group option. More information about this can be found here

Configure user and group import from Couchdrop to Okta

If you want to import users and groups from Couchdrop into Okta select the To Okta Setting on the Provisioning Tab and select the scheduled import frequency and matching rules.

Then on the Import Tab click the Import Now button

You will see a list of all potential users and groups to import and can select the one you wish to import into Okta

and click Confirm Assignments to trigger the import.

Supported Features

• Push Users Users created in Azure will also be created in Couchdrop

• Push User Updates User updates in Azure will be pushed to the corresponding users in Couchdrop

• User deactivation Users deactivated in Azure will be deactivated in Couchdrop

• Push Groups Groups created in Azure will also be created in Couchdrop

• Push Group updates Group updates in Azure will be pushed to the corresponding users in Couchdrop

• Group deactivation Groups deactivated in Azure will be deactivated in Couchdrop

Configuration Steps

Create User Provisioning Token in Couchdrop

Navigate to User Provisioning in Couchdrop’s interface and create a new Provisioning Token. This will be used in the Azure Active Directory provisioning process.

Configure Enterprise Application in Azure Active Directory

Navigate to your Administration dashboard in Microsoft’s admin portal and create an enterprise application.

Provide a name for the application and select “Integrate any other application you don’t find in the gallery (Non-gallery)

Next assign users and groups to the newly created application that you would like to have provisioned in Couchdrop.

Select Add user/group

Select the desired users or groups that should be provisioned through to Couchdrop then Select and Assign.

Configure SCIM provisioning between Azure Active Directory and Couchdrop

Navigate to the Provisioning Tab on the left hand side. Next select Get started to configure the tenant URL and the User Provisioning Token that was created in Step 1. Provisioning mode should be set to automatic. The Tenant URL is: https://api.couchdrop.io/scim/v2.

Select Test Connection and Azure will attempt to connect as well and vwill retrieve schema information needed for the user and group mapping. If tested successfully then select Save.

Configure user mapping

Select Provision Azure Active Directory Users as required.

Couchdrop requires the following user SCIM attributes for the SCIM system to be mapped, all others should be removed.

The externalId attribute may need to be remapped from mailNickname to objectId on the Azure Active Directory attribute side depending on your settings.

Configure group mapping

Select Provision Azure Active Directory Groups as required.

Couchdrop requires the following user SCIM attributes for the SCIM system to be mapped.

Start the user and group provisioning process

Navigate back to the custom application breadcrumb (in this case it’s Couchdrop SCIM) and to Provisioning. From here select the Start provisioning button.

After the provisioning has completed running the first time a status should be required that indicates how many users and groups were provisioned within the Couchdrop product. Further information can be located by selecting View provisioning logs.

Couchdrop has three different mechanisms for alerting and notifications. Each is independant of the other and is managed slightly differently.

Global Alerting

Global alerting lives across the tenant and provides the broadest framework for providing notifications on events. You can configure global alerting to notify users when:

• A file is uploaded or downloaded

• A user logs in

• An event fails

These notifications are configured under Administration --> Reporting --> Alerting

Notifications are either by email or via web hooks. Couchdrop expects a HTTP 200 response to web hooks or else it will retry 15 times with an exponential backoff.

Folder Alerting

Folder alerting offers the same alerting facilities as Global Alerting, but they are configured and bound to a folder and its children.

Folder alerting is configured through the manage folder menu and can be configured globally as folder settings under Administration --> Permissions.

Folder alerting supports the following events:

• A file is uploaded or downloaded

• An event fails

File Actions

Alerting can also be configured as an action in File Actions.

Configuring SSO with Couchdrop

Couchdrop can be configured for SAML authentication via the web interface.

Pre-Requisites

Users must already exist in Couchdrop for SAML login and as Couchdrop supports login via SFTP and FTP, they must have a password set as well. SAML Login is only available through the web interface.

Configuration Steps

Enable SAML SSO

Login to Couchdrop as the owner. Navigate to Administration --> SSO --> SAML SSO

You will need to provide the following details to Couchdrop so that it can connect to your identity provider.

Azure SAML Setup

Required Fields

Introduction

Couchdrop uses a vast network of cloud computing resources to provide you with a robust and fast SFTP and file automation platform. Since we are using dynamic cloud computing, geographically located in over 15 different datacenters, we can't publish or guarantee that our IPs won't change. In fact, they do change, and very frequently.

It's a hard requirement for us

If static IPs are a hard requirement, then reach out to sales@couchdrop.io and we can assign your account to a POD that is configured for them.

SFTP and SCP are easy targets for brute force attacks on the internet. To protect our customers from unauthorised access, Couchdrop implements an account lockout policy by default.

After 5 incorrect attempts in 5 minutes, accounts are locked for 15 minutes.

This option can be disabled globally, but we do not recommend it.

Couchdrop allows administrators to create comprehensive password policies that enforce good password management to meet security and compliance requirements.

Global Password Policies

Under administration, Couchdrop allows admins to configure a global password policy that applies to all users. This global password policy is managed under Administration --> Security --> Password Policies

Group Password Policies

Password policies can also be explicitly applied to groups. Different groups in Couchdrop can have different policies applied. This provides an additional level of customisation and allows for compliance with SFTP and FTP clients that may not support complex passwords.

Password expiry

Along with managing password complexity, password policies can be configured to expire passwords. Once a password has expired, it will need to be reset, either by an administrator or by the user through the reset password mechanism.

Account expiry in Couchdrop is a useful tool for ensuring that accounts are short lived.

Any account except the owner can be configured with an expiry. When an account has expired, all access with be disabled.

Overview

Couchdrop supports MFA/2FA natively through an integration with Authy (by Twilio). All users can configure 2fa for the Couchdrop Web App and when they first login to Couchdrop.

Authy supports SMS based 2FA and QR code based authenticator apps like the Microsoft Authenticator, 1password and the Google Authenticator. Setup is quick and easy and users can self manage.

Enabling Two Factor Authentication

Users can self manage 2fa by logging into the Couchdrop Web App and clicking on their user profile.

Forcing the use of MFA/Two Factor Authentication

Couchdrop now supports 2fa enforcement via a new security option. When enabled, users who have not configured 2fa will be required to configure it the next time they login.

How to Enable

To enable 2fa enforcement;

1. Login to Couchdrop as the owner

2. Click Administration --> Security

3. Under Password Policies, toggle the checkbox for Enforced MFA

Debugging issues

Couchdrop administrators with permissions to manage users can disable 2fa for users in their tenant. Disabling 2fa for a user will allow the user login to Couchdrop without 2fa and retry configuration.

Cyberduck is another popular open-source file transfer client, similar to FileZilla. It's primarily used for transferring files to and from FTP, SFTP, WebDAV, and other cloud storage servers. Like FileZilla, Cyberduck is available for various operating systems including Windows and macOS.

Cyberduck provides a user-friendly interface and supports drag-and-drop functionality for easy file transfers. It also offers features such as bookmarking, integration with external editors, and advanced file permissions management.

Using Cyberduck with SFTP

Using Cyberduck with SFTP is quite straightforward. Here's a step-by-step guide on how to do it:

1. Download and Install Cyberduck:

   • Visit the Cyberduck website (https://cyberduck.io/) and download the appropriate version for your operating system.

   • Follow the installation instructions to install Cyberduck on your computer.

2. Open Cyberduck:

   • After installation, launch Cyberduck.

3. Create a New Connection:

   • Click on the "Open Connection" button in the top left corner, or go to "File" > "Open Connection".

4. Configure Connection Settings:

   • In the "Open Connection" window, select "SFTP (SSH File Transfer Protocol)" from the dropdown menu for "Connection Type".

   • Enter the server address (hostname or IP address) in the "Server" field.

   • Enter your username in the "Username" field.

   • If the server uses a non-standard port for SFTP (other than 22), specify it in the "Port" field.

   • If you have a specific folder you want to open on the server upon connection, you can enter it in the "Path" field.

   • Click "Connect".

5. Authenticate:

   • If this is your first time connecting to the server, you'll be prompted to verify the server's fingerprint. Make sure it matches the expected fingerprint to ensure you're connecting to the correct server.

   • Enter your password when prompted, and optionally, you can choose to save your password to the keychain for future logins.

6. Transferring Files:

   • Once connected, you'll see the file browser window showing the files on the server.

   • To upload files to the server, drag them from your local file browser (left pane) to the remote file browser (right pane).

   • To download files from the server to your local machine, drag them from the remote file browser to the local file browser.

7. Managing Files:

   • Cyberduck allows you to perform various file operations such as creating directories, renaming files, deleting files, and changing file permissions.

8. Disconnecting:

   • When you're finished with your file transfers, click the "Disconnect" button in the Cyberduck toolbar or go to "File" > "Disconnect".

9. Close Cyberduck:

   • Finally, you can close Cyberduck when you're done.

That's it! You've successfully used Cyberduck with SFTP to transfer files securely between your local machine and a remote server.

Using Cyberduck with Couchdrop

Couchdrop supports Cyberduck via SFTP and FTP. When configuring your server connection in the Site Manager, use the hostname, username and password provided in the Couchdrop admin interface.

Uploading and downloading files with Python is a great way to automate transfers or build out support for SFTP inside you application.

How to use SFTP with Python

Using Python with SFTP (SSH File Transfer Protocol) can be accomplished using the paramiko library, which allows you to create SSH connections and perform file operations securely. Here's a basic guide on how to use Python with SFTP using paramiko:

1. Install Paramiko: Before you can use Paramiko, you need to install it. You can install it via pip:

   Copy

   pip install paramiko

2. Connect to the SFTP Server: Below is an example of how to connect to an SFTP server using Paramiko:

   Copy

   import paramiko
   
   # Define SFTP connection parameters
   hostname = 'sftp.example.com'
   port = 22
   username = 'your_username'
   password = 'your_password'
   
   # Create an SSH client
   ssh_client = paramiko.SSHClient()
   ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
   
   # Connect to the SFTP server
   ssh_client.connect(hostname, port, username, password)
   
   # Create an SFTP session
   sftp = ssh_client.open_sftp()
   
   # Now you can perform SFTP operations

3. Perform SFTP Operations: Once you've established an SFTP connection, you can perform various operations such as uploading files, downloading files, listing directory contents, creating directories, etc. Here are a few examples:

   • Upload a file:

     Copy

     local_file = '/path/to/local/file.txt'
     remote_file = '/path/to/remote/file.txt'
     sftp.put(local_file, remote_file)

   • Download a file:

     Copy

     remote_file = '/path/to/remote/file.txt'
     local_file = '/path/to/local/file.txt'
     sftp.get(remote_file, local_file)

   • List directory contents:

     Copy

     directory = '/path/to/directory'
     files = sftp.listdir(directory)

   • Create a directory:

     Copy

     new_directory = '/path/to/new/directory'
     sftp.mkdir(new_directory)

4. Close the Connection: After you've finished with the SFTP operations, make sure to close the connection:

   Copy

   sftp.close()
   ssh_client.close()

By following these steps, you can use Python to interact with SFTP servers securely and perform various file operations. Make sure to handle exceptions and errors appropriately, especially when dealing with network connections and file operations.

Using Paramiko and Python with Couchdrop

Couchdrop has full support for SFTP uploads with python using Paramiko. Simply use your Couchdrop hostname and credentials and you can connect to Couchdrop like any other SFTP server.

You can use the sftp command-line utility directly in a Bash script to perform SFTP operations. Here's a basic guide on how to use SFTP with Bash:

1. Connecting to an SFTP Server: You can use the sftp command to establish a connection to an SFTP server. Below is an example of how to connect to an SFTP server:

   Copy

   #!/bin/bash
   
   HOST="sftp.example.com"
   USERNAME="your_username"
   PASSWORD="your_password"
   PORT=22
   
   sftppass -p "$PASSWORD" sftp -oPort=$PORT $USERNAME@$HOST

   Replace "sftp.example.com" with the hostname or IP address of your SFTP server, "your_username" with your username, and "your_password" with your password. You can also adjust the port number if your SFTP server uses a different port.

2. Performing SFTP Operations: Once connected, you can execute SFTP commands interactively or within the script to perform various operations such as uploading files, downloading files, listing directory contents, creating directories, etc. For example:

   • Uploading a file:

     Copy

     put /path/to/local/file.txt /path/to/remote/file.txt

   • Downloading a file:

     Copy

     get /path/to/remote/file.txt /path/to/local/file.txt

   • Listing directory contents:

     Copy

     ls /path/to/remote/directory

   • Creating a directory:

     Copy

     mkdir /path/to/remote/new_directory

3. Exiting SFTP: Once you've finished with your SFTP operations, you can exit the SFTP session by typing exit or by sending an EOF (End-of-File) signal (usually by pressing Ctrl+D).

4. Using Password in Bash Script: Storing passwords directly in Bash scripts is not recommended for security reasons. However, if you need to automate SFTP operations in a script, you can use tools like sshpass to provide the password securely. Make sure to install sshpass first (e.g., sudo apt-get install sshpass on Debian-based systems).

   Here's an example of how to use sshpass in a Bash script:

   Copy

   #!/bin/bash
   
   HOST="sftp.example.com"
   USERNAME="your_username"
   PASSWORD="your_password"
   PORT=22
   
   sshpass -p "$PASSWORD" sftp -oPort=$PORT $USERNAME@$HOST <<EOF
   # SFTP commands go here
   EOF

   Replace "your_password" with your actual password. This approach securely provides the password to the sftp command without exposing it in the script itself.

By following these steps, you can use Bash scripts to automate SFTP operations securely. Ensure that you handle errors and exceptions appropriately in your scripts.

Uploading and downloading files programatically with Golang is a great way to automate transfers or build out support for SFTP inside you application.

How to use SFTP with Golang

To interact with SFTP servers in Go, you can use the github.com/pkg/sftp package, which provides SFTP support on top of github.com/pkg/ssh. Here's a basic guide on how to use Go with SFTP:

1. Install Dependencies: First, you need to install the required dependencies using go get:

   Copy

   go get golang.org/x/crypto/ssh
   go get github.com/pkg/sftp

2. Create an SSH Client and Connect to the Server: Below is an example of how to connect to an SFTP server using Go:

   Copy

   package main
   
   import (
       "fmt"
       "golang.org/x/crypto/ssh"
       "github.com/pkg/sftp"
       "os"
   )
   
   func main() {
       // SFTP connection parameters
       host := "sftp.example.com"
       port := 22
       user := "your_username"
       password := "your_password"
   
       // Create SSH client configuration
       config := &ssh.ClientConfig{
           User: user,
           Auth: []ssh.AuthMethod{
               ssh.Password(password),
           },
           HostKeyCallback: ssh.InsecureIgnoreHostKey(),
       }
   
       // Connect to the SSH server
       conn, err := ssh.Dial("tcp", fmt.Sprintf("%s:%d", host, port), config)
       if err != nil {
           fmt.Println("Failed to connect to SSH server:", err)
           return
       }
       defer conn.Close()
   
       // Open SFTP session
       sftpClient, err := sftp.NewClient(conn)
       if err != nil {
           fmt.Println("Failed to open SFTP session:", err)
           return
       }
       defer sftpClient.Close()
   
       // Now you can perform SFTP operations using the sftpClient
   }

3. Perform SFTP Operations: Once you've established an SFTP connection, you can perform various operations such as uploading files, downloading files, listing directory contents, creating directories, etc. Here are a few examples:

   • Upload a file:

     Copy

     localFile, err := os.Open("/path/to/local/file.txt")
     if err != nil {
         fmt.Println("Failed to open local file:", err)
         return
     }
     defer localFile.Close()
     
     remoteFile, err := sftpClient.Create("/path/to/remote/file.txt")
     if err != nil {
         fmt.Println("Failed to create remote file:", err)
         return
     }
     defer remoteFile.Close()
     
     _, err = io.Copy(remoteFile, localFile)
     if err != nil {
         fmt.Println("Failed to upload file:", err)
         return
     }

   • Download a file:

     Copy

     remoteFile, err := sftpClient.Open("/path/to/remote/file.txt")
     if err != nil {
         fmt.Println("Failed to open remote file:", err)
         return
     }
     defer remoteFile.Close()
     
     localFile, err := os.Create("/path/to/local/file.txt")
     if err != nil {
         fmt.Println("Failed to create local file:", err)
         return
     }
     defer localFile.Close()
     
     _, err = io.Copy(localFile, remoteFile)
     if err != nil {
         fmt.Println("Failed to download file:", err)
         return
     }

4. Close the Connection: After you've finished with the SFTP operations, make sure to close the SFTP session and the SSH connection:

   Copy

   // Close SFTP session
   sftpClient.Close()
   
   // Close SSH connection
   conn.Close()

By following these steps, you can use Go to interact with SFTP servers and perform various file operations. Make sure to handle errors appropriately when dealing with network connections and file operations.

Using Golang and SFTP with Couchdrop

Couchdrop has full support for SFTP uploads with Golang. Simply use your Couchdrop hostname and credentials and you can connect to Couchdrop like any other SFTP server.

Couchdrop also has a comprehensive API, that you can find couchdrop-api

OpenSSH, which is a suite of secure networking utilities based on the SSH (Secure Shell) protocol, includes a command-line utility for interacting with SSH servers for file transfer purposes. This utility is simply called sftp.

How to use OpenSSH SFTP

Here's a brief overview of how to use the sftp command:

1. Connecting to a Server:

   • To connect to an SSH server using SFTP, you would typically use the following command:

     Copy

     sftp username@hostname

   • Replace username with your username on the server and hostname with the hostname or IP address of the server.

2. Authenticating:

   • After executing the command, you will be prompted to enter your password for the specified username.

3. Navigating Directories:

   • Once connected, you'll be in the SFTP interactive shell, similar to a command-line interface.

   • You can use commands like ls, cd, and pwd to navigate directories on the server.

4. Transferring Files:

   • To upload a file from your local machine to the server, you can use the put command:

     Copy

     put localfile.txt

   • To download a file from the server to your local machine, you can use the get command:

     Copy

     get remotefile.txt

5. Exiting SFTP:

   • To exit the SFTP session, you can use the exit command:

     Copy

     exit

   • Or simply type exit and press Enter.

The sftp command-line utility provides a straightforward way to perform secure file transfers over SSH connections without needing a separate FTP client. It's often used in scripting and automation tasks where manual interaction isn't required.

Using OpenSSH SFTP with Couchdrop

Couchdrop supports the default sftp command natively. Simply switch out the hostname and credentials from the example above.

sftp user-s122@companyx.couchdrop.io

Introduction

Couchdrop has support for scanning data prior to uploading through our integrated malware scanner. This functionality is an additional paid add-on, so reach out to sales@couchdrop.io if you do not have it enabled.

Malware scanning must be configured on folders to become active. This is because most customers do not want it across the board.

Malware FAQs

Why do I need Couchdrop Malware Scanning?

Couchdrop's automated malware scanning provides an additional layer of protection for customers who are receiving files from external parties and wish to ensure the integrity of the files entering their infrastructure and file pipelines. While many cloud platforms (SharePoint, Dropbox, Google Drive, etc.) have a layer of protection, other platforms do not offer this natively.

How do I enable Malware Scanning?

Access to this functionality can be requested via support@couchdrop.io. Once enabled, you can enable malware scanning for specific folders.

What is the underlying Malware Scanning mechanism?

Malware Scanning is provided by ClamAV (https://www.clamav.net)

Malware scanning is limited to files that are 1GB or less.

Is it possible to modify the scanning behaviour?

No. Admins cannot adjust the scan behaviour. Where can I find events generated by Malware Scanning?

Events will appear as "malware_scan_failed" under the reporting section of your admin portal.

Which storage platforms support Malware Scanning?

You can enable Malware Scanning for any storage platform that can be connected to Couchdrop. Once you have connected your storage to Couchdrop, you must enable scanning on that folder.

FileZilla is a popular open-source SFTP client used for transferring files between a client and a server over the internet. It has full support for FTP, FTPS (FTP over SSL/TLS), and SFTP (SSH File Transfer Protocol).

FileZilla is available for various operating systems including Windows, macOS, and Linux. It provides a user-friendly interface for managing file transfers, directory listings, and remote file editing.

FileZilla is widely used by web developers, system administrators, and anyone who needs to transfer files securely over the internet.

Using FileZilla with SFTP

Using FileZilla with SFTP (SSH File Transfer Protocol) is quite straightforward. Here's a step-by-step guide on how to do it:

1. Download and Install FileZilla:

   • Visit the official FileZilla website (https://filezilla-project.org/) and download the appropriate version for your operating system.

   • Follow the installation instructions to install FileZilla on your computer.

2. Open FileZilla:

   • After installation, launch FileZilla.

3. Connect to a Server:

   • In FileZilla, navigate to "File" > "Site Manager" or use the shortcut Ctrl+S (Windows/Linux) or Cmd+S (Mac) to open the Site Manager.

   • Click on the "New Site" button and give your site a name.

   • In the "Protocol" dropdown menu, select "SFTP - SSH File Transfer Protocol".

   • Enter the hostname (or IP address) of the server in the "Host" field.

   • Enter the port number if it's different from the default (22 for SFTP).

   • Choose "Normal" as the Logon Type.

   • Enter your username and password in the respective fields.

   • Click on "Connect" to save the settings and establish the connection.

4. Transferring Files:

   • Once connected, you will see the local files on the left side and remote files on the right side of the FileZilla interface.

   • Navigate through the directories to find the files you want to transfer.

   • To upload files from your local machine to the server, simply drag them from the local pane to the remote pane.

   • To download files from the server to your local machine, drag them from the remote pane to the local pane.

5. Managing Files:

   • You can create, delete, rename, and move files and directories directly from within FileZilla.

6. Disconnecting:

   • Once you're done with your file transfers, you can disconnect from the server by clicking on the "Server" menu and selecting "Disconnect".

7. Close FileZilla:

   • Finally, you can close FileZilla when you're finished with your transfers.

That's it! You've successfully used FileZilla with SFTP. Remember to always secure your login credentials and use SFTP for encrypted file transfers.

Using FileZilla with Couchdrop

Couchdrop supports FileZilla via SFTP and FTP. When configuring your server connection in the Site Manager, use the hostname, username and password provided in the Couchdrop admin interface.

Can you access my data?

Couchdrop’s support team may access your file metadata (not file data) and logs for support purposes only. Couchdrop’s engineering staff have access to the underlying technology that can access metadata and log information and the storage locations of the actual data. The encryption keys required to decrypt the actual data are stored in a key-management escrow service operated by Doppler.

It is possible within the product to block Couchdrop employees' access within the application. It is a check box under Administration -> Security.

Note, if you do require support, Couchdrop may request you enable this or join them for a screen sharing session.

Does Couchdrop lockout users after to many failed attempts?

Yes, see Account Lockout for more details

Where is my data stored?

Couchdrop stores configuration and metadata in the USA, deep inside fort Amazon AWS. For more information on our approach to data soverienty and security, visit our trusts center https://trust.couchdrop.io

Do I have to connect my own storage?

No no, we hear you. Couchdrop comes with storage through AWS. Learn more about this Storage

What is SCP?

SCP (Secure Copy Protocol) and SFTP (SSH File Transfer Protocol) are two distinct protocols used for file transfer over SSH. SCP is specifically designed for copying files between hosts on a network, SFTP provides a more feature-rich file transfer capability, including file manipulation, directory listing, and more.

If you want to use SCP with an SFTP server, you need to ensure that the server supports both protocols. However, if the server only supports SFTP, you won't be able to use SCP directly with it.

How to use SCP

Here's how you can use SCP with an SFTP server if the server supports both protocols:

1. Check Server Support: First, confirm that the SFTP server you are connecting to supports SCP. Some SFTP servers might have SCP support disabled or not implemented.

2. Connect with SCP: If the server supports SCP, you can use the scp command just like you would with any other SCP-enabled server. Here's the basic syntax:

   Copy

   scp source_file username@hostname:/path/to/destination

   Replace source_file with the path to the file you want to transfer, username with your username on the server, hostname with the hostname or IP address of the server, and /path/to/destination with the destination directory on the server.

   For example:

   Copy

   scp myfile.txt user@example.com:/home/user/

3. Authentication: SCP uses SSH for authentication, so you might be prompted to enter your password or provide a private key passphrase if you're using key-based authentication.

4. Transferring Files: Once authenticated, SCP will securely transfer the specified file to the destination directory on the server.

5. Close Connection: After the transfer is complete, SCP will close the connection, and you'll return to your local shell prompt.

If the SFTP server does not support SCP, you'll need to use SFTP commands or a dedicated SFTP client to transfer files. Most SFTP servers support a wide range of client applications, making it easy to find one that suits your needs.

Delegating Domain-Wide Authority

Learn how to connect Google Workspace to Couchdrop with a Client ID and domain-wide delegation

Introduction

To connect a Google Workspace account to Couchdrop you need to delegate domain-wide authority so Couchdrop can access your users and migrate them automatically.

Requirements

Delegating Domain-Wide Authority requires the following:

• A Google Workspace Administrator Account to access the Admin Console

• Familiarity with the Google Admin Console

• Client ID for Google generated in Couchdrop when configuring a Google Workspace connection

Configuration Steps

1. Login to the admin console for your Google Workspace domain.

2. Select the Security tab. If you don't see Security, select Show More from the bottom of the menu list.

3. Choose Access and data control and then API controls.

4. In the Domain wide delegation section, choose MANAGE DOMAIN WIDE DELEGATION.

5. In the API clients section, click Add new. Paste the Client ID generated from Couchdrop into the Client ID field.

6. In the OAuth scopes (comma-delimited) field, paste the following:

https://www.googleapis.com/auth/drive,https://www.googleapis.com/auth/drive.file, https://www.googleapis.com/auth/admin.directory.user, https://www.googleapis.com/auth/admin.directory.user.readonly, https://www.googleapis.com/auth/admin.directory.user.security

1. Click Authorize. Test that the connection in Couchdrop is successful to complete your configuration.

For more information on domain-wide delegation, see this Support article from Google: https://support.google.com/a/answer/162106?hl=en

How to use SFTP with Java

To use SFTP with Java, you can leverage the JSch library, which provides support for SSH communication in Java. Below is a basic guide on how to use JSch to interact with SFTP servers:

1. Add JSch Dependency: First, you need to include the JSch library in your Java project. You can do this by adding the dependency to your Maven or Gradle configuration, or by downloading the JAR file and including it in your project manually.

   For Maven, add the following dependency to your pom.xml file:

   Copy

   <dependency>
       <groupId>com.jcraft</groupId>
       <artifactId>jsch</artifactId>
       <version>0.1.55</version>
   </dependency>

2. Create SFTP Connection: Below is an example of how to connect to an SFTP server using JSch:

   Copy

   import com.jcraft.jsch.ChannelSftp;
   import com.jcraft.jsch.JSch;
   import com.jcraft.jsch.Session;
   
   public class SFTPExample {
       public static void main(String[] args) {
           String host = "sftp.example.com";
           String username = "your_username";
           String password = "your_password";
           int port = 22;
   
           try {
               JSch jsch = new JSch();
               Session session = jsch.getSession(username, host, port);
               session.setPassword(password);
               session.setConfig("StrictHostKeyChecking", "no");
               session.connect();
   
               ChannelSftp sftpChannel = (ChannelSftp) session.openChannel("sftp");
               sftpChannel.connect();
   
               // Now you can perform SFTP operations using sftpChannel
   
               // Close the SFTP channel and session when done
               sftpChannel.disconnect();
               session.disconnect();
           } catch (Exception e) {
               e.printStackTrace();
           }
       }
   }

3. Perform SFTP Operations: Once you've established an SFTP connection, you can perform various operations such as uploading files, downloading files, listing directory contents, creating directories, etc. Here are a few examples:

   • Upload a file:

     Copy

     sftpChannel.put("/path/to/local/file.txt", "/path/to/remote/file.txt");

   • Download a file:

     Copy

     sftpChannel.get("/path/to/remote/file.txt", "/path/to/local/file.txt");

   • List directory contents:

     Copy

     String files = sftpChannel.ls("/path/to/remote/directory"); 

4. Close the Connection: After you've finished with the SFTP operations, make sure to close the SFTP channel and the SSH session:

   Copy

   sftpChannel.disconnect();
   session.disconnect();

By following these steps, you can use Java with JSch to interact with SFTP servers and perform various file operations. Make sure to handle exceptions appropriately when dealing with network connections and file operations.

Introduction

Couchdrop supports Microsoft Windows and Apple OSX using a lightweight agent that is installed directly on the file server, another server, or on a virtual machine.

The agent uses a shared token for authentication and communicates with Couchdrop's infrastructure via secure HTTPS calls. The agent can be run in a standalone fashion or as a service.

Requirements

To connect a Windows / OSX file server to Couchdrop you will need:

• Remote access via RDP to the file server or a suitable VM

• To have an administrator account

• A reliable internet connection

• A minimum of 16GB and 2 cores on the host or virtual machine

• To be running Windows 10 or above (for Windows Servers)

For a full list of requirements, see Server Requirements.

Configuration Steps

1. Log in to Couchdrop and add a new integration, either from +New > Connect Integration or the Integrations sidebar

2. Click to add a new integration or Storage connector (Cloud Folder)

3. Select Windows/OSX Server from the list of available connections

4. Name the connection and create a cloud folder for Couchdrop

5. Copy the Agent Token and download the agent. This token is only viewable once so be sure to copy it before leaving the screen.

6. Log in to the remote target file server as an administrator

7. Install the agent and launch it

8. Paste the Agent Token from Couchdrop and click Connect. After a few seconds, the status indicator should change to show that the server is connected to Couchdrop.

9. Return to the Couchdrop interface, click Test and Save.

The Windows / OSX Agent allows for connections to on-prem file servers running Microsoft Windows or macOS. This software is run as an executable and can also be run as a service.

Server Requirements

While connection requirements can vary depending on the types of transfers involved, we recommend the resources below.

Supported Windows Versions

Below are the current supported and tested versions of Microsoft Windows that the agent supports.

Software Requirements

You will need Microsoft .NET Framework 4.7.2 to open the agent.

Network Requirements

The speed of your transfers will be heavily dependant on your internal and external network capacity. We recommend having the highest available uplink speed, with 1GB uplink speed over fiber if possible when moving high volumes of data or files.

If you are experiencing performance issues with the agent, we recommend running a speed test and ensuring you've chosen a data region that is close to the agent when applicable.

Firewall Requirements

The Couchdrop agent communicates with the Couchdrop control plane and APIs exclusively via HTTPS. This means that no additional ports are needed to be opened. However, if your organization has a proxy server or web filter, you may need to allow the following domains out.

• fileio.couchdrop.io

• api.couchdrop.io

• *.couchdrop.io

• 8.8.8.8, 8.8.4.4

For more information, get in touch with support via support@couchdrop.io