Supported Cipher Suites and Host Key Types
SFTP connections are encrypted. For security reasons, NetSuite requires that the server to which a connection request is being made supports at least one of the following ciphers: aes128-ctr, aes192-ctr or aes256-ctr. These cipher specs refer to the AES cipher in Counter stream cipher mode using 128,192 or 256 bit key sizes.
To check interoperability of your SFTP server or service provider, refer to the following table:
Communication protocol |
SFTP (SSH + FTP) is supported. Only CTR (and not CBC) ciphers are allowed. Your SFTP server can use the following encryption algorithms:
Files are not additionally encrypted during transfer. The entire transmission is encrypted by the SSH protocol. |
Authentication mechanism |
Username Password Password/SSH key with or without passphrase |
SSH host key |
With each connection request, you must supply the host key. Any host key changes need to be managed manually. |
GUID |
The password GUID should be a value generated by a credential field from a Suitelet using Form.addCredentialField(options). The password GUID field's originating credential field must include the SFTP domain on the The password GUID field's originating credential field must include the script utilizing the password GUID on the |
Firewall policy is at the discretion of your SFTP service provider.