Using MIP with sFTP
In addition to using the MIP user interface to upload and download data, you can also use the MIP Secure File Transfer Server (SFTP).
Due to security concerns with Cipher Block Chaining (CBC) and MD5 encryption when using the SFTP server, the following CBC mode ciphers and MD5 MACs have been deprecated. You must check the SSH implementation you are using and confirm that it is not one of the deprecated algorithms listed below.
To avoid service interruptions, please update your ciphers and MACs as soon as possible.
CBC Ciphers | MD5 MACs | |
---|---|---|
aes128-cbc | hmac-md5 | |
aes192-cbc | hmac-md5-96 | |
aes256-cbc | hmac-md5-etm@openssh.com | |
blowfish-cbc | hmac-sha1-96 | |
3des-cbc | hmac-sha2-256-96 | |
3des-ctr | hmac-sha2-512-96 | |
arcfour | ||
arcfour128 | ||
arcfour256 |
The table below indicates the preferred ciphers and MACs for use with the SFTP server. They are listed in order of preference.
CBC Ciphers | MD5 MACs | |
---|---|---|
chacha20-poly1305@openssh.com | hmac-sha2-512-etm@openssh.com | |
aes256-gcm@openssh.com | hmac-sha2-256-etm@openssh.com | |
aes128-gcm@openssh.com | hmac-sha2-512 | |
aes256-ctr | hmac-sha2-256 | |
aes192-ctr | ||
aes128-ctr |
Configuring SFTP
Launch an SFTP client and configure it as follows:
- Host: mip.ebay.com
- Port: 2222
- Protocol: SFTP
-
Timeout: For best results, increase the default timeout value to 40 seconds.
- Username: your eBay username
- Password: Use an OAuth token (preferred option). To generate, or mint, access tokens, see Using OAuth to access eBay APIs.
- Alternate password option:
In cases that require you to get a new SFTP token manually using the MIP user interface (UI) and you cannot automate completely:
- In the MIP user interface, open the FTP Setup tab http://www.mip.ebay.com/settings/ftpsetup.
- Generate an access token and use it as the password.
For security reasons, the access token expires every 6 months. To ensure uninterrupted access to the MIP SFTP server, generate a new token and update your SFTP client every 6 months.
The RSA key fingerprint of the SFTP server is changed periodically. If you access the SFTP server programmatically, please make sure that your SFTP client handles this update gracefully. An SFTP client application may show a warning message similar to the following example: