How to Access Your Reports Using sFTP on Windows

Overview:

This tutorial assumes you received reports via email or via sFTP that were encrypted with the public key you sent to us. If you need guidance to set up the encrypted statement delivery, please refer to this article, which is a prerequisite to the instructions below.

There are multiple methods to access our sFTP server. sFTP clients such as Filezilla can be used or you could as well launch the command sftp ftp2.interactivebrokers.com from the Command Prompt or use the Windows Explorer. In this article, we explain how to realize the connection to our sFTP server using Windows Explorer.

You will not be able to connect using your browser

Once you are connected to our sFTP Server, you will have both read and write access to your folder. The retention policy for the files is 100 days - we will automatically purge files after that.

To access your reports using Windows File Explorer:

  1. Open the Windows File Explorer by either pressing Windows Key + E on the keyboard. Alternatively, you can type File Explorer into the Windows search box and click on Open

  2. In the File Explorer window, type the sFTP address, ftp://ftp2.interactivebrokers.com, into the file path at the top of the window and hit Enter.

  3. A window prompting your for credentials will appear. Enter the sFTP username and password we provided you with into the correspondent fields and click Log On.

  4. You now have direct access to your sFTP folder. Documents and files contained in your sFTP folder can now be decrypted using your PGP key, as described in this article.

Common Issues and Solutions

  1. Could not log in to the sFTP server with the username and password specified
    • Ensure the correct login details are being used to connect to the sFTP server. The username and password you are entering should match the ones you have received from the Reporting Integration Team.

  2. Connection Timed Out

    1. Enable the Passive (PASV) mode for sFTP connections. press Windows Key + S, type Internet Options and open the panel. Move to the Advanced tab and activate the option Use Passive sFTP (for firewall and DSL modem compatibility). The passive mode is more firewall-friendly then the active one, since all the connections are initiated from the Client side. If you are using a specific sFTP Client, check its connection settings or advanced settings in order to find and enable the Passive (PASV) mode switch.

    2. In case you have an antivirus or a security software installed on your machine, make sure it is not blocking the sFTP connection attempt. Normally, security software allows to set up exceptions for specific connections in order to whitelist them.

    3. Should the above steps be unable to resolve the issue, ask your network administrator/s to confirm that your firewall allows traffic from/to ftp2.interactivebrokers.com. Note: Your network administrator should consider that every time your sFTP Client attempts connecting to our sFTP server with Passive mode, it establishes two connections: a command channel (outbound, from random TCP port above 1024 to TCP port 21) and a data channel (outbound, from a random TCP port above 1024 to the TCP port above 1024 which was negotiated through the command channel). Both connections are initiated by the Client side. In the picture below, you can find an example of this connections schema. Please notice that the ports 2000, 3000, 4000 are examples of randomly selected ports and may very well not correspond to the ones used within your specific sFTP connection attempt.

References

Generate a key pair using GPG for Windows

Generate a key pair using GPG Suite on macOS

Decrypt your Reports using GPG for Windows

Decrypting Reports using your PGP Key pair on macOS

Generate RSA Key Pair on Windows

How to Access your Reports using sFTP on Windows

How to Access your Reports using sFTP on MacOS

How to set up sFTP for using Certificate Authentication on Windows

How to set up sFTP for using Certificate Authentication on macOS

How to backup your public/private Key pair

How to transfer your public/private key pair from one computer to another