SFTP Key Authentication

Many secured ftp server support key authentication.  One of the benefits it has over traditional password method is that we don't need to worry about remembering the password and its expiration.  We currently use key authentication on Oregon DOR SFTP and ECSI SFTP.  Here are the steps to set up key authentication on a secured ftp server.  You need to make sure the server does support key authentication before performing those steps.

1. Create a pubic/private key pair using puttygen (Windows) or ssh-keygen (Unix).  Here is a example of using puttygen.

• Click [Generate] button to generate key pair.

2. Save the public key in the file authorized_keys.  It should look like the attached file in this web page.

• Copy and paste the public key into a file and name it "authorized_keys"

• Save the private key in ppk format for testing in Putty and FileZilla

• Export the private key into OpenSSL format for other purposes.

3. Log on the ftp server.  Create a .ssh directory in the home directory if you cannot find one.

4. Upload the file authorized_keys in .ssh directory.

5. Use PuTTY or FileZilla to test.

• Run putty and input the host name.

• Select the private key for authentication