Skip to content
English
  • There are no suggestions because the search field is empty.

Remote SFTP Credentials

Remote SFTP credentials allow DataBlend to securely connect to external SFTP servers for collecting or delivering files. A remote SFTP is a secure way to access a file. Authentication can be performed using either a username and password or a private key.

RemoteSFTPcredentials

Standard Configuration

Field Required/ Optional Description
Name Required Enter a unique name for the credential.
Username Required Username used to authenticate with the remote SFTP server.
Password Required Password associated with the specified username. Not required when the remote server is configured for key-based authentication only.
Host Required Hostname or IP address of the remote SFTP server.
Port Required Port number used by the SFTP server.
Decryption Key Optional Private key used to decrypt incoming encrypted files. Required when decrypting inbound files.
Decryption Passphrase Optional Passphrase associated with the decryption key.
Locked Optional Prevents modifications to the credential once configured. Administrative permissions may be required to unlock and edit the credential.
 
Public/Private Key Connection

In addition to our standard Remote SFTP credential connection, DataBlend offers a private/public key option to allow secure access to multiple users wishing to connect to an SFTP to collect or send data.

Field Required/ Optional Description
Name Required Enter a unique name for the credential.
Username Required Username used to authenticate with the remote SFTP server.
Use Private Key Optional Enable to authenticate using a private key instead of a password.
Private Key Required when Use Private Key is enabled Private key used for key-based authentication.
Password Required when not using Private Key Password associated with the specified username. Not required when the remote server is configured for key-based authentication only.
Host Required Hostname or IP address of the remote SFTP server.
Port Required Port number used by the SFTP server.
Encrypt Files Optional Enable to encrypt outbound files.
Encryption Key Required when Encrypt Files is enabled PGP public key used to encrypt files before transmission.
Sign Files Optional Enable to digitally sign outbound files.
Signing Key Required when Sign Files is enabled Private key used to generate the file signature.
Signing Key Passphrase Optional Passphrase for the signing key, if applicable.
Decryption Key Optional Private key used to decrypt incoming encrypted files. Required when decrypting inbound files.
Decryption Passphrase Optional Passphrase associated with the decryption key.
Locked Optional Prevents modifications to the credential once configured. Administrative permissions may be required to unlock and edit the credential.

 

Key Formatting

DataBlend does not support all formats of keys. A few things to keep in mind:

  • Open SSH-RSA keys are not supported and should be converted to an RSA key in PEM format.

    • This should only be a format change and the actual key, and its contents do not change.

    • Whomever generated the key will likely be able to provide the updated format.

  • PGP is a type of encryption, and the applicable key should be put into the encryption box and not the private key box within the DataBlend UI.

  • Avoid tools like Microsoft Word for transferring keys as it can adjust the format and cause issues leveraging the key. Notepad or an alternative is recommended.

 

Scenarios

(1) In this scenario, the client encrypts files before placing them on the SFTP server, and DataBlend must decrypt them after retrieval.

Required fields:

  • Name
  • Username
  • Password or Private Key
  • Host
  • Port
  • Decryption Key

Optional fields:

  • Encrypt Files
  • Sign Files

Workflow:

  1. DataBlend provides the client with a PGP public key.
  2. The client encrypts files using that public key.
  3. The client uploads encrypted files to the SFTP server.
  4. DataBlend downloads the files.
  5. DataBlend uses the configured Decryption Key to decrypt the files for processing.

 

(2) DataBlend encrypts files before uploading them to the client's SFTP server.

Required fields:

  • Name
  • Username
  • Password or Private Key
  • Host
  • Port
  • Encrypt Files
  • Encryption Key

Optional fields:

  • Sign Files
  • Signing Key
  • Signing Key Passphrase

Workflow:

  1. The client provides their PGP public key.
  2. DataBlend enables Encrypt Files and uploads the client's public key into Encryption Key.
  3. DataBlend encrypts the outbound file.
  4. The encrypted file is uploaded to the client's SFTP server.
  5. The client decrypts the file using their private key.

 

Quick Reference:

Scenario Encrypt Files Encryption Key Sign Files Signing Key Decryption Key
Receive encrypted files from client         Yes
Send encrypted files to client Yes Yes (client public key) Optional Optional  
Send signed & encrypted files to client Yes Yes (client public key) Yes Yes  
Receive encrypted and signed files from client         Yes

API Basics

You can find related information in this article here: API Basics