Using SSH keys with SFTP

Updated 5 months ago by John Hurley

Password Authentication

This is the default authentication method. When connecting via SFTP, if key authentication is not set up the user will be prompted for a password.

Key Authentication

In order to use key authentication, the user must generate a key pair. On the client machine, issuing the following command will generate a new SSH key pair.

# ssh-keygen

By default, the key pair will be stored in $HOME/.ssh/id_rsa and $HOME/.ssh/id_rsa.pub.

The public key (id_rsa.pub) must be loaded into a specific directory within the system for the authentication to work. The system expects the id_rsa.pub file to be stored as .ssh/username.pub. The .ssh directory must be relative to the user's home directory. For example, if the user's home directory is /home/steve, then the full path to steve's authorized keys file would be /home/steve/.ssh/steve.pub.

1. Log into the web UI or FTP and create a directory named .ssh.

2. Upload the id_rsa.pub file into this new directory.

3. Rename the id_rsa.pub file to <username>.pub. <username> should be replaced with the username of the user which will authenticate using this key.

Additional keys can be placed into this file. Each key should occupy a single line. Any public keys located here will allow the corresponding private key to authenticate as the user. If multiple users share a home directory, their keys will reside in separate files in the same .ssh directory.


How Did We Do?