TracCloud: SSH Keys for SFTP Authentication: Difference between revisions
From Redrock Wiki
Created page with "{| style="width:100%; vertical-align:top; " | style="width:250px; vertical-align:top; padding:2px 15px 2px 2px;" | {{TracCloudTechTOC}} | style="vertical-align:top; padding:20px 20px 20px 2px;" | <big><b>Using SSH Keys for SFTP Authentication</b></big><br> By default, Redrock will provide a single username and password to access your campus SFTP directory. If you would prefer to authenticate using SSH keys, we'll simply need a copy of your public SSH-RSA key to install..." |
No edit summary |
||
| (21 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{ | {{TracCloudGuideTabs}} | ||
<div class="tcWidgetPage"> | |||
<div class="category"> | |||
{{TracCloudTechTOC}} | |||
</div> | |||
<div class="pageTitle">Using SSH Keys for SFTP Authentication</div> | |||
By default, Redrock will provide a single username and password to access your campus SFTP directory. If you would prefer to authenticate using SSH keys, we'll simply need a copy of your public | By default, Redrock will provide a single username and password to access your campus SFTP directory. If you would prefer to authenticate using SSH keys, we'll simply need a copy of your public key to install on our end. We've included basic instructions below for creating a key pair with a simple CLI tool and logging into the SFTP site using WinSCP. This isn't the only method to accomplish this, there are multiple ways to generate key pairs and many FTP clients available. | ||
<div class="line"></div> | |||
<big>Generating a key pair</big> | <big>Generating a key pair</big> | ||
Using MacOS | Using Linux or MacOS, run the '''ssh-keygen -t ecdsa''' command in a terminal. Passphrase should be left blank. To create a key longer than the default (256 bits), append '''-b 384''' or '''-b 521''' to your command. Both your private and public key can be found in ~/.ssh (by default). If you're connecting to our SFTP server using OpenSSH 8.8 or later, an ECDSA key is required. For 8.7 and earlier, an RSA key can be used if you prefer. | ||
[https://www.ssh.com/academy/ssh/putty/windows/puttygen Click here to view instructions for Windows (ssh.com).] Like with Linux & MacOS, you should generate an ECDSA key with PuTTY. | |||
[[File:2631262.png|600px]]<br><br> | [[File:2631262.png|600px]]<br><br> | ||
''' | '''id_ecdsa''' is your private key, which should not be shared. | ||
''' | '''id_ecdsa.pub''' is your public key, which should be provided to Redrock Software. | ||
<hr> | <hr> | ||
<big>SFTP Clients</big> | <big>SFTP Clients</big> | ||
After Redrock Software receives your public key(s), you can login using your SFTP client | After Redrock Software receives your public key(s), you can login using your preferred SFTP client. WinSCP is a common choice, which is shown as an example below. | ||
Edit your site configuration. | Edit your site configuration. | ||
| Line 37: | Line 41: | ||
Save your site configuration settings and connect. If you have any trouble, reach out to Redrock Software at [mailto:helpdesk@go-redrock.com helpdesk@go-redrock.com]. | Save your site configuration settings and connect. If you have any trouble, reach out to Redrock Software at [mailto:helpdesk@go-redrock.com helpdesk@go-redrock.com]. | ||
[[Category:TracCloud Manual]] | |||
[[Category:TracCloud]] | </div> | ||
Latest revision as of 17:47, 26 September 2025
TracCloud Technical Documentation
By default, Redrock will provide a single username and password to access your campus SFTP directory. If you would prefer to authenticate using SSH keys, we'll simply need a copy of your public key to install on our end. We've included basic instructions below for creating a key pair with a simple CLI tool and logging into the SFTP site using WinSCP. This isn't the only method to accomplish this, there are multiple ways to generate key pairs and many FTP clients available.
Generating a key pair
Using Linux or MacOS, run the ssh-keygen -t ecdsa command in a terminal. Passphrase should be left blank. To create a key longer than the default (256 bits), append -b 384 or -b 521 to your command. Both your private and public key can be found in ~/.ssh (by default). If you're connecting to our SFTP server using OpenSSH 8.8 or later, an ECDSA key is required. For 8.7 and earlier, an RSA key can be used if you prefer. Click here to view instructions for Windows (ssh.com). Like with Linux & MacOS, you should generate an ECDSA key with PuTTY.
id_ecdsa is your private key, which should not be shared.
id_ecdsa.pub is your public key, which should be provided to Redrock Software.
SFTP Clients
After Redrock Software receives your public key(s), you can login using your preferred SFTP client. WinSCP is a common choice, which is shown as an example below.
Edit your site configuration.
Locate the SSH settings and select your private key.
Some SFTP clients (such as WinSCP) may require that the private key be in a PuTTY format. For WinSCP, you can follow the on-screen instructions to convert the key and use the new .ppk file instead. This does not require changing your public key.
Save your site configuration settings and connect. If you have any trouble, reach out to Redrock Software at helpdesk@go-redrock.com.