How can we help?

SFTP public key authentication


SFTP public keys are used as an alternative authentication method for establishing secure FTP connections when importing and exporting contacts. Instead of authenticating with a password, the public key authentication uses a pair of keys, one private and one public. The private key is kept secret and is typically stored in the user’s home directory for safekeeping. As proof of owning the private key, the user reveals only their public key when making an SFTP connection.

Your private keys will be stored in Cordial without being revealed outright. However, you will be provided the corresponding public keys to add to your server for authenticating SFTP contact import and export connections.

Create a new secret

1. Navigate to Settings > Account Settings > Secrets Vault.

2. Create a New secret then provide the Key name and Key description. The key name can be used to authenticate contact imports and exports via API as well as via the UI for data automation contact imports and exports.

3. Cordial will generate the key pair and present you with the public key. The private key will remain secret and stored securely in your Cordial account.

4. Click anywhere within the public key field to copy the string to the clipboard. The key should be added to the remote server for which you wish to enable SFTP public key authentication. For example, when working with Linux based servers, in most cases, the public key should be copied into the ~/.ssh/authorized_keys file.

Authenticate using public keys

You can use authorized public keys to authenticate SFTP connections when importing and exporting contacts. Under Authentication in the Data Source pane, choose Saved key as the authentication method and pick the public key you wish to use to use for this connection.

Multiple keys can be generated and managed directly from the Secrets Vault. You can generate individual public keys for use by designated teams or team members.

Manage public keys

All active keys will be listed on the Secrets Vault page. If a key is no longer needed, it can be permanently deleted. Deleting a key will cause SFTP authentications that were dependant on that key to no longer authenticate.



Please sign in to leave a comment.