AEP - SFTP source connector fails connecting with the provided authentication credentials using SSH key

Description

You are trying to set up and SFTP source connector within AEP. The SFTP source connector fails connecting with the provided authentication credentials using SSH key.

You may be using PuttyGen to generate the keys.

Resolution

First of all make sure all the pre-requisites are met:

  1. Verify with your SFTP provider the type of key it is supported

    1. SSH-1 vs SSH-2
    2. Generated key size in bits: default is 2048
  2. Authorise AEP IPs on your SFTP Provider

    1. Verify the data center where your AEP instance is deployed

      1. VA7: North America
      2. NLD2: Europe
      3. AUS5: Australia
    2. AEP IPs can be found in the SFTP Connector documentation: See https://experienceleague.adobe.com/docs/experience-platform/sources/connectors/cloud-storage/sftp.html

  3. AEP supports an RSA or DSA type OpenSSH key.

    The SFTP connector supports an RSA or DSA type OpenSSH key. Ensure that your key file content starts with "-----BEGIN RSA/DSA PRIVATE KEY-----" and ends with "-----END RSA/DSA PRIVATE KEY-----". If the private key file is a PPK-format file, use the PuTTY tool to convert from PPK to OpenSSH format.

    Instructions on how to generate the keys can be found here:

    https://experienceleague.adobe.com/docs/experience-platform/sources/connectors/cloud-storage/sftp.html?lang=en#set-up-a-base64-encoded-openssh-private-key-for-sftp

  4. AEP requires a OpenSSH base64 encoded private key

If you are still having problems, there may be an issue with the way the private key generated by PuttyGen is transformed.

Note that AEP requires the private key to be of OpenSSL format encoded base64. Once the keys are generated, you must save the private key using the (PuttyGen) menu ‘conversions’ ‘Export OpenSSH Key’, this will generate the private key in OpenSSH format and ONLY THEN you can encode it in base64

AEP requires the private key to be base64 encoded, you can either:

  • Use tool such as https://www.base64encode.org/

    or

  • Use OpenSSL by issuing the following command:

    openSSL base64 -in yourPrivateKeyFile -out yourPrivateKeyFileBase64
    

On this page