LogoLogo
Home
  • ExaVault Documentation
  • Installing & Upgrading The Appliance
    • Downloading The Base Image
    • System Requirements
    • Firewall Configuration
    • Installation & Setup
      • AWS Installation
      • VMWare Prerequisites
      • Installing Other Software
    • Mounting the Data Drive
    • Upgrading to v18.x from v16.10
      • VMWare Upgrade Prerequisites
    • Upgrading From 16.05 or Earlier
  • Using ExaVault
    • Users
      • SSH Key Authentication
        • Creating an SSH Key on Windows
        • Creating an SSH Key on Linux
        • Creating an SSH Key on macOS
      • Export List of Users and Groups
      • Two-Factor Authentication (2FA)
      • Single Sign On (SSO), SAML, SCIM
    • Links (Share Links)
    • Notifications
    • Ciphers
    • Customizing Your Site
      • Login Page
      • Contact Information
      • Custom CSS
      • Custom Terms of Use Agreement
  • Connection Methods
    • SFTP
      • Supported SSH Ciphers
      • Maximizing SFTP Performance
      • Command Line SFTP Examples
      • Troubleshooting SFTP
    • FTP and FTPS
      • Troubleshooting FTP
    • WebDAV
  • Administration Tasks
    • Restarting the Appliance
    • Logging
    • License Keys
    • Installing or Updating SSL Certificate
    • Increasing Available Storage
    • Deleting Old Activity
    • Deleting Old Quotas
    • Appliance Manager Password Reset
    • Sending Email
  • Premium Features
  • Migrating to Files.com Cloud
    • Migration Process Overview
    • Technical Enablement Steps
    • Regional Considerations
  • HyperPrivacy Mode
    • User Home Folders
    • User Deletions
    • Sharing
    • Retention Rules
    • Trash Can
Powered by GitBook

©2023 Orange Platform LLC dba ExaVault. All rights reserved.

On this page
  • Why Use SSH Keys?
  • Steps for Adding SSH Key Authentication
  • Creating SSH Keys
  • Uploading Your Key
  • Using Your Key
  • Removing Your Key
  • Supported Key Types
  • SSH Keys Come In Pairs
  • No Shell Access
  1. Using ExaVault
  2. Users

SSH Key Authentication

PreviousUsersNextCreating an SSH Key on Windows

Last updated 26 days ago

Using SSH keys to authenticate SFTP sessions instead of passwords provides enhanced security, convenience, and automation capabilities. SSH keys are significantly harder to compromise than passwords, making them a more secure option for protecting file transfers.

Why Use SSH Keys?

Many organizations rely on automated scripts to handle secure file transfers over SFTP. When scripts use password-based authentication, there's a risk of accidentally exposing credentials—whether in plain text, in shared files, or in version control systems.

By using SSH key authentication:

  • You eliminate the need to store passwords in scripts

  • You reduce the risk of credential leakage

  • You streamline authentication for automated and scheduled file transfers

Steps for Adding SSH Key Authentication

Enabling SSH Key authentication is a straight forward process. First, a keypair. Next, to the .ssh directory in your home folder using SFTP. With those steps done, you can configure your SFTP client to .

Creating SSH Keys

The exact steps for creating a key will differ depending on your environment. See the appropriate guide for your situation.

Uploading Your Key

In order to use your key with ExaVault, you must first connect to the system through SFTP using a password.

When you connect to SFTP, a virtual directory name .ssh appears in your home folder. Upload your public key file to the .ssh directory. You cannot perform this step when you are connecting in other ways, such as using the web interface.

Using Your Key

After your SSH key is uploaded to the .ssh directory, you need to configure your SFTP client to use your private key for authentication. The exact steps for this will vary by SFTP client.

Command-line clients, such as those on Linux or macOS, will allow accept command-line parameters -i or --identity-file to specify your private key.

sftp -i /path/to/my_ssh_key.key username@MYCOMPANY.files.com

Removing Your Key

To disable access for a particular SSH key in your account, connect to the SFTP server and delete the public key from the .ssh directory in your home folder.

Supported Key Types

ExaVault supports the following SSH key formats:

  • RSA

  • ed25519

All public keys must be provided in OpenSSH format when uploading or configuring them in your user profile or automation system.

SSH Keys Come In Pairs

An SSH Key is really a matched pair: a public key and a corresponding private key.

When generating an SSH key, the two halves (public and private) will always be created.

The private key must never be shared, and should remain under the control of the user, script, or system, that will be using SFTP to connect to an SFTP account. The private key is the equivalent of your password and should be protected similarly.

The public key can be shared with any system that needs to provide secure access to the user, script, or system, that owns the corresponding private key. The public key does not need to be kept secret and can be distributed freely. The public key has no power, authorization, or authority without the corresponding private key.

Never share a private key. Whenever exchanging SSH keys for use with SFTP or SSH access, only send or share the public key portion.

No Shell Access

SSH keys grant access to the SFTP service only. Even with a valid key, users will not be able to open an interactive shell or terminal session on the server. This helps maintain a secure and controlled environment focused solely on file transfer.

Creating an SSH Key on Windows
Creating an SSH Key on Linux
Creating an SSH Key on macOS
create or obtain
upload the public key
use your private key for authentication