Published on 06 Apr 2021
Did you know you can log into your ExaVault account and other servers or applications without transmitting your password? SSH keys are a vital part of this process, allowing you to both secure and automate data transfers.
Maybe you’re particularly security-minded, or you have an automated script and want to avoid storing the password inside the script. In either case, ExaVault supports passwordless logins through the use of SSH keys in SFTP connections.
In this blog, we’ll walk you through getting your SSH key imported into WinSCP, a popular FTP client that can be used for manual SFTP connections as well as automated SFTP connections through WinSCP scripting.
Set up a new user in your ExaVault account with the appropriate home folder and action permissions. If you already have a user that you want to use for the login, skip this step.
Once you know the user who should have the SSH key, you can create the key pair directly in ExaVault. Some accounts have limits on the number of SSH key pairs that can be stored, so contact support if you need to upgrade your account.
Be sure to make note of the download location of the private key file you generate. You’ll need to be able to find this file later! The public portion of the key will be automatically stored in ExaVault for the user you selected.
If you are generating this key pair for a user other than yourself, you’ll need to get the private key file over to the user so they can import it into WinSCP. ExaVault’s send files option makes a great choice to securely transmit the private key to the end user.
(If you are not the end user who will be using this key pair, point them at this article and step back as your work is complete.)
When you open up WinSCP, by default you’ll see the Login screen where you can create new connections. Fill out the connection information for your account, including your username. Make sure you’ve got the file protocol set to SFTP or you won’t be able to specify an SSH key login. Once you’ve got the connection information entered, click the Advanced button to open up additional connection options.
Once you’ve clicked the Advanced button, select the Authentication sub-tab under the SSH section.
Click on the ellipsis button (…) next to the Private Key File entry field. This allows you to navigate to the location where you have stored your private key file. If you downloaded this file directly from ExaVault, the file will be in your default Downloads folder unless you’ve moved it to another location.
When you get to the folder location of your private key, you will probably have to change the finder window to look for file type “All Files (*.*)” to find your key file.
Select your key file and click the Open button.
You’ll likely be prompted to convert the key to PuTTY format, as this is the format accepted by WinSCP. If you receive this prompt, click the OK button. WinSCP will automatically convert the key to the proper format for you. Choose the permanent location for this private key and click the Save button to store the converted key file.
Click OK to accept the Advanced Site Settings changes.
Click the Login button to connect to ExaVault using your imported private key.
If this is the first connection from WinSCP to your ExaVault account, you’ll be asked to confirm the host key information. This prompt is SFTP’s way of letting you know that it hasn’t seen the server before and that you should confirm the connection.
If prompted, add the host key to the known hosts cache.
After a successful connection, you’ll see your local files on the left side of the WinSCP window, and your ExaVault files on the right-hand side.
Once you confirm that the connection works, be sure to use the Save Session As Site to save the settings permanently.
After saving the session, it will appear on the Login screen the next time you connect to WinSCP. Congratulations, you have successfully set up a passwordless SFTP login to your ExaVault account through WinSCP!
Using a different FTP client? Watch our video to get started with WinSCP.