Configure an SFTP Destination with a Private Key
Troubleshooting
Problem
When adding an SFTP destination in DataSync, the connection may fail if the SFTP server requires authentication using a private key instead of a password. Users often receive a connection error when they are unsure how to provide the private key in the DataSync connection settings.
Cause
DataSync does not automatically detect or import private key files. To authenticate with a private key, specific SSH connection properties must be configured manually, including the authentication mode, key format, and the private key content itself.
Solution
Configure the following SSH properties in the destination settings to enable private key authentication:
- SSHAuthMode : set to
Public_Key. - SSHUser : the username provided for the SFTP connection.
- SSHClientCertType : choose
PEMKEY_BLOB(PEM format) orPPKBLOB(PuTTY format), depending on the key you received. - SSHClientCert : paste the full content of the private key file. Note: line breaks (
\r\n) must be added manually, especially for PuTTY‑format keys. - SSHClientCertPassword (optional) : provide the password if the key file is protected.