Accessing SFTP on Metworx and Local Machines


Scope

SSH file transfer protocol (SFTP) is a network protocol that provides file access, transfer, and management. This article covers the basic elements of configuring SFTP access for a Metworx workflow and a local machine.

Generate a Key to Access the SFTP

First, you need to generate a key that allows access to the SFTP.

  1. Launch RStudio from your Metworx dashboard.

Figure 1

  1. In RStudio, open a terminal session by selecting Tools > Terminal > New Terminal.

Figure 2

  1. In the terminal, generate the ssh key using the command: ssh-keygen -t rsa -f /data/sftp-keys -P ""
  2. You should get a confirmation, similar to the screenshot below, which confirms that you have a public and a private key generated in the /data/ directory. The public key is the one ending with .pub (e.g., /data/sftp-keys.pub); the private key is the one that does not end in .pub.

Figure 3

  1. If MetrumRG is managing your SFTP, you'll need to provide the public key (ending in .pub) to MetrumRG so we can ensure a storage bucket is configured to allow you access. Otherwise, provide the public key (ending in .pub) to whoever is managing your SFTP so they can configure access based on that key.
  2. After completing step 4, you can access the SFTP by specifying the private key (located at /data/sftp-keys), the username/password, and the location/address of the SFTP.

Provide SFTP Access Key to Another Computer

This step is only necessary if you have another device that also requires access to the SFTP. In this case, the additional computer will need the private key you generated within the workflow (located at /data/sftp-keys).

There are multiple ways to accomplish this depending on your constraints and technical proficiencies. Below is a straightforward example of one way to copy the key.

  1. Open the file manager in your workflow desktop by clicking the File Manager icon.

Figure 4

  1. When you first open file manager, it will likely default to a location similar to /data/home/<your-username>. Update the address in your file manager to /data/ (in the screenshot shown, the highlighted text in the address bar is home/bryanf/ and deleted).

Figure 5

  1. After navigating to /data/ you will see the public and private keys you generated (in the screenshot below, the public key is sftp-keys.pub and the private key is sftp-keys).

Figure 6

  1. Open a new browser and navigate to an email or file-sharing solution (such as Dropbox or Box) that is acceptable for your use case. Sign in and send or store sftp-keys and sftp-keys.pub. The screenshot below demonstrates this with Dropbox.
  2. Importantly, if using a file sharing resource such as Dropbox, ensure you have taken appropriate steps to prevent unintentionally sharing those files. In the example screenshot, a “keys” folder was created (and is only shared with the user accessing it).

Figure 7 Figure 8 Figure 9

  1. Next, navigate to the device that you want to access the SFTP resource from. Open a browser and navigate to the same resource you used in step #4 above (e.g., login to your email or file sharing service). Download both files (sftp-keys and sftp-keys.pub) to your local machine.

    • The private key will allow you to access the SFTP resource from the device you downloaded it onto (or you can share as needed to other devices).

      • Do not share your private key.
    • The public key is used to provide access to the SFTP resource (so if MetrumRG manages that for you, we will need you to provide us with the public key in order to setup SFTP access to an S3 bucket).

      • If MetrumRG is managing your SFTP solution, you will need to send the public key (which ends with .pub).

Convert Key to Windows Format (Windows Machines Only)

If you are adding a key to a Windows-based computer, you need to convert the key format (from .pem to .ppk) before you can use it to access the SFTP resource.

  1. Download PuTTY if you have not done so already.
  2. After installing PuTTY, enter PuTTYgen into the search bar (next to the Windows Start Menu). (Or navigate to PuTTYgen via the Start menu by selecting Start Menu > PuTTY > PuTTYgen).

Figure 10

  1. Select Load to load an existing private key file.

Figure 11

  1. Click on the drop-down menu selection (which likely defaults to "PuTTY Private Key Files (*.ppk)" ) and select All Files.

Figure 12

  1. Navigate to the directory where you downloaded the keys and select the private key (it's the one that does not end with .pub). After selecting the private key, click Open.

    • Note: Microsoft may indicate that the public key is a "Microsoft Publisher Document," instead of indicating the suffix .pub

Figure 13

  1. A dialog box should display a "PuTTYgen Notice" informing you that it successfully imported the key. Click OK.

Figure 14

  1. Select Save private key in the PuTTY Key Generator window. Choose whether or not you want to use a passphrase to protect the key (if you select Yes then you will have to enter that passphrase when using the key to access the SFTP resource).

Figure 15

  1. Specify a name for your converted key (you may also change the directory here if you like), and select Save - this will create a Windows-friendly .ppk key with the name you just specified, in the location you just specified.

Figure 16

Access SFTP Resource Using FileZilla

This summarizes how to use FileZilla to access your SFTP resource. There are few points to consider before getting started. - If you are using a Windows machiine, make sure you have converted your key to a Windows-friendly format (see guidance above). - If MetrumRG is managing your SFTP resource, then we will need your public key to setup your access (see guidance above). - FileZilla has support resources available as well, so you can refer to the FileZilla wiki for additional context and guidance. - Whoever manages your SFTP resource will need to ensure you have the information necessary to complete step 3 below. Consider step 3 "default" steps for accessing your SFTP resource, while understanding there may be alternative ways recommended by your SFTP resource manager.

  1. Open FileZilla.
  2. Select the Site Manager icon in the top bar of FileZilla.

Figure 17

  1. Select New Site in the Site Manager window. Update the following fields:

    • Protocol: Select SFTP - SSH File Transfer Protocol
    • Host: Enter the address of the SFTP resource
    • Port: Enter 22 as the port (FileZilla generally manages this for you)
    • Logon Type: Select Key file
    • User: Enter the user name to access the SFTP resource
    • Key file: Click Browse and navigate to the location where you saved your private key then select your private key and click Open. If you are using a Windows computer, make sure you have converted your key to a Windows-friendly format (see guidance above).
  2. Next, select Connect to connect to your SFTP resource. If you have any questions, consult with the person who is managing your SFTP resource.
  3. Once you have connected to your SFTP resource, you can upload and download files from it.

    • The Local site: pane represents the computer you are accessing the SFTP resource from
    • The Remote site: pane represents the SFTP resource that you are accessing from your computer

Uploading in FileZilla To upload a file to your SFTP resource using FileZilla, navigate to the desired file in the Local site pane. To select where to upload the file navigate to the desired location in the Remote site pane. When you find the file you want to upload, right-click and select Upload.

Downloading in FileZilla To download a file from your SFTP resource using FileZilla, navigate to the desired file in the Remote site pane. Select a destination for the file download by navigating to the desired location in the Local site pane. When you find the file you want to download, right-click and select Download.