Generate SSH Key Pair for SFTP Adapters

We can setup a secure and reliable file transfer based on SSH File Tranfer Protocol (SFTP). SFTP is a protocol for secure remote login and an enhancement of SSH (Secure Shell).

We create SSH public key and give it to SFTP server team to configure that on it. It helps to connect the system to SFTP without entering its password.

So, here we will build these SSH keys to bridge the gap to enter into SFTP and setup a reliable and secure file transfer.

Pre-requisites

1. Install WinSCP tool (you may use other tools but it simple and easy to use).
2. Putty (FAMOUS) - This and WinSCP can be combined.

The above requisites are enough to generate the keys and have it ready for the development. Now, let's start the configuration:

• Start WinSCP -> Click on Tools -> Run PuTTYgen

• Select Parameters - RSA  and Enter the number of bits as 2048. Click Generate.

• After clicking generate button, the seeking bar begin to increase when you begin to create some randomness in the blank area. The key will generate in 2-3 minutes.

• Now, finally after generating, we can save the Public and Private (ppk) key and Public Key to be saved in SFTP.

Note: 

1. The public key starts with ssh-rsa has to be pasted in SFTP server. 
2. The public key saved as Save public key is different from the public key to be pasted in SFTP server.
3. We also need to make sure, there should not be any new line character in our key.

Now, we will have 3 files generated. 1. PPK Private Key 2. SSH Public Key 3. SSH Public Key to be pasted on SFTP Server.

We will have three files as named above.

They will look like:

Test them with WinSCP if the private key is able to connect it to the SFTP server.

1. For this, first request the administrator of SFTP to save the SSH Public Key on SFTP in authorized key file or raise an incident to SAP Support Launchpad to paste the public key on SFTP.
2. After this, open WinSCP and fill the following details as shown:

In Advanced > Click Authentication under SSH >Select ppk Private Key

When we login for the first time, a warning appears with server's fingerprint. This is a good sign. It shows that it is able to reach SFTP server. Just click Yes.

If we have chosen PassPhrase while generating the key it will ask for passphrase else it will connect.

And, that is it. You are connected to SFTP server. 😊

Note:

Just make sure, we have placed the privateKey_SFTP.ppk in the correct folder from which we have uploaded the key for authentication. Else it will show the below message.

Request for SuccessFactors SFTP access

The purpose of SuccessFactors SFTP access: This ensures the secure data tranfer using private and safe data stream. Here, SFTP stands for Secure File Transport Protocol. The main purpose to get the access of SFTP access is to transfer data securely, but it is also used to obtain the general access to the FTP server's file system. The usages of SFTP: 

1. In third party integration - outbound or inbound data transfer i.e. data flow towards SFTP from a system particularly Employee Central, Onboarding, Learning and WorkForce Analytics is outbound and data flow out of the SFTP to Employee Central, Onboarding, Learning and WorkForce Analytics is inbound.
2. Automating data import/export into the system via Schedular.
3. Receiving backup copy of instance refresh/clone.

SuccesFactors provide a Graphical SFTP client by GlobalScape, Inc which can be accessed by the below URLs or depending on one's hosting.

https://sftp10.successfactors.com/EFTClient/Account/Login.htm

https://sftp4.successfactors.com/EFTClient/Account/Login.htm

https://prodftp2.successfactors.eu/EFTClient/Account/Login.htm

The customer can request the access of SFTP by raising an incident for it on SAP Support Launchpad with client's S-User ID for the instance of SuccessFactors system.

The link for SAP Support Launchpad is:

https://launchpad.support.sap.com

Authorized cient adminitrator need to create an incident on SAP Support Launchpad with Medium priority with the following information:

1. Preview/test instance Company ID
2. Production instance Company ID
3. Customer # (installation)
4. Platform: Bzx/ LMS/ ONB/ WFA

Consequences

• Time to get the access of SFTP may take 1-3 days.
• Authorized recipient via email from SFTP Provisoning Support Team will receive a separate mail subjected to SFTP Account for "XXXXX, Inc for:

1. SFTP Username
2. SFTP Password
3. SFTP URL

Points to be noted:

• Customers will get only one production and one test insatnce of SFTP irrespective of the number of instance they have.
• Customer can request third SFTP insatnce, however but with valid justification. The access to the third instance granted on the approval from SAP Platform Team.