key file authentication with the BizTalk SFTP adapter
Authentication on an SFTP location can be done with simple username/password credentials… However another way to authenticate the sender is by using a Key Authentication file. But how can this last authentication method be used inside the BizTalk SFTP adapter?
the BizTalk SFTP adapter we used to achieve this is the freely available SFTP adapter on Codeplex. Just download the adapter and install it. And don’t forget to add the adapter in the BizTalk admin console of course.
Now then let’s set up the port in BizTalk. In my example I ‘ve configured a receive location, but obviously the same goes for the send port configuration.
First of all choose the created adapter in the biztalk admin console, as shown below.
To set up the proper configuration for the SFTP port, just press the ‘Configure’-button.
These parameters need to be set:
- Schedule: define a timely schedule how often you want to poll the SFTP location (receive location only)
- File Mask: set the correct file mask
- SSH Host: the host address of the SFTP location
- SSH Identyfile: Select the Key authentication file on disk
- SSH Identyfile Passphrase: the password of the selected key authentication file
- SSH Remote Path: the path on on the SFTP location
- SSH User: the user name to authenticate on the SFTP location
Seems pretty straight forward, doesn’t it?
Well there are some things you ‘ll need to take into account to make sure the connection can be made…
Make sure the identyfile type is supported
You’ll need to make sure the identyfile type is supported by the library. The supported versions can be found here. As this is the library which is used by the bizTalk SFTP adapter.
Make sure the identyfile can be recognized
In my case for example, I got an *.ppk file as authentication file. But as it turned out, this wasn’t recognized.
The error message you git is this:
Which in the end seemed a bit misleading, as the problem wasn’t the private key for the authentication file. It was just the *.ppk file that wasn’t supported.
To make the key authentication file working, I had to convert the file to an OpenSSH key file. This can be done by using PuttyGen for example, and exporting the authentication file as an OpenSSH key file.
Don’t use both password parameters
Also make sure you only use the intended parameter SSH Identyfile Passphrase, and leave the SSH password blank.
In case both password fields are filled, the SFTP adapter will try to authenticate by the username/password credentials stated. So it won’t offer the specified identyfile to authenticate.
I orignally posted this on my companies blog: http://blog.cnext.eu/2013/02/19/using-key-file-authentication-with-the-biztalk-sftp-adapter/