How to Generate SFTP Keys Easily

通过 Nathanael Wright | 更新: 09/12/2022 | 评论: 0




Area / Application

Product Category





Leave this field empty

CR1000X Measurement and Control Datalogger with secure lock

As organizations throughout the world continue to strengthen their network and data communications systems to counter increased security threats, we’ve noticed a trend: there’s been an increase in the number of Campbell Scientific customers setting up secure communications between their data loggers and other devices.

SSH File Transfer Protocol (SFTP) is a common protocol used for securely sending files from one device to a server, and the protocol is supported on our newest data loggers, including the CR1000X, CR6, and GRANITE Series. The SFTP protocol is based upon Secure Socket Shell (SSH) and therefore requires that the data logger have a public and a private key. The public key is shared between both the server and the data logger sending files to it.

If you’re having some difficulty generating the required private and public keys for the SFTP protocol, you’re not alone. This article covers one straightforward method to generate your own keys using the well-known open-source tool called PuTTY Key Generator and then apply those keys to your compatible data logger.

Let’s get started

To generate your public/private key pair for SFTP on a Campbell Scientific data logger, please follow the steps below:

  1. Install the PuTTY Key Generator, navigate to the PuTTYgen directory, and launch it. The default directory path is C:\Program Files (x86)\PuTTY\puttygen.exe.

    Note: If you have an existing public/private key pair in PPK format, skip to Step 4.

  2. Create a new public/private key pair by clicking the Generate button:

    PuTTY Key Generator and Generate button

  3. Move your mouse over the blank area to create some randomness that can be used to generate the keys:

    PuTTY Key Generator and randomness

    Note: After completing Step 3, skip to Step 6.  

  4. With the PuTTY Key Generator open, click the Conversions menu, and select Import key

    PuTTY Generator and Conversions | Import key

  5. The Load private key screen will appear. Select the .PPK formatted key file and click Open. Here is an example:

    Key File

  6. Click the Conversions menu, and select Export OpenSSH key. Save that as your private .PEM key file in a location you can easily find:

    PuTTY Key Generator and Onversions | Export OpenSSH key

    Note: A PuTTYgen Warning prompt will appear, asking if you want to save the key without a passphrase to protect it. Click Yes

    If you open the content of that key file as a text document, its header and footer should appear as the following:
    [key content here]
    -----END RSA PRIVATE KEY-----

  7. Now that you have the private key, let's work on the public key. Copy the public key text. Then, open Notepad or Notepad++, paste the content in the text document, and save the .txt file where you can refer to it as necessary. Your server will need that key.

    PuTTY Key Generator and Copy button

  8. Copy the content of the public key, and connect to your data logger using the Device Configuration Utility (DevConfig).

  9. In DevConfig, click the Settings Editor tab, and select the Advanced subtab. Scroll to the bottom, and paste your public key in the SFTP Public Key field:

    DevConfig and Settings Editor | Advanced

  10. Click the More button with the three dots (…) to browse for your private key .PEM file that you saved earlier. Then click the Apply button:

    DevConfig and More and Apply buttons

  11. Lastly, ensure that your SFTP server has the same public key attached or shared to it so that you can connect to the SFTP server. Your keys are now applied.

A testing tip

Test your system using the FTPClient() instruction in your data logger. Be aware that the processing of encrypted data takes longer than with a straight FTP instruction. To avoid skipped scans, it is usually best to contain an SFTP transaction within a SlowSequence near the end of your data logger program. A simple example is below:

Scan (1,Hr,1,0)
	FTPClient ("","FTPUserName","FTPPassword","USR:MyFile.dat","/MyFile.dat",20)

A final word

I hope you found this information helpful and can easily generate your SFTP keys to secure your communication. If you have any questions, please post them below.



nathanael wright Nathanael Wright is a Technical Support Engineer at Campbell Scientific, Inc. He provides technical support for data loggers, instruments, and communications equipment. Nathanael has bachelor's degrees in Computer Information Science and Business Administration, and a Masters in Business Administration. In addition, Nathanael has 15 years of experience working in IP communications. Away from work, he enjoys breakdancing, hiking, writing, publishing books, and fiddling with computer equipment.



Please log in or register to comment.