Authorized Keys

SFTP Server may be configured to authorize users against known public keys. When a client performs public key authentication, it presents a signature created with the private key. The server will try to verify the signature is valid using each of the known public keys until it finds a match.

To add an approved public key, you may either specify it directly in the New User... form or add it to the registry. Possession of a private key which corresponds to an allowed public key serves as authentication.

Known public keys can be added to the Windows Registry at the following location. If the key does not exist go ahead and create it.

HKEY_LOCAL_MACHINE\SOFTWARE\nsoftware\SFTPServer\20\AuthorizedKeys

Create a new String value and set the value data to the public key in SSH public key format as specified by RFC 4253 (also known as OpenSSH public key format). Briefly, an OpenSSH public key consists of three parts all on a single line:

  • The key type
  • A chunk of PEM-encoded data
  • A comment

Example:

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQ...w== rsa-key-20191008

The name of the String value is not used, but it is recommended to set this to the name of the user that the public key corresponds to for organizational purposes.

Copyright (c) 2022 /n software inc. - All rights reserved.
SFTP Server 2020 - Version 20.1 [Build 8304]