How To: SFTP Public Key Authentication in Titan SFTP

Question

How to configure private/public key authentication in Titan MFT?

Reasoning

To add more security, instead of using username and password to authenticate users to TitanMFT, we can use private/public key authentication. This enhances security and user experience by providing stronger protection than traditional passwords, making it more resistant to brute force attacks. This method eliminates password-related risks like theft and phishing, while simplifying the login process. If a key is compromised, it can be easily revoked and replaced, improving security management. Additionally, it enhances monitoring and auditing capabilities, supports secure automation, and can integrate with multi-factor authentication. Overall, this transition significantly strengthens security and streamlines user access.

Answer

TitanMFT has a capability to alternate traditional username and password authentication using public key Authentication, and here’s how to do it. 

Pre-requisites

1. Administrator access in TitanMFT

Steps 

Configuring Server

1. Login to your TitanMFT server web UI.
   
   
   
   

2. Go to your sever > Services > SSH/SFTP >Manage Host Ley

3. SSH Host Key will pop up. Then click New.

4. Add SSH Host key will pop up. Select Key Type and Key Size then set desire name for your host key. 

5. Now the newly created host key is now listed in SSH Host Key Management. After confirming that the new SSH Key was successfully added. 
   
   
   
   
6. For the next step. Export SSH as multiple files and check Export Private Key then set desire password. Then click “EXPORT”. We’re going to use this for later procedure.
   
   *Note: save the Private key password for future reference.
   
   
   
7. Now, in SSH/SFTP page. Newly created SSH key is now available in dropdown of SSH Server Host Key. Select it and then click apply.
   
   
   

Applying Certificate to users.

1. Go to User 
   
2. Select user and click      to modify. Then select Edit User Services.
   
3. Go to SSH/SFTP tab. Check “Enable SSH Services for this user” and In drop down select your newly created ssh key (Procedure 4 in Configuring Server). Then click apply.

Configuring Client.

1. Unzip the exported SSH Key host (Procedure 6 in Configuring Server).
2. Open your SFTP application in our client (for this example we’re going to use filezilla.) 
   
   
   
3. Click file then select Site Manager. 
   
   
   
4. Add site by clicking “New Site”, then set desire name for this connection.
   
   
   
5. After the name was set. Set protocol to SFTP-SSH File Transfer Protocol. Set Host Address and port. 
   Select Key File in “logon Type” dropdown. Fill out “User” using client username. Select .ppk file in unzip certificate folder.
   
    

6. Then try to connect.