SSH Public and Private Keys for UC

Audience: Universal Connector IT Resource

Summary: Reviews the importance of the SSH Username and Public Key and how to acquire them. 

MineralTree's ERP-agnostic Universal Connector functions through the use of an SFTP application. In order for MineralTree to submit and retrieve files from the application, we require what's called an SSH public key and you must have a corresponding private key. 

The key pair must be in openssh format and the specific type of key must be SSH-2 RSA. This information must be provided before the initial import to facilitate the secure link between your ERP and MineralTree. You are able to use the same key pair for multiple MineralTree environments.

Keys can be generated in various ways. If your IT resource does not have a key generator, we have instructions below for PuTTy, a free key generator from www.putty.org. 

PuTTY SSH Generator Instructions

1. Download PuTTy from www.putty.org. 
2. Run the .exe file
   
3. Once in the Key generator, click on the Key dropdown and select SSH2-RSA. This is the only key type that will work with the system.
   
4. In the Parameters section where it asks for the number of bits in a generated key, type in either 2048 or 4096. The higher the bits, the harder the code will be to crack.
5. Click the Generate button.
   
6. A key pair has now been generated! The key should start with "ssh-rsa AAAA" and if it does not, then it means you have selected the wrong key type in step 3.
7. In the Key comment field, enter any comment you'd like, to help you identify this key pair (e.g. location, office, etc). The key comment is particularly useful in the event you require  more than one key pair for multiple companies in the system. 
8. Optional: Type a passphrase in the Key passphrase field & re-type the same passphrase in the Confirm passphrase field (if you plan to automate the file transferring between SFTP and ERP, you should not create a passphrase). 
9. Save the private key. This is the key that you will keep and not share.  It should be saved in a location that only you can access and that you will not lose. If you lose your keys you could become locked out of the system and need to generate new ones from scratch. 
   
10. Copy and paste your public key from the Public key for pasting into OpenSSH authorized key file area and send it to your implementation manager at MineralTree (with the comment if necessary). 
    
11. Now that MineralTree has your public key, we will start our configuration of your system on our side. Once this is complete, we will provide you with a username to use with your private key when you access your SFTP application.