While Slate supports retrieving files from a remote SFTP server, this practice is generally discouraged because the import process will fail if the remote SFTP server becomes unavailable for any reason, such as during a network connectivity or maintenance issue. All imports should be sent to the Technolutions SFTP servers, where we provide high availability and where uploads can take place at any time. Imports from a remote host also do not use certificate-based authentication that provides the highest level of security, and only password authentication is used. We strongly encourage using best practices for the import process, but do also support pulling a file from a remote SFTP server if required by your business process.

Basic FTP is Inherently Insecure

Basic FTP does not encrypt data during transfer, and all data is sent in clear-text format. Using basic FTP is highly discouraged.

The outbound connections initiated from the IP addresses provided in the Outbound Networks Knowledge Base article should be allowed.

Certificate-Based Authentication (Recommended)

Create a Remote Service Account User

The service account that you create stores the SSH Private Key used to import files from a remote server using the User ID for this account.

🔑 Required Permission

The Security Administrator exclusive permission (not inherited by any roles, including the Administrator role) is required to create or edit user accounts.

1. Click Database on the Slate navigation bar. The Database page appears.

2. In the Users & Access section, select User Permissions. The Active Users page appears.

3. Click New User. A New User popup appears.

4. Enter the following configurations:

   • First Name, Last Name, Preferred Name: Since this is a service account, provide a recognizable name that clearly states that this is a service account, rather than using an existing Slate user’s name.

   • Email: Provide an email address for a real user who will receive email notifications for this service account.

   • User Type: Set this to Service Account (Remote). The configurations on the popup update to provide details for the service account.

   • User ID: Enter an appropriate user ID. This ID will also be used on the remote system.

   • SSH Private Key: The service account requires an SSH key. If you do not already have a key pair to use, you can use an SSH key generator, such as the one provided here. Note that the corresponding public key must be installed on the remote server for this account’s User ID to access it.

   • Active: Select the checkbox for Enable account for access.

   • Expires After: If this account is temporary, you can set an expiration date for it. Click the field, and a date picker appears.

5. Click Save.

✨ Tip

The SSH Private Key should be an RSA key of at least 2048 bits and be saved without a passphrase. In addition, the private key should include the wrapper comments as shown in this example:

Note: The private key in this example has been shortened for illustrative purposes. If using PuTTYgen to generate a key, use the Conversions > Export OpenSSH Key to format the newly generated Private Key correctly. Save the OpenSSH Key without a passphrase by ignoring PuTTYgen's warnings.

Scheduling the Import

1. Click Database on the Slate navigation bar. The Database page appears.

2. In the Import and Data Processing section, select Source Formats. The Source Formats summary page appears.

3. Select the source format that you will be using to import data from the remote server. The source format’s summary page appears.

4. Click Edit. A configuration popup appears for the source format.

5. Select the Import Automation tab.

   ⭐ Best Practice

   Using date and time variables is recommended to prevent errors such as “a file or directory with the same name already exists.”  

   For example, if you are downloading the file from a directory called “Files” on the remote server, and the file name should be "test%FT%T.txt" you would enter:/Files/test%FT%T.txt. Path names on many servers, including Unix/Linux servers, are case-sensitive, so keep this in mind when entering the path.

6. Enter the following configurations:

   • Import Path/Mask: This defines the location and the file name on the remote sftp server. For the path, provide a string with the remote path on the server along with the name of the file.

   • Import Remote Server: Enter the protocol, username, password, and hostname (for example, sftp://remoteuser:[email protected]).

     • The protocol should be sftp for SFTP connections (recommended), ftps for FTPS connections, ftpes for FTPES connections, or ftp for insecure FTP connections. Note: If you must use FTP, we highly recommend using PGP encryption.

     • The username must match the user name in the remote system.

     • The password must be the password that the remote system expects for the user name.

     • The hostname is the remote server address.

   • Import Frequency: Provide the time, in minutes, for the import to repeat.

7. Click Save.

✨ Tip

If a port number must be specified, this can be done in the Import Remote Server setting string. For example:

sftp://remoteuser:[email protected]:22