Importing Files from a Remote Host/SFTP Server
  • 21 Mar 2024
  • 3 minute read
  • Dark
  • PDF

Importing Files from a Remote Host/SFTP Server

  • Dark
  • PDF

Article Summary

Slate supports retrieving files from a remote SFTP server.  This practice is generally discouraged, as the import process will fail if the remote SFTP server becomes unavailable for any reason, such as a network connectivity or maintenance issue.  It is generally recommended that all imports be sent to the Technolutions SFTP servers, where we can provide high availability and from which they can be uploaded to at any time.  The import from remote host does not utilize certificate-based authentication, which provides the highest level of security.  Instead only password authentication is supported.  These best practices aside, we do support pulling a file from a remote SFTP server, where this may be useful to your business process.

FTP is not an encrypted transfer protocol, which means that all data is sent in clear text. Therefore, FTP is not recommended.

The outbound connections are initiated from the IP addresses that should be allowed. 



Certificate-Based Authentication (Recommended)

Create a Remote Service Account User

The service account that you create will be able to store the SSH Private Key, which will be used to import files from a remote server using the User ID for this account.

Note: The Security Administrator exclusive permission (not inherited by any roles, even the Administrator role) is required to create or edit user accounts.

  1. Select Database on the top navigation bar and select User Permissions.

  2. Select New User.

    • If you do not already have a keypair to use, you can use an SSH key generator, like this. Note: The corresponding public key needs to be installed on the remote server for this User ID.

    • Since this is a service account, enter name information that clearly states this (rather than entering the name of a person who is already a Slate user).

    • Enter an email address of a real user or distribution group that is able to receive email notifications.

    • Change the User Type to Service Account (Remote).

    • Provide a user ID (this should match the user ID created in the remote system).

    • Enter the SSH Private Key.

    • Certificate-based authentication does not require a password, so leave the password field blank.

    • Be sure to check the Enable account for access checkbox.

  3. Select Save.


The SSH Private Key should be a RSA key of at least 2048 bits and be saved without a passphrase. In addition, the private key should include the wrapper comments as shown below.

Note: the private key above has been shortened for illustrative purposes.  If using PuTTYgen to generate a key, use the Conversions > Export OpenSSH Key to format the newly generated Private Key correctly. You will want to save the OpenSSH Key without a passphrase by ignoring PuTTYgen's warnings.

Schedule Import for the Source Format

  1. Select Source Formats under Database.

  2. Go to the source format that you will be importing data from the remote server.

  3. Select Edit.

  4. Select Import Automation.

  5. Add the Import Path/Mask setting for the location and the file name on the remote sftp server.    See the Path section below for important notes about configuring the path.

  6. Add the Import Remote Server, entering the protocol, username, password, and hostname (e.g. sftp://remoteuser:[email protected])  

    • The protocol should be sftp for SFTP connections (recommended), ftps for FTPS connections, ftpes for FTPES connections, or ftp for the much less secure FTP connections. Note: If you must use FTP, we highly recommend using PGP encryption.

    • The username should match the user name in the remote system.

    • The password should be the password that the remote system expects for the user name.

    • The hostname should be the remote server address.

    7. Add the Import Frequency in minutes.

PathFor the path, you should enter the remote path on the server along with the name of the file.

Best Practice

Using date/time variables is recommended. This can help prevent the following type of error: a file or directory with the same name already exists.  

For example, if you are downloading the file from a directory called Files on the remote server, and the file name should be "test%FT%T.txt" you would enter:/Files/test%FT%T.txtPath names on many servers, including Unix/Linux servers, are case-sensitive, so keep this in mind when entering the path.


If a port number must be specified, this can be done in the Import Remote Server setting, e.g.:

sftp://remoteuser:[email protected]:22

Was this article helpful?