How to push results to an SFTP server
IMPORTANT |
This functionality will soon be removed and replaced by our new activation tool Destinations. To activate data please use the sFTP destination. |
After running an activation query, you can push the resulting file to an SFTP server.
To do so, you will need to create a connection between InfoSum Platform and the SFTP server. The query results will then be streamed to the destination and then the connection will be removed. If you need to give permissions to another user, please follow the steps in how to create an activation dataset permission.
Before starting, you will need the following information to hand:
-
Host
-
Port
-
Username
-
One of:
-
Password
-
Private Key Pem (Password-less connection).
-
-
Path (push directory needs to have a relative path - i.e. must not begin with a '/')
-
Filename (include the file extension - e.g. pushfile.csv)
- Host public key in one of the formats:
- OpenSSH authorized_keys - "Authorized Keys"
- OpenSSH known_hosts - "Known Hosts"
- PEM - "Public Key PEM"
- GPG Public Key (to export an encrypted file)
Important: If your destination SFTP server needs to add any IP addresses to an allowlist (whitelist) to establish a connection, you must contact support@infosum.com to obtain the list of InfoSum IP addresses that needs to be added to the allowlist.
You can activate results to a file using either Segment Builder or the Query Tool. Go to the Activation tab under Activate, where you will see some information about the campaign and its status. The total rows gives you an insight into the size of the dataset, before pushing it to the destination.
At the bottom of the page, you will see a box providing more details on the campaign, such as the query used and the name of the output column. There are three menu tabs within this box - Details, Export Configuration and Export History. Once you've pushed the results, the details and status will be viewable under the Export History tab.
For now, switch to Export Configuration and use the slider to enable SFTP. The form below will now appear. Once you've filled in and saved the connection details, press Save and switch to Host Verification.
The above form contains four different tabs:
- Connection - Fields: Host, Port, Path
- Authentication - Fields: Username, Password or Private Key Pem
- Host Verification - Fields: Authorized Keys or Known Hosts or Public Key Pem
- GPG Encryption - GPG Public to encrypt the file
You may need to enter three different keys for different purposes. Here are the keys.
User's SSH private key:
You can ignore this field if you are establishing a connection using a password.
This is a user authorization key (User's SSH private key) replacing the password and will be in the form of a public/private key pair.
If you are establishing a connection using SSH key/password-less, you will need to add the public ssh key into the authorized keys file on your server and put the private SSH key in the Private Key Pem field in UI.
Host Verification Key:
You will need to enter a host public key in one of the below format (You need to enter only one)
- Host Public Keys (OpenSSH authorized_keys format) - "Authorized Keys" in the Bunker UI
- Host Public Keys (OpenSSH known_hosts format) - "Known Hosts" in the Bunker UI
- Host Public Keys (PEM Format) - "Public Key PEM" in the Bunker UI. Currently, we only support PKIX format for public keys. The PEM block with "PUBLIC KEY" will go to this field.
Please note this key is NOT the same as the public part of the user SSH key, this is a public key associated with your server, not with your user.
You can find this key in one of three ways:
1) Your IT team can look it up on the server (probably in the /etc/ssh directory) and there will be a number of files e.g.
- ssh_host_ecdsa_key.pub
- ssh_host_ed25519_key.pub
The contents of one of these files can just be put straight into the "Authorized Keys" field in the Bunker UI. An example format for the ecdsa file:
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdH..........<redacted>........LB9u5V+o
2) You can SSH into your server then generate a key pair using the following command "ssh-keygen -F <hostname>" then look up in your local known_hosts file for the public key for that host.
3) If you are exporting data to a partner's SFTP server, you can use ssh-keyscan if you cannot obtain it from the owner/provider of the SFTP service. For details, see finding the host verification key for an SFTP server.
GPG Key:
You can ignore this field if you are not exporting an encrypted file.
You will need to generate a public/private key pair. You need to provide GPG public key to encrypt your file.
When you entered all required fields, click Save. When you select Save, the Activate button will become clickable. Selecting this button will begin the file stream.
Switch to the Export History tab to see the status and check for any errors. Once the status has a green tick, the file has been successfully pushed to the SFTP server.
If you are experiencing slower than expected import/export speeds and you're using a VPN or firewall that can block data upload or download, please refer to Add IP addresses to an Allowlist.