Apisero is now part of NTT DATA - Learn more.

Close this search box.

Connect SFTP Server With Public Key Authentication In MuleSoft

Author: Saddam Shaikh

In this blog, we will learn how to connect to an SFTP server using public key authentication in MuleSoft.

What is SFTP?

SFTP stands for Secure File Transfer Protocol. It is the successor to File Transfer Protocol (FTP) and built on FTP and includes Secure Shell (SSH) components to provide data security. SFTP protocol is used for transferring large files over the internet securely.

What is Public Key Authentication in SFTP?

SFTP authentication using public/private key pairs is known as SFTP public key authentication. To implement this authentication in SFTP, we need to generate public/private key pairs and assign public key to your SFTP users. Each key pair must be associated with one user only. Once you’ve generated a key pair for a user, you would then place the user’s public key on your SFTP server and share the corresponding private key to the user. The user must keep his private key in a secret place to avoid unauthorized access. Public key authentication can be used in scenarios where we need to use a highly secure authentication method for SFTP server access. Also, we can set up single sign-on (SSO) across multiple SFTP servers for users using public key authentication. 

Generate Public/Private key pair:

We can generate the key pair using the ssh-keygen command in Windows. You can refer to the ssh-keygen documentation to generate ssh key pairs.
command: ssh-keygen -t rsa -m PEM 

Command to generate public/private key pair
Steps to setup SFTP server on Windows Machine:

1. Go to Settings > Apps > Apps & features > Optional features and click on Add a feature.

2. Search “OpenSSH server” feature and select Install. Binaries are installed to %WINDIR%\System32\OpenSSH.

3. Go to Control Panel > System and Security > Administrative Tools and open Services. Locate OpenSSH Authentication Agent and OpenSSH SSH Server service and right-click and start both services.

Windows Services Snapshot

4. Setting up SSH public key authentication.

  • Create the .ssh folder (for the authorized_keys file) in your Windows user profile folder (typically in C:\Users\username\.ssh).
  • Create authorized_keys file and add a public key to it.
authorized_keys file Snapshot
  • Go to “%ProgramData%\ssh directory and open sshd_config file to set SFTP user root directory using the ChrootDirectory parameter and enable public key authentication by setting PubkeyAuthentication to yes.
sshd_config file snapshot

We have completed the SFTP configuration part on windows. Let’s start with the MuleSoft configuration.

1. Download the SFTP connector from Exchange. I am using the 1.4.0 SFTP connector version.

2. Add ‘SFTP Config’ in Global Elements and configure the below fields:

Working Directory: directory to be considered as the root of every relative path used with this connector
Host: SFTP server hostname
Port: 22
Username: SFTP user’s username
Identity file: private key of SFTP user
Passphrase: private key password

SFTP Config

3. Click on Test Connection.

Test Connection Result

4. Create mule flow using this configuration in “On New or Updated File” and check whether you are able to receive events if files are created/updated/deleted in the SFTP folder.

On New or Updated File configuration
Event received Snapshot

I hope you find this article helpful. Thanks for reading it.


1. https://winscp.net/eng/docs/guide_windows_openssh_server


We use cookies on this site to enhance your user experience. For a complete overview of how we use cookies, please see our privacy policy.