Data Extract Utility SFTP Key Exchange Manager

Last Modified on 04/10/2024 12:57 pm CDT

Tool Search: Data Extract Utility SFTP Key Exchange Manager

The Data Extract Utility SFTP Key Exchange Manager allows SFTP configurations within the Data Extract Utility to utilize a keypair between Infinite Campus and a third-party server(s) to bolster security for the data transferring process. Users can use this tool to generate an Infinite Campus public key to be shared with a third-party system.

In order to use established SFTP keys, an extract within the Data Extract Utility must be configured to use a Delivery Mode of SFTP. 

Screenshot of Data Extract Utility SFTP Key Exchange Manager

Users should have full tool rights (RWAD) to the Data Extract Utility SFTP Key Exchange Manager in order to properly access and use its functionality. Tool rights for this tool should only be granted to system administrators.

Create and Connect an Infinite Campus-Generated SFTP Key

  1.  Click the New button. The SFTP Key Exchange Configuration editor will appear.
    Screenshot of the new button and SFTP Key Exchange Configuration
  2. Enter a Name for the key. Choose a name that can be easily identified and differentiated from other keys.

    The Select Files... button (SFTP Server Public Key Upload (.pub file) field) is optional and should be ignored unless your vendor has supplied you with a .pub file from their server. If you have not been supplied a .pub file from the individual who administers the SFTP server/your vendor, do not hit Select Files. Proceed to the next step.

    If you do have a .pub file from your vendor/SFTP server and wish to use it, we will cover this later in the article

    NOTE: Infinite Campus must have a private key stored on its server in order to successfully complete the SFTP Key Exchange. This means you must generate a key within the Data Extract Utility SFTP Key Exchange and enter the generated .pub file into your SFTP server/vendor. Skipping this step and only importing your server's .pub file into Infinite Campus will not complete the authentication and will not successfully connect your extract from Infinite Campus to your server/vendor.

  3. Click Save. When the key successfully generates, a green notification box displays (see image above).
  4. A Key Management Options section is now available. Click the Download Client SFTP Public Key button. This generates a private key within your Infinite Campus server as well as a public key (.pub file). Download and save this .pub file.

    Screenshot of Download Client SFTP Public Key

  5. Once the key (.pub file) is downloaded, you will need to supply this file to whoever administers the SFTP server/your vendor and have them add it to their server, typically in the authorized_keys area of the server.

    Some vendors require you to provide them the key itself which can be obtained by opening the .pub file within a text editor (or compatible program) and copying the entire key (see below for example).

    Screenshot of the .pub file within a text editor (or compatible program) and the entire key

  6. Paste this key within your external SFTP system/server where you store your other authentication keys and save.

  7. Once this Infinite Campus-generated key has been successfully added and saved in your system's/server's key store, a new extract can be configured using the SFPT protocol with an SSH key within the Data Extract Utility or you can modify an existing extract to begin using the SFPT protocol with an SSH key.

  8. Navigate to the Data Extract Utility Setup Screen.

  9. To utilize this new key for an existing or new Data Extract Utility configuration:
    1. Select the SFTP Delivery Mode
    2. Mark the SFTP Key Exchange checkbox
    3. Select the key you just set up in the SFTP Key Exchange Configuration dropdown list (see the image below for an example).

  10. Once these are selected, select the Test Connection button to test and make sure the connection between Infinite Campus and your system is authenticating correctly. If tested and working correctly, click the Save icon.

    NOTE: Do NOT use SFTP Legacy (Being Deprecated). If you have previously set up the Data Extract Utility to use this Delivery Mode, you must update the configuration to use SFTP to avoid issues once the old SFTP mode is removed.

    Screenshot of sftp, sftp key exchange, and test connection

Import a Third-Party SFTP Key

To bolster security and create an even more secure connection between Infinite Campus and your SFTP server/vendor, you can import your server's .pub file and upload it within the Data Extract Utility SFTP Key Exchange tool. This is an optional layer of security and is not required in order to utilize SFTP Key Exchange functionality. 

NOTE: Infinite Campus must have a private key stored on its server in order to successfully complete the SFTP Key Exchange. This means you must generate a key within the Data Extract Utility SFTP Key Exchange and enter the generated .pub file into your SFTP server/vendor. Skipping this step and only importing your server's .pub file into Infinite Campus will not complete the authentication and will not successfully connect your extract from Infinite Campus to your server/vendor.

To upload your server's/vendor's .pub file (public key):

  1. Click the New button OR if you're reinforcing security for an existing key exchange configuration, select an existing configuration and skip to step 3.

  2. Enter a Name for the key. Choose a name that can be easily identified and differentiated from other keys.

  3. Click the Select Files button and select the key file (.pub file) from your local hard drive or network. NOTE: The key MUST be a .pub file.

    Screenshot of sftp key exchange and the key file (.pub file) from a local hard drive

  4. Once the key has been selected, it is uploaded into Infinite Campus and displays below the Select files button.

    screenshot of selected files and the save button

  5. Click the Save button. The key is now successfully imported and saved into Infinite Campus and extra layer of authentication security is now enabled. 

Manage SFTP Keys

The Key Management Options section allows you to do the following:

Refresh the Client SFTP KeypairThis generates a new keypair (private and public key). This is useful in the event of a potential security breach or any scenario in which a brand new keypair between Infinite Campus and your SFTP server/vendor would be needed.

NOTE: Refreshing the Client SFT Keypair means you will need to go through the process of placing the new .pub file on your SFTP server/vendor.
Download Client SFTP Public KeyThis is useful if you need access to an Infinite Campus SSH key.
Delete Server SFTP Public KeyThis is useful for deleting an expired, incorrect, or compromised key. Often this option will work in conjunction with the Refresh Client SFTP Keypair option where a user would first delete an old key, upload a new key and then refresh and repair the connection between Infinite Campus and your system.

Screenshot of key management options

Related Articles

Was this helpful?
Thank you for your feedback!
User Icon

Thank you!

Copyright ©️ 2010-2023 Infinite Campus, Inc. All rights reserved. | Terms of Use | Privacy Policy | infinitecampus.com