Skip to main content

SFTP Setup Instructions

Marissa Tingey avatar
Written by Marissa Tingey
Updated this week

Note: This article contains technical instructions for setting up an SFTP integration and is intended for your IT department or HRIS representative.

We recommend starting your SFTP setup here

A Secure File Transfer Protocol (SFTP) integration allows you to securely sync employee data from your HRIS into Nectar.

This is a one-way import — files are sent (or pulled) from your HRIS to Nectar’s SFTP server and automatically processed to keep your user list up to date.

1. Where do I set up the SFTP integration in Nectar?

  1. Log in to Nectar as an Admin.

  2. Navigate to Workspace Settings → Integrations → HRIS SFTP Sync.

  3. Click Connect SFTP.

  4. Enter:

    • Your Public SSH Key (details below)

    • A valid email address for notifications

  5. Click Save to generate your unique Hostname and Username.

    • Both are case-sensitive — copy them exactly into your SFTP client or HRIS configuration.

2. How do I create SSH Key Pairs for the connection?

An SSH key pair secures your connection to Nectar’s SFTP server.

This replaces traditional username/password authentication with a stronger, encrypted key-based method.

What is an SSH Key Pair?

  • The Private Key stays securely on your HRIS system or SFTP client.

  • The Public Key is pasted into the SFTP setup page in Nectar.

Important: Only OpenSSH key pairs are supported. If your HRIS generates SSH2 keys, they must be converted before use.

👈 Steps to Create an SSH Key Pair

Mac:

  1. Open Terminal (Command + Space → “Terminal”).

  2. Run the command: ssh-keygen -t rsa

  3. When prompted, choose a file path and name

  4. (Optional) Add a passphrase for added security.

  5. Copy the contents of the generated .pub file (your public key).

  6. Paste it into the Public Key field in Nectar.

  7. Upload the private key to your HRIS or SFTP client.

Windows:

  1. Open Command Prompt (Start → type cmd).

    • Or download PuTTYgen (a free SSH key generator).

  2. In Command Prompt, run: ssh-keygen -t rsa

  3. When prompted, choose a file path and name

  4. (Optional) Add a passphrase for added security.

  5. Copy the contents of the generated .pub file (your public key).

  6. Paste it into the Public Key field in Nectar.

  7. Upload the private key to your HRIS or SFTP client.

👈 Converting SSH2 Keys to OpenSSH

If your HRIS or SFTP client outputs keys in SSH2 format, convert them using:

ssh-keygen -i -f ssh2.pub > openssh.pub

This creates a compatible OpenSSH public key (openssh.pub).

PLEASE NOTE: Never share your private key via email or unsecured channels. You can generate multiple key pairs if needed.

3. HRIS/SFTP Client Configuration

Use your preferred SFTP client or HRIS system to establish the connection.

Field

Description

Protocol

SFTP

Authentication Level

Public key

Password for Connection

Private key matched to the public key provided and inputted in Nectar

Host / Hostname

Provided in Nectar on the Integrations page

Username

Provided in Nectar on the Integrations page

Port

22

Destination Directory

Use Root

Delivery Directory

/csvs-to-be-processed/username (see above for your username information)

Outbound File Name

Whatever you’d like, but must have the file extension of .csv or .xlsx

We recommend some variation of “CompanyNameNectarUsers.csv”

Export File Type

CSV (preferred) or XLSX

Delivery Frequency

We recommend a daily schedule in the early morning M-F. You can check with your CSM to make sure this schedule is best for your team.

Nectar Technical Contact

Your CSM will be the technical contact for Nectar. In some scenarios they may include our Integrations Specialist as well.

File Encryption

None. SFTP already encrypts by default.

4. Uploading Employee Data Files

Once connected, your HRIS or SFTP client should automatically upload your employee data files to Nectar.

File Requirements:

  • Accepted formats: .csv (preferred) or .xlsx

  • Encoding: UTF-8

  • Delimiter: Comma (,)

  • File name: Must include file extension

    • ✅ Example: CompanyNameUsers.csv

    • ❌ Not accepted: CompanyNameUsers

.txt files can be sent for connection testing purposes only.

Common Errors

Error Message

Cause

Solution

Connection refused

Firewall blocking port 22

Allow outbound access on TCP Port 22 to the Nectar hostname

SSH2 key not supported

SSH key not in OpenSSH format

Convert using ssh-keygen -i -f ssh2.pub > openssh.pub

No email key found. Failed formatting users.

Missing “email” column in uploaded file

Update the HRIS report to include an email field

File not processing

Incorrect file format or naming

Ensure the file has a valid extension and matches the required template

New Path for Existing Integration

If your SFTP integration fails after previously working, it may be due to an updated hostname or directory path.

To reset:

  1. Log in to Nectar → Workspace Settings → Integrations → HRIS SFTP Sync

  2. Copy your Public Key to a text editor (temporarily)

  3. Disable the integration

  4. Re-enable it and re-enter your Public Key and email

  5. Update your SFTP client settings with the new hostname and directory

  6. Test the connection to confirm successful upload

Additional Tips

  • Test your connection using your SFTP client before scheduling automated transfers.

  • Limit SFTP access to necessary systems only.

  • If switching HRIS systems, review the below page and contact your Customer Success Manager before making any changes.

Related Articles
How do I sync employee data with Nectar using SFTP?
Setting Up Single Sign On (SSO) in your Nectar Account
Setup your Slack Integration
How do I add additional users or licenses?
Switching Your User Provisioning Method in Nectar
Did this answer your question?