Skip to main content

SFTP Setup Instructions

Marissa Tingey avatar
Written by Marissa Tingey
Updated over a week ago

Note: This article contains technical instructions for setting up an SFTP integration and is intended for your IT department or HRIS representative.

A Secure File Transfer Protocol (SFTP) integration allows you to sync employee data securely from your HRIS into Nectar. This is a one-way import using data files from either your HRIS system (if it supports SFTP) or a third-party SFTP client.

If needed, contact your HRIS representative for support. For help from Nectar, email [email protected] or your Nectar account manager .

Where do I set up the SFTP integration in Nectar?

To begin the setup:

  1. Navigate to Admin > Integrations in the left-hand sidebar.

  2. Select HRIS SFTP Sync.

  3. Click Connect SFTP.

This will take you to the setup form where you'll enter your public SSH key and email address.

How do I create SSH Key Pairs for the connection?

An SSH Key Pair secures the connection between your HRIS/SFTP client and Nectar.

What is an SSH Key Pair?

  • A private key stays securely on your machine or system.

  • A public key is copied into Nectar.

Note: Only openSSH key pairs are supported. SSH2 keys must be converted (see below for instructions).

Converting SSH2 Key steps:

Step 1: Check your command line tool

You'll need access to a command line tool to generate keys.

Mac:

  • Press Command + Space and type Terminal.

Windows:

  • Click Start, type cmd, and open Command Prompt.

Tip: If you don’t have access to a command line, try a tool like PuTTYgen (free SSH key generator for Windows).

Step 2: Generate the key pair

  1. Run the command:

    ssh-keygen -t rsa

  2. When prompted, choose a file path and name (e.g., /users/yourname/sftp-keys/nectar-key).

    • Tip: Create a new folder to avoid overwriting existing keys.

  3. (Optional) Set a passphrase for added security.

  4. After generation:

    • Copy the public key into the Employee Data Integration setup page in Nectar.

    • Upload the private key to your HRIS or SFTP client.

PLEASE NOTE: Never share your private key via email or unsecured channels. You can generate multiple key pairs if needed.

Helpful links

  • There's specific information about how to correctly format and save SSH keys here.

  • The popular SFTP Client Filezilla has helpful documentation about how to set up keys here - https://wiki.filezilla-project.org/Howto

How do I upload employee data files using SFTP?

Once your key pair is added and the integration is enabled, you can start uploading employee data files.

Use your SFTP client with the following settings:

  • Protocol: SFTP

  • Logon Type: Key File

  • Host/Hostname: (from Nectar setup page)

  • Username: (from Nectar setup page)

  • Target directory: / (if required)

Both hostname and username are case-sensitive—copy them directly from Nectar.

Files should be in .CSV or .XLSX format, with:

  • UTF-8 encoding

  • Comma (,) as the separator

  • File names need to have the extension noted.

    • For example we can't process a file called "CompanyNameUsers" but we can process that same file if it's "CompanyNameUsers.csv"

Important: Files can only be .CSV or .XLSX format. Nectar is not able to support .fileparts or other file types.

What should I do if the SFTP connection fails?

Error: Connection refused

  • This often means a firewall is blocking the connection.

  • Ensure outbound access is allowed on TCP Port 22 to the hostname (not a static IP).

Error: SSH2 key not supported

  • Run this command to convert an SSH2 public key to openSSH format:

    ssh-keygen -i -f ssh2.pub > openssh.pub

Switch to use new path for existing employee data integration

  • If you had a working Employee Data Integration but it fails, it could be because our hostname has changed. You can reset your integration to use the new hostname/target directory by:

  1. Log in to Nectar and navigate to Admin > Integrations > HRIS SFTP Sync

  2. Copy your existing Public Key from the Public Key field to Notepad or Textedit temporarily.

  3. Disable the integration by clicking ‘disable’ under the ‘Employee Data Integration’ button at the top of the screen

  4. Re-enable the Employee Data Integration by clicking on the EDI button again. Supply the same public key and email as was used previously.

  5. Now go to your SFTP client’s settings (depending which client you are using) to update the hostname there, using the hostname that appears in the newly-saved Employee Data Integration form (the hostname should start with "sftp.")

  6. Also in your SFTP client’s settings, ensure that the target directory name is set to /csvs-to-be-processed/companyid.

  • If your SFTP has an ability to test the connection, be sure to check that the updated settings are operational.

Related Articles
What is the Automated Birthday Award?
What is the Automated Work Anniversary Award?
How do I sync employee data with Nectar using SFTP?
Setting Up Single Sign On (SSO) in your Nectar Account
How do I add additional users or licenses?
Did this answer your question?