File-based datasets
Customers can access upload their climate data through the Gardin SFTP (Secure Shell File Transfer Protocol) service.
Getting started
1. Generate an SSH key pair
For maximum security, the Gardin SFTP service uses key-based authentication to identify users and authorise new connections.
It is recommended that you generate a new SSH key pair specifically for use with the Gardin SFTP service.
The Gardin SFTP service accepts RSA-, ECDSA-, and ED25519-formatted keys. Choose the appropriate command based on the type of key-pair you are generating.
Once generated, you will share the public key with Gardin, and use the private key to authenticate. The Gardin SFTP service will confirm that the public key we have on record and the private key you have provided cryptographically match. If they do, access is granted. If they do not, access is denied.
macOS and Linux
- On macOS, Linux, or Unix operating systems, open a command terminal.
- Generate a new key, specifying an optional passphrase for extra security if you would like to.
key_name is the SSH key pair file name.
- To generate an RSA 4096-bit key pair:
ssh-keygen -t rsa -b 4096 -f key_name
- To generate an ECDSA 521-bit key-pair (ECDSA has bit sizes of 256, 384, and 521):
ssh-keygen -t ecdsa -b 521 -f key_name
- To generate an ED25519 key pair:
ssh-keygen -t ed25519 -f key_name
The following shows an example of the ssh-keygen output:
ssh-keygen -t rsa -b 4096 -f key_name
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in key_name.
Your public key has been saved in key_name.pub.
The key fingerprint is:
SHA256:8tDDwPmanTFcEzjTwPGETVWOGW1nVz+gtCCE8hL7PrQ bob.amazon.com
The key's randomart image is:
+---[RSA 4096]----+
| . ....E |
| . = ... |
|. . . = ..o |
| . o + oo = |
| + = .S.= * |
| . o o ..B + o |
| .o.+.* . |
| =o*+*. |
| ..*o*+. |
+----[SHA256]-----+
When you run the ssh-keygen command as shown preceding, it creates the public and private keys as files in the current directory.
- Navigate to the `key_name.pub` file and open it.
- Copy the entire contents of the file and proceed to Step 2.
Windows
Windows uses a slightly different SSH key pair format. The public key must be in the PUB format, and the private key must be in the PPK format. On Windows, you can use PuTTYgen to create an SSH key pair in the appropriate formats. You can also use PuTTYgen to convert a private key generated using ssh-keygen to a .ppk file.
For a tutorial about creating SSH keys by using PuTTYgen on Windows, see the SSH.com website.
2. Request a SFTP service user account
Next, request an SFTP service user account via this form.
You will be asked to provide contact details and the public SSH key from Step 1. You will also be asked to accept the Gardin SFTP service acceptable use policy.
It is vital that you only share your PUBLIC ssh key with Gardin or anybody else, and not your private key. If your private key is shared, your SSH key will be compromised and should be REPLACED IMMEDIATELY.
If you believe your SSH key pair has become compromised, please contact the Gardin team via tech@gardin.co.uk as soon as possible.
Your request will be processed by the Gardin team, and if approved, you will receive an email confirming that your new user account has been created and providing your new username.
3. Connect to the SFTP service
Once you have received confirmation that your user account has been set up, you are ready to begin connecting using any standard SFTP client. Examples of these include:
- OpenSSH – A Macintosh and Linux command line utility.
- WinSCP – A Windows-only graphical client.
- Cyberduck – A Linux, Macintosh, and Microsoft Windows graphical client.
- FileZilla – A Linux, Macintosh, and Windows graphical client.
Below are the details you'll need to set up a connection to the SFTP service:
- Protocol: SFTP
- Host: sftp.gardin.ag
- Port: 22
- Authentication type: Key-based
- Username: As provided by Gardin.
As an example, here are instructions to setup a connection to the SFTP drop zone using Filezilla:
Download, install and open the FileZilla client.
Choose File, and then choose Site Manager.
In the Site Manager dialog box, choose New site.
On the General tab, for Protocol, choose SFTP .
For Host name, enter:
sftp://sftp.gardin.agFor Port number, enter
22For Logon Type, choose Key file.
For Key file, choose or enter the path to the SSH private key.
For User, enter the name for the user provided by Gardin.
Choose Connect.
If everything has worked, you should see some output similar to the following:
Status: Connected to sftp.gardin.ag
Status: Retrieving directory listing...
Status: Listing directory /
Status: Directory listing of "/" successful
Note that the hostname [s-341c97da020b48b5b.server.transfer.eu-west-1.amazonaws.com](http://s-341c97da020b48b5b.server.transfer.eu-west-1.amazonaws.com) may be referenced in SFTP client logs instead of sftp.gardin.ag. This is expected and legitimate - Gardin uses AWS to host our SFTP service.
4. Begin transferring files
You should now connected and able to upload files to your user area. Note that you will only be able to access files contained within your own user space.
Troubleshooting
Should you have any problems or questions whilst attempting to use the Gardin SFTP service please email tech@gardin.ag where one of the team will be able to assist you.