Server Tab - Remote SFTP Server Connections

Getting there


Note: To be able to use this feature you must be running Reflection for Secure IT Web Edition.



The name or IP address of the remote SFTP server.


The Secure Shell port used by the SFTP server. The default is 22.

Host key


Click this button to retrieve the public key used to authenticate the SFTP server. The Reflection for Secure IT server retrieves the key and displays a confirmation dialog box. Host keys are stored in the Reflection for Secure IT database.

Note: This key is used if you configure additional connections to the same server.




This option is available when the fingerprint of a retrieved key is displayed. Use it to remove a retrieved key from the database.

Note: Clearing the host key disables access to any other directories you have configured on this host where strict host key checking is enabled.



After you have accepted the public key from the specified host, this field displays the MD5 fingerprint of the key.

Note: The key fingerprint is automatically displayed if the key for this host is already in the Reflection for Secure IT database.


Enforce strict host key checking

When this checkbox is enabled (the default), the Reflection for Secure IT server will connect to the remote host only if the public key presented by the host matches the retrieved key.

When this checkbox is cleared, the Reflection for Secure IT connects to the host without checking the remote host key. It will update the key stored in the database with any key presented by the host.


Remote SFTP username

The name of a user account on the remote server. This account must have appropriate access rights for the directory you are making available.


Select this option and enter a password to authenticate to the remote server using the user's password. The password is stored in encrypted form in the Reflection for Secure IT database.

Public key authentication

Select this option to authenticate the remote user using public key authentication.

Note: To use public key authentication, you must first have a public/private key pair for the user you specified for Remote SFTP username, and configure the remote server to authenticate this user using the public key.



Import private key

This option is available if you have selected Public key authentication. Click this button to locate the key that you are using to authenticate the user to the remote SFTP server. This imports the private key into the Reflection for Secure IT database.


  • The private key is stored in encrypted form in the Reflection for Secure IT database.
  • If the key is passphrase-protected, you will need to enter the passphrase to import the key. After the import, the key is used without a passphrase to authenticate the remote user to the remote server.





Descriptive information about the private key.



The MD5 fingerprint of the private key

Remote base directory


Specifies the directory on the remote server that will be available to client users connecting to Reflection for Secure IT. User access will be limited to this directory and its subdirectories. You can type a path or use the Browse button.

Note: The directory must be one that is available to the user you specified in the Username field.



Opens a directory view of directories on the remote server.


Note: The connection to the remote SFTP server is made using an SFTP client that is included with Reflection for Secure IT. The encryption settings used by this client are the same as those configured for the server on the Encryption pane.

Related Topics

Configure Access to Directories on a Remote Server

Secure File Transfer