MOVEit Automation Web Admin Help

Importing SSH Client Keys

Save PDF

Importing SSH Client Keys

Save PDF

Last Updated: March 2, 2026
2 minute read

MOVEit Automation
Version 2023.1
Version 2023
Documentation

MOVEit Automation can import existing keys that have been generated elsewhere.

You can generate keys using readily available tools. The most common SSH implementation, OpenSSH, generates its keys via ssh-keygen, which is installed on most distributions of Linux, and is available on Windows 10 and Windows Server. The PuTTY Key Generator (PuTTYgen), part of the PuTTY utility that can be installed on Windows, can also be used to generate ssh client keys.

MOVEit Automation only supports importing the OpenSSH SSH-2 (old PEM) format. Other key formats can be converted to the PEM format using PuTTYgen or ssh-keygen. You can use MOVEit Automation to import password protected and unprotected keys.

Generating a key using ssh-keygen

A typical command to generate an ssh client key suitable to be imported into MOVEit Automation using ssh-keygen is: ssh-keygen -t rsa -m PEM

This command requires some information from the user, and you can optionally add a password. A private and public key of the correct format is created and saved to a specified location.

Generating a key with the PuTTY Key Generator

Use the PuTTY Key Generator GUI to create a key. PuTTYgen exports two files, one for a private key and one for a public key. To generate a file in the supported format, export the PuTTY key as an OpenSSH Key (using the Conversions menu). The passphrase you designate will also be used for the exported OpenSSH key. Do not use the use new format option.

To import an SSH Client Key into MOVEit Automation :

Transfer the key (the file that does not end in .pub) to the computer running MOVEit Automation Admin. (You might use FTP or FTP over SSH to do this transfer.)
In the Hosts tab, double-click the SSH host name.
In the Define SSH Host dialog, choose the ... button next to SSH Client Key.
In the Manage SSH Keys dialog, choose Import.
In the Enter Name dialog, choose an arbitrary name for the key. Click OK. (This name is used only as a label within MOVEit Automation )
Select the key file that you just transferred from the SSH server. Do one of the following:
- If the key file was encrypted on the server (this is rare, and would have been specified when the user ran ssh-keygen), enter the encryption password when prompted.
- Otherwise, leave the password field blank. Click OK.

The key is imported into MOVEit Automation . It can now be selected as the default SSH client key for this or any host, and can be selected as the SSH client key in tasks that override the default SSH client key for a host.

Configuring the key on the SSH server

After a key has been created, the SSH server must be configured to authorize the key for logon. The procedure for this depends on the type of SSH software running on the server. Contact the ssh/sftp server administrator for instructions on how to utilize a client key for logon.