Why must I use a non-encrypted SFTP key?

When you enter SFTP settings in UpdraftPlus, if you choose to use a key (rather than a password), then UpdraftPlus will only accept a non-encrypted key. Why is this?

Simply, because an encrypted key cannot be used to login to your SFTP server. “Encrypted” means that it is in a scrambled form, and useless to anyone who has it (that’s the point of encryption). It only becomes useful when unscrambled, via the decryption passphrase.

If there were a setting in UpdraftPlus to allow the decryption passphrase to also be entered, then this would be entirely equivalent to simply entering the unencrypted key instead. The only point of an encrypted key is if the decryption phrase is kept somewhere separate to the encrypted form – e.g. the key is on disk, and you type in the decryption phrase at the moment of using it. An unattended procedure (like scheduled backups) where both parts are in the same place (e.g. plugin settings) isn’t such a situation.

SFTP settings

Posted in: FTP