Connect to Lyft's SFTP service for automatic syncing

Lyft's SFTP service offers a secure and scalable way to automatically manage your people, Expense Info, and reports, so you don't have to do the heavy lifting.


Connect to Lyft's SFTP service

Employee management systems with SFTP functionality, such as Oracle and Workday, can be easily connected to the Lyft Business Portal to begin using automatic syncing features. Connect to Lyft's SFTP server in 3 easy steps:

  1. Generate your public SSH key
  2. Enter your generated public SSH key and an email address for your technical contact in the Lyft Business portal
  3. Use the SFTP folder directory to upload your organization's information for automatic syncing
After successfully connecting to Lyft's SFTP server, your organization will be enabled to use the following automatic sync products: People SyncExpense Sync, and Reports Sync


Generate your public SSH key 

Typically, someone from your organization's IT department can generate your public SSH key. 

On Mac/Linux systems:

  1. In a terminal window, run the following command to generate a public RSA key: 
    ssh-keygen -t rsa -b 4096
  2. You'll be asked to enter an optional passphrase. You can either decline to or choose to create a passphrase. If you choose to create a passphrase, you will need to use it every time you connect to Lyft's SFTP server
  3. To open the folder, type:
    open ~/.ssh/
  4. In the folder, you'll see a file named id_rsa.pub. This is the public SSH key that you'll enter into the Lyft Business Portal

On Windows systems:

  1. You can download and use PuTTY and PuTTYGen to generate your SSH-2 RSA key on Windows
  2. Select RSA as the type of key to generate

    image002.png
  3. In the Number of bits in a generated key field, enter 4096
  4. Click Generate and follow PuTTY's instructions to create the key
  5. Once the key is generated, click Save public key and Save private key to save both as a file on your computer — the private key is what you'll use to authenticate with and the public key is what you'll enter into the Lyft Business Portal. We recommend naming the public key file id_rsa_public when saving it for Windows to open the file correctly
  6. Next, open the public key file id_rsa_pub in Windows Notepad
  7. Copy the contents of the public key file from Notepad. This is your public key. Now, you're ready to move on to entering your copied public key into the Lyft Business Portal.


Enter your generated public SSH key and an email address for your technical contact in the Lyft Business portal

  1. Copy the generated public SSH key
  2. Log into the Lyft Business Portal
  3. Click Settings from the left-hand sidebar
  4. Click Automation under Settings
  5. Feel free to read about automation via SFTP on the Automation page. When you're ready, click Start setup
  6. Paste the generated public SSH key into the SSH key field
  7. Enter in the email address of the person who should receive email notifications about status updates and issues for your organization's SFTP connection in the Technical Contact Email field. This can be the person from your IT department, for example, who would be best equipped to help solve any technical issues
  8. Click Enable SFTP syncing
  9. Upon successful connection, a green banner will appear stating SFTP sync has been successfully enabled.
It is possible that Lyft's SFTP server may encounter an error that is blocking a successful connection. Learn more about common issues and how to solve them in our best practice and troubleshooting guide for connecting to Lyft's SFTP server.


Use the SFTP folder directory to upload your organization's information for automatic syncing

Once you have successfully connected to Lyft's SFTP server, you'll have access to a folder directory with the following default folders visible:

  • /users/
  • /users_logs/
  • /expensing/
  • /reports/


/users/ 

The /users/ folder is used for uploading your employee roster to People Sync. It is important to note that you will need to contact Support or your Lyft Business account manager to enable People Sync before the /users/ folder can be used. 

Lyft SFTP servers will read this folder for an updated employee roster each day to automatically update employee permissions.


/users_logs/

Your People Sync audit and error log can be found in the /users_logs/ folder. The log contains information on the current status of your sync. The log will alert you to the success and/or partial success of your file sync, or an unsuccessful sync of your file due to errors. You'll also find descriptions of the errors and how to fix them.


/expensing/

The /expensing/ folder is used for uploading your Expense Info to Expense Sync. This folder is available for immediate use as soon as your organization is connected to Lyft's SFTP server. You do not need to reach out to Support or your account manager to enable Expense Sync. 

Lyft SFTP servers will read this folder each day for an updated list of Expense Codes and/or Expense Notes, and will update the Expense Info available to your people when they take a business ride accordingly.

 

/reports/

The /reports/ folder is where you can find automatically generated reports via Reports Sync based on the cadence that your organization chooses — daily, weekly, or monthly. Reports Sync will generate reports automatically and immediately, so you do not have to contact Support or your account manager to begin reading the /reports/ folder.

You should not upload any additional files into the /reports/ folder and Lyft SFTP servers will not be looking for any updated information from this folder.


Best practices for connecting to Lyft SFTP service 

Below are best practices and basic troubleshooting steps to prevent common issues you may experience when attempting to connect to Lyft's SFTP service for automatic syncing in the Lyft Business Portal.

  1. Testing your organization's firewall to ensure Lyft's SFTP server can pass through
  2. Ensuring you are using the correct type of public SSH key, in the correct format
  3. Providing the correct single public SSH key that matches your single private key
If you are experiencing an issue that is not found in this article, please contact us for support.


First, let's make sure your internal systems are optimal for a successful connection by testing your organization's firewall.

Lyft's SFTP server will need to be able to get past your firewall to successfully make a connection. If you're not able to connect to the server, your firewall is likely blocking the server and you may see the following error message:

  • "Something went wrong. Please try again."

To ensure the Lyft server can pass through the firewall, please whitelist the static IP 3.225.63.165 for port 22. Then, please follow the steps below to run a test to see if your organization's firewall is still blocking Lyft's SFTP server:

  1. Connect to host: sftp.lyft.net 
  2. Connect to port: 22
  3. Run the following command line to attempt to connect: sftp -v -o "IdentitiesOnly yes" -F/dev/null -i <PRIVATE_KEY_FILE> <SFTP-username> @sftp.lyft.net
  4. Verify that the host key signature matches ssh-rsa SHA256:iwGSCokiIJOCp5L5Vi+9UVLR0ktLxNifI6kA89rB8UA


If you're able to connect successfully, you're all set! Your firewall settings are optimal for a connection.


Next, ensure you're using the correct SSH-2 key type, in the correct format 

Currently, our software only accepts SSH-2 public keys. Using an OpenSSL key format will result in a failed connection. If you attempt to submit the wrong SSH key type, you may see the following error message when attempting to establish a connection:

  • "SSH key must adhere to SSH-2 format"

If you need to convert from OpenSSL to SSH-2, use the following command line. Remember to replace your_key in your_key.pub with the OpenSSL key that was generated:

  • ssh-keygen -e -f your_key.pub > ssh2_key.pub

See an example of a valid SSH-2 key below:

---- BEGIN SSH-2 PUBLIC KEY ----
Comment: "2048-bit RSA, converted by vmuruganan\\
tham@vmuruganantham-mbp"
AAAAB3NzaC1yc2EAAAADAQABAAABAQDBUSvBlUnkDWNtjD7iHPHs2ffzN9wrAMIerMSsn7
Mf5ZZp9neSwkTP93WRQYR7SPGf3Qu5tISJIv7mlOCndFvQ0HkPmYvpSx0HLR514t/tXcqE
8LlfYMgOGJ7G+03nlf2E+bXDVHdU8xNKazexKL9HEQBDByNZhqzGfWNI+opzfuvzc0VV99
6JiI+ObjRipMOKKWMBoazYLOTqYVhCDZkX9XbKLaO7wRBqMGSqnbNA7bxRE0WeBvfTTXtU
hyIJk1IwJCkCndePwmQaEGJcbRgB1pgvHJoJY8paiZK6MRQQ8huMd00jKmvHw1PrpAFVH1
GZLRzRIZxGC5QE692/mavv

---- END SSH-2 PUBLIC KEY ----


Lastly, make sure you are providing the Lyft server with the correct public SSH key that matches your private key

To successfully connect to Lyft's SFTP server, a single public key must be entered that matches your organization's single private key. If multiple public keys are sent, or you have more than one private key for your public key, during the secure "handshake" that Lyft's server performs to test a connection, you may experience two of the following issues:

  1. FileZilla is unable to connect on a Mac

    To prevent FileZilla from using other keys, start the program in the Terminal App using the following command:

    SSH_AUTH_SOCK="" open /Applications/FileZilla.app

  2. Socket connection closed

    Use this command to test whether you can successfully connect:

    sftp -v -o "IdentitiesOnly yes" -F/dev/null -i <PRIVATE_KEY_FILE> <SFTP-username> @sftp.lyft.net

Back to top