Connecting to Lyft's SFTP service for automatic syncing

Learn more about Lyft's SFTP service and how it offers a secure and scalable way to automatically manage your people, expense Info, and reports, so you don't have to do the heavy lifting.

In this article, we'll cover: 


How to connect to Lyft's SFTP service

Employee management systems with SFTP functionality, such as Oracle and Workday, can be easily connected to the Lyft Business Portal to begin using automatic syncing features. Connect to Lyft's SFTP server in three easy steps:

  1. Generate your public SSH key
  2. Enter your generated public SSH key and an email address for your technical contact in the Lyft Business portal
  3. Use the SFTP folder directory to upload your organization's information for automatic syncing
After successfully connecting to Lyft's SFTP server, your organization will be enabled to use the following automatic sync products: People SyncExpense Sync, and Reports Sync


Generate your public SSH key 

Typically, someone from your organization's IT department can generate your public SSH key. 

On Mac/Linux systems:

  1. In a terminal window, run the following command to generate a public RSA key: 
    ssh-keygen -t rsa -b 4096
  2. You'll be asked to enter an optional passphrase. You can either decline to or choose to create a passphrase. If you choose to create a passphrase, you will need to use it every time you connect to Lyft's SFTP server
  3. To open the folder, type:
    open ~/.ssh/
  4. In the folder, you'll see a file named id_rsa.pub. This is the public SSH key that you'll enter into the Lyft Business Portal

On Windows systems:

  1. You can download and use PuTTY and PuTTYGen to generate your OpenSSH RSA key on Windows
  2. Select 'RSA' as the type of key to generate

    image002.png
  3. In the 'Number of bits in a generated key' field, enter 4096
  4. Click 'Generate' and follow PuTTY's instructions to create the key
  5. Once the key is generated, click 'Save public key' and 'Save private key' to save both as a file on your computer — the private key is what you'll use to authenticate with and the public key is what you'll enter into the Lyft Business Portal.
  6. Copy the contents of the field 'Public key for pasting into OpenSSH authorized_keys file' from PuTTY. Now you're ready to move on to entering your copied public key into the Lyft Business Portal.


Enter your generated public SSH key and an email address for your technical contact in the Lyft Business portal

  1. Copy the generated public SSH key
  2. Log into the Lyft Business Portal
  3. Click 'Settings' from the left-hand sidebar
  4. Click 'Automation' under Settings
  5. Feel free to read about automation via SFTP on the Automation page. When you're ready, click 'Start setup'
  6. Paste the generated public SSH key into the SSH key field
  7. Enter in the email address of the person who should receive email notifications about status updates and issues for your organization's SFTP connection in the 'Technical Contact Email' field. This can be the person from your IT department, for example, who would be best equipped to help solve any technical issues
  8. Click 'Enable SFTP syncing'
  9. Upon successful connection, a green banner will appear stating 'SFTP sync has been successfully enabled.'


Use the SFTP folder directory to upload your organization's information for automatic syncing

Once you have successfully connected to Lyft's SFTP server, you'll have access to a folder directory with the following default folders visible:

  • /users/
  • /users_logs/
  • /expensing/
  • /reports/


/users/ 

The /users/ folder is used for uploading your employee roster to People Sync. It is important to note that you will need to contact Support or your Lyft Business account manager to enable People Sync before the /users/ folder can be used. 

Lyft SFTP servers will read this folder for an updated employee roster each day to automatically update employee permissions.


/users_logs/

Your People Sync audit and error log can be found in the /users_logs/ folder. The log contains information on the current status of your sync. The log will alert you to the success and/or partial success of your file sync, or an unsuccessful sync of your file due to errors. You'll also find descriptions of the errors and how to fix them.


/expensing/

The /expensing/ folder is used for uploading your Expense Info to Expense Sync. This folder is available for immediate use as soon as your organization is connected to Lyft's SFTP server. You do not need to reach out to Support or your account manager to enable Expense Sync. 

Lyft SFTP servers will read this folder each day for an updated list of Expense Codes and/or Expense Notes, and will update the Expense Info available to your people when they take a business ride accordingly.

 

/reports/

The /reports/ folder is where you can find automatically generated reports via Reports Sync based on the cadence that your organization chooses — daily, weekly, or monthly. Reports Sync will generate reports automatically and immediately, so you do not have to contact Support or your account manager to begin reading the /reports/ folder.

You should not upload any additional files into the /reports/ folder and Lyft SFTP servers will not be looking for any updated information from this folder.


Best practices for connecting to Lyft SFTP service 

Below are best practices and basic troubleshooting steps to prevent common issues you may experience when attempting to connect to Lyft's SFTP service for automatic syncing in the Lyft Business Portal.

  1. Testing your organization's firewall to ensure Lyft's SFTP server can pass through
  2. Ensuring you are using the correct type of public SSH key, in the correct format
  3. Providing the correct single public SSH key that matches your single private key
If you are experiencing an issue that is not found in this article, please contact us for support.


First, let's make sure your internal systems are optimal for a successful connection by testing your organization's firewall.

Lyft's SFTP server will need to be able to get past your firewall to successfully make a connection. If you're not able to connect to the server, your firewall is likely blocking the server and you may see the following error message:

  • "Something went wrong. Please try again."

To ensure the Lyft server can pass through the firewall, please whitelist the static IP 3.225.63.165 for port 22. Then, please follow the steps below to run a test to see if your organization's firewall is still blocking Lyft's SFTP server:

  1. Connect to host: sftp.lyft.net 
  2. Connect to port: 22
  3. Run the following command line to attempt to connect: sftp -v -o "IdentitiesOnly yes" -F/dev/null -i <PRIVATE_KEY_FILE> <SFTP-username> @sftp.lyft.net
  4. Verify that the host key signature matches ssh-rsa SHA256:iwGSCokiIJOCp5L5Vi+9UVLR0ktLxNifI6kA89rB8UA


If you're able to connect successfully, you're all set! Your firewall settings are optimal for a connection.


Next, ensure you're using the correct OpenSSH key type, in the correct format 

Currently, our software only accepts RSA public keys in OpenSSH format. If you attempt to submit the wrong SSH key type, you may see the following error message when attempting to establish a connection:

  • "SSH key must adhere to OpenSSH format"

See an example of a valid OpenSSH key below:

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAmWFTEclZLqR+Sv9jPkyv6KaJwDN4uc0GW2SJSS7z0Ph9kTC0dZaQtBG50pwCsFNpmG+hQbxFabA2k0tJvSbnNj2dXhqzlE4/GPPky4pQJ5p9H3vE7KKhTW6Q++xp60ASPBdSmlPaaDWI9mBHR2hoPNTZeRCnlVaf3bQ4NZn5hxwONCDH44QJtgBUGEHlTlmaRJKkhUkKj1JF2QUEKkeXZIB9MuwkGUHRAREsUJNXUlT6sV4I1/xgRpwAh246k4SX6O11cwxI/GdamuqWdv/KpGFCpjIHjD8R6rMgBtP76cF/tjjsQKHv71LocVq9J1hv56/6C1ga7Qao2YLKZUPX7ZOwYcwTs94BDRBzi9U2W/4waigMAsIXOvxXTpQVC2oWo1bBjS0aPk33kqE5Z4lvt/c7s+ErAtrTTt0VRvYarTKBBF8/gbOXfODRXtWmKLoXP2SA0T1csLfRB0tU+DLufgSBj+xHiuhnETl5qwRqSm0w7mUOeh+x8sfdkmS01uxeSbMb24k6ceXrUe6Qiuz7IMl25xkrpz8q1B4wYgqF2blTl/Aeg8q/sWHrkuVJS+yeiCqgL59Pw15gsp5t6QaXsGFIBa+I2SJjNY7VLKY3tbouBzMLKwQBQ4pu9E/+Dfrz0PUW79nQvAae2LrHzJMoU/FxGxS35Gm7NkQG58IdfKU= rsa-key-20201029

 

Lastly, make sure you are providing the Lyft server with the correct public SSH key that matches your private key

To successfully connect to Lyft's SFTP server, a single public key must be entered that matches your organization's single private key. If multiple public keys are sent, or you have more than one private key for your public key, during the secure "handshake" that Lyft's server performs to test a connection, you may experience two of the following issues:

  1. FileZilla is unable to connect on a Mac

    To prevent FileZilla from using other keys, start the program in the Terminal App using the following command:

    SSH_AUTH_SOCK="" open /Applications/FileZilla.app

  2. Socket connection closed

    Use this command to test whether you can successfully connect:

    sftp -v -o "IdentitiesOnly yes" -F/dev/null -i <PRIVATE_KEY_FILE> <SFTP-username> @sftp.lyft.net

Back to top