SAP Knowledge Base Article - Public

2963487 - Supported SSH Encryption for Integration center


What are the supported SSH Encryption for Integration center Outbound connection to Non-SuccessFactors/Private SFTP


  • SAP SuccessFactors HXM Suite
    • Integration Center


Integration Center is using SFTP java client jsch jar with version 0.1.54 in BIZX to connect to SFTP hosts.

It supports the following SFTP communication algorithms:

Key Exchange Algorithm :
ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-sha1, diffie-hellman-group1-sha1

Encryption Algorithm:
aes128-ctr, aes128-cbc, 3des-ctr, 3des-cbc, blowfish-cbc, aes192-ctr, aes192-cbc, aes256-ctr, aes256-cbc

Message Authentication code Algorithms:

Host-Key Algorithm:


For SFTP authentication, Integration center supports both Basic Auth and certificate based Auth, and in certificate based Auth, it supports Asymmetric algorithms - RSA  ssh keys.

For more information please refer to the Integration Center - User Assistance Guide

If you wish to find out how to convert downloaded Public key to ssh-rsa format please note there are a number of resources available online. Please also note the SAP SuccessFactors does not support the OpenSSH format key generation and therefore we do not recommend its use.

To clarify, OpenSSH is a SSH communication utility developed on SSH Protocol and SAP SuccessFactors' Integration Center supports OpenSSH. If you want to use the key based authentication, you will need to generate the SSH keys in the Security Center. These SSH keys that are generated in the Security Center do not currently support the new OpenSSH key format which was made available from OpenSSH version 7.6 onwards. In other words, the Security Center always generates old format SSH keys so you still can use those SSH keys to connect to SFTP Servers running on the newer OpenSSH versions.

See Also

Port 22 is a standard port at SAP and is allowed to have Outbound connection to external ftp with this port.

2395508 - IP addresses to be added into allow list when customer's own sftp is used with Integration Center


Integration Center, 3rd Party SFTP, SSH, Oubound Integration, SFTP, Ciphers, Key Exchange Algorithm, Encryption Algorithm, Message Authentication code Algorithms, Host-Key Algorithm, RSA, DSA , KBA , LOD-SF-INT-INC , Integration Center , LOD-SF-INT , Integrations , LOD-SF-INT-INC-JOB , Integration Center Job , How To


SAP SuccessFactors HXM Core all versions