This add-on is operated by Crazy Ant Labs
Create and instantly use SFTP servers from your Heroku Apps
SFTP To Go
Last updated 03 February 2019
The SFTP To Go add-on is currently in beta.
Table of Contents
SFTP To Go allows you to add fully managed cloud SFTP storage to your Heroku applications. SFTP is a standard network protocol for secure file access, transfer, and management.
Having a managed SFTP service enables you to exchange data with partners and customers securely in a standard protocol, without purchasing and running your own SFTP servers and storage. SFTP To Go is based on AWS offerings, making it highly scalable and highly available with multi-AZ architecture.
Provisioning the add-on
SFTP To Go can be attached to a Heroku application via the CLI:
A list of all plans available can be found here.
$ heroku addons:create sftptogo -----> Adding sftptogo to sharp-mountain-4005... done, v18 (free)
After you provision SFTP To Go, the
SFTPTOGO_URL config var is available in your app’s configuration. It contains the URL to your provisioned SFTP service, including the root username, password, and host. You can confirm this via the
heroku config:get command:
$ heroku config:get SFTPTOGO_URL sftp://user:email@example.com
The root user has read/write access to your entire SFTP service.
Once you provision the SFTP To Go add-on, there is nothing to set up. You and your application can immediately access your SFTP service.
After you provision the add-on, it’s necessary to locally replicate its config vars so your development environment can operate against the service.
Use the Heroku Local command-line tool to configure, run and manage process types specified in your app’s Procfile. Heroku Local reads configuration variables from a
.env file. To view all of your app’s config vars, type
heroku config. Use the following command for each value that you want to add to your
$ heroku config:get SFTPTOGO_URL -s >> .env
Credentials and other sensitive configuration values should not be committed to source-control. In Git exclude the
.env file with:
echo .env >> .gitignore.
For more information, see the Heroku Local article.
Using with Linux/Mac command line interface
Start an interactive SFTP session using the following command:
$ sftp user@host
You will then be prompted to enter your password.
Some of the simple commands you can use with SFTP:
||change the remote working directory to
||display remote path listing of
||quit sftp session.|
Using with graphical client tools
There are many available SFTP GUI clients, such as Cyberduck, WinSCP, FileZilla, and CloudBerry.
To use Cyberduck with SFTP To Go, copy the value of your
SFTPTOGO_URL config var to CyberDuck and click Quick Connect.
Using with Ruby
Ruby applications need to add the following entry into their
Gemfile specifying the Net-SFTP client library:
Update application dependencies with bundler:
$ bundle install
To download a file:
require 'net/sftp' require 'uri' sftptogo_url = ENV['SFTPTOGO_URL'] uri = URI.parse(sftptogo_url) Net::SFTP.start(uri.host, uri.user, :password => uri.password) do |sftp| # download a file or directory from the remote host sftp.download!("/path/to/remote", "/path/to/local") end
Using with other languages
Use The SFTP To Go dashboard to:
- Access your SFTP server’s information (host, user name, and password),
- Rotate your password. This generates a new password and changes the URI in the
- Get storage and bandwidth metrics to monitor your add-on usage.
- Add/remove/modify credentials (see below).
You can access the dashboard via the CLI:
$ heroku addons:open sftptogo Opening sftptogo for sharp-mountain-4005
or by visiting the Heroku Dashboard and selecting the application in question. Select SFTP To Go from the Add-ons menu.
Credentials and permissions
You can create more credentials to use within the same add-on instance using the UI:
- Click Add credential
- Optionally choose a nickname for the credential. This only shows in the UI.
- Select the level of permissions for the new user. By default the user has read-only access to her home directory. Read and write gives the user full access to her home directory. Use None to remove all permissions for the user (but keep the user intact).
- Click Add credential. The user will be given a random user name and password.
You may also import public ssh keys to use with the user name instead of password:
- Click Import SSH key.
- Generate a new key pair or copy an existing public key (usually ends with
.pub). You can generate a new key pair using
ssh-keygen -t rsaon Linux/Mac or using PuTTYgen on Windows. Make sure you generate a new RSA key.
- Paste the public key. Make sure it begins with
- Click Import SSH key
Migrating between plans
Application owners should carefully manage the migration timing to ensure proper application function during the migration process.
heroku addons:upgrade command to migrate to a new plan.
$ heroku addons:upgrade sftptogo:newplan -----> Upgrading sftptogo:[[newplan]] to sharp-mountain-4005... done, v18 ($50/mo) Your plan has been updated to: sftptogo:newplan
Removing the add-on
You can remove SFTP To Go via the CLI:
This will destroy all associated data and cannot be undone!
$ heroku addons:destroy sftptogo -----> Removing sftptogo from sharp-mountain-4005... done, v20 (free)
Before removing SFTP To Go, you can download your data using your favorite sftp client.
All SFTP To Go support and runtime issues should be submitted via one of the Heroku Support channels. Any non-support related issues or product feedback is welcome at firstname.lastname@example.org.