Generate Keypair
Use the following command:
ssh-keygen -t [rsa|ecdsa|ed25519]The following keys are accepted:rsaecdsaed25519
.pub file).Run cat <public_key_file> to view the public key to send to Lead.Example Public KeySend Public Key To Lead
Once your public key has been generated, send it to your Lead Implementation Manager as a plain text email.
Validate Lead Public Key (Host Key Generation)
Verify the fingerprint and add the public key to your known_hosts file by following the below steps:
-
Generate a public key fingerprint by running the below command:
- Prod
- Sandbox
ssh-keyscan sftp.lead.bank 2>&1 | ssh-keygen -lf -
The above command generates a public key fingerprint
-
Use the public key fingerprint and compare it with the fingerprint below:
- Prod
- Sandbox
2048 SHA256:PWqq5lPPd0zWCawxwSnqOkyy168esipmaPy2t3H1uFE sftp.lead.bank (RSA)
Add Lead Public Key To Your Known Hosts file
After the fingerprint is verified, run the below command to add the public key to your known_hosts file:
- Prod
- Sandbox
ssh-keyscan sftp.lead.bank >> ~/.ssh/known_hosts
Connect To SFTP Server
Connect by running the following command:
- Prod
- Sandbox
sftp -v -i \~/.ssh/your\_key username@sftp.lead.bank
Connectivity Details
| Environment | SFTP Server Hostname | Port |
|---|---|---|
| Sandbox | sftp.sandbox.lead.bank | 22 |
| Production | sftp.lead.bank | 22 |
Set-up Checks
- Static IP addresses are strongly encouraged for the IP allowlist.
- CSV files should use a pipe (|) delimiter.
- You may provide multiple SSH public keys for each environment.
- Lead supports RSA, ECDSA, and ED25519 keys.
- Both 2048 and 4096 bits are supported.
- It is strongly recommended that to do periodic key rotation.
- Rotation of these keys can be processed upon request.
Folder Structure
All program related files will be dropped into folders on the SFTP server with the following access:- Read/Write: For all folders where you are the submitter
- Read Only: For folders where Lead is the submitter
We do not use the root directory of the SFTP server to store or handle files.
| File | Submitter | Folder Name | File Example |
|---|---|---|---|
| Customer | You | customer | 2026-01-01_customer_v1.csv |
| Customer Relationship | You | customer-relationship | 2026-01-01_customer_relationship_v1.csv |
| Authorized Users | You | authorized-users | 2026-01-01_authorized_users_v1.csv |
| Applications | You | applications | 2026-01-01_applications_v1.csv |
| Accounts | You | accounts | 2026-01-01_accounts_v1.csv |
| Cards | You | cards | 2026-01-01_cards_v1.csv |
| Documents | You | documents | Refer to Documents row in Customer Applications Accounts Balances data schema |
| Balances | You | balances | 2026-01-01_balances_v1.csv |
| Transactions | You | transactions | 2026-01-01_transactions_v1.csv |
| Non-Posted Transactions | You | non-posted transactions | 2026-01-01_non_posted_transactions_v1.csv |
| Transactions Update | You | transactions-update | 2026-01-01_transactions_update_v1.csv |
| Collaterals | You | collaterals | 2026-01-01_collaterals_v1.csv |
| Network Settlement (Primary) | You or Issuing Processor | network-settlement/<primary network name> Example: network-settlement/visa | Format varies based on network. |
| Network Settlement (Secondary) | You or Issuing Processor | network-settlement/<secondary network name> Example: network-settlement/maestro | Format varies based on network. |
| Sales Request | Lead | sales-request | 2026-01-01_sales_request_v1.csv |
| Sales Response | You | sales-response | 2026-01-01_sales_response_v1.csv |
| ACH Outgoing | You | ach/outgoing | 2026-01-01_outgoing_ach_v1.ach |
| ACH Failed | Lead | ach/failed | 2026-01-01_outgoing_ach_v1.ach |
| ACH Incoming | Lead | ach/incoming | 2026-01-01_incoming_ach_return_noc_v1.ach 2026-01-01_incoming_ach_return_v1.ach 2026-01-01_incoming_ach_noc_v1.ach 2026-01-01_incoming_ach_forward_v1.ach |
| ACH Processed | Lead | ach/processed | 2026-01-01_outgoing_ach_v1.ach |
| Daily Activity Report | Lead | bank-account-reports | 2026-01-01_[partnername]-daily-activity-report_[epoch].csv |
| Daily Balance Report | Lead | bank-account-reports | 2026-01-01_[clientname]-daily-balance-report_[epoch].csv |
| ACH Cash Recon Report | Lead | bank-account-reports | 2026-01-01_[clientname]-ach-cash-recon-report_[UNIQUE-POSTFIX].csv |
File Naming
We utilize a consistent filename format that aims to:- Indicate the type of file
- Indicate the content represented in the particular file
- Prevent filename collisions for similar files
Example File Format
20260115T171640Z_incoming_ach_forwards_1768497400.ach
| 20260115T171640Z | incoming_ach_forwards | 1768497400 |
|---|---|---|
| Content Identifier | File Type | Epoch Time of File Generation |
| This will correspond to the content of the file. For loan origination files, this will be a date. For ACH files, this will be a date and time. | This indicates the meaning and format of the file. | This serves to prevent similar files from colliding and preserves generation time ordering for similarly name files. |
Example Invalid File Name
If the initial file version is invalid or changes are required, you must submit the updated version of the file — with an updated epoch time of version label, such as “v2”.| Original | 20260115T171640Z_incoming_ach_forwards_1768497400.ach |
|---|---|
| Updated Resubmission | 20260115T171640Z_incoming_ach_forwards_1768642400.ach Notice the updated epoch timestamp |
Common Pitfalls
You may receive the below error if your key permissions are too open:Permissions 0777 for ‘/Users/username/.ssh/id_rsa’ are too open. It is recommended that your private key files are NOT accessible by others. This private key will be ignored.
chmod 600 ~/.ssh/id_rsa