Last post Dec 15, 2015 07:25 PM by kmcnet
Dec 10, 2015 10:23 PM|kmcnet|LINK
Hello everyone and thanks for your help in advance. I developed an application that uploads files to various business partners through sftp. I have successfully used the SSH.Net component to accomplish this, however, I have a new trading partner that is
requiring a PGP key be generated in order to access their server. I'm really not sure if SSH.Net can accomplish this or if there is another component that will. Any help would be appreciated.
Dec 11, 2015 05:39 AM|Candice Zhou|LINK
If you have secure ftp - it is a different profile than that of ftp. Basically secure ftp means that there is an exchange of keys between the client and the server and then all the path is encrypted. Generally this means that you do not need to encrypt
what you are sending through it, however you can not connect a secure ftp client to a normal ftp server - it needs to be an sftp server.
You could refer to the following links:
Dec 12, 2015 02:55 AM|kmcnet|LINK
Thanks for the response. I'm not sure if you answered the question or not, but let me run through my issue again. Is there such a thing as a PGP connection (I don't know of one) or are we speaking of encrypting files using PGP, then sending it over a sftp
connection (sort of a belt and suspenders approach to security). The vendor I am working with seems to be telling me that PGP is part of the file transfer process. Is this possible?
Dec 14, 2015 09:08 AM|Candice Zhou|LINK
The SSH keys would be used as an additional authentication factor when someone connects to your FTP server. There should be an option in your FTP server's user admin system that allows you to attach those SSH keys to the user accounts you've set up for the
provider. The FTP server will then require that the client sends a copy of the key for comparison when they connect, so the client has to provide username, password, and key in order to connect.
As far as free PGP options, the only one I'm aware of is GPG4Win tool:
Dec 14, 2015 01:45 PM|kmcnet|LINK
Thanks for the response. So if I understand correctly, the file itself is not encrypted, but the key is sent as a payload with the sftp connection. Am I understanding correctly? Unfortunately, the server is my trading partner's and they are being very
vague about the specs. So I can use GPG4Win to generate the key, but I still need a component to perform the sftp connection and file transfer. Do you know of a component that will do this or if SSH.Net can accomplish this?
Dec 15, 2015 07:46 AM|Candice Zhou|LINK
but I still need a component to perform the sftp connection and file transfer.
May be you could refer to the following example:
This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore,
Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you
completely understand the risk before retrieving any software from the Internet.
Dec 15, 2015 07:25 PM|kmcnet|LINK