March 22nd, 2011, 11:27 AM
Join Date: Mar 2011
Time spent in forums: 28 m 47 sec
Reputation Power: 0
Automate sFTPs and OpenPGP
It depends how the recipient wants the file? If you use GNUPG or OpenPGP, the file is encrypted and then sent over an unsecure connection. For the recipient to use the file, they will need to send you their public key so you can encrypt the file before sending it to them.
If you use SFTP, then the SSH key exchange is done before the transmission starts so the tunnel is secure. (You will need to exchange public SSH keys beforehand.) All passwords and login credentials are secure and the file you send is secure by reason that the tunnel is secure. You can also PGP encrypt the file, if you wish, before sending it via SFTP. This double encryption is not such a far out idea as many of our users are doing it in this way now. With this method the connection, passwords, and the file is secure. The file remains secure/encrypted on the recipient's end till they decrypt it, which is a benefit.
You can automate all these functions with a secure file transfer application like GoAnywhere Director.
Originally Posted by gayamantra
We are looking encrypting a file using GNUPG before FTPing to an external party.
Instead of doing this what I wish to know is that if we used SFTP will it achieve the same purpose.
Appreciate some advise. Thanks.
Last edited by DirkZwart : March 22nd, 2011 at 12:58 PM.
Reason: grammar error - fixed technical error.