March 20th, 2011, 09:23 PM
Encrypting file before FTP
We are looking encrypting a file using GNUPG before FTPing to an external party.
Instead of doing this what I wish to know is that if we used SFTP will it achieve the same purpose.
Appreciate some advise. Thanks.
March 20th, 2011, 11:24 PM
The S in SFTP secures the connection. It doesn't encrypt your files. So no, it won't do what you need.
 By "need" I mean "what you say you need". It may very well address the problem, but likely not in the expected direction.
Last edited by requinix; March 22nd, 2011 at 12:15 PM.
March 22nd, 2011, 11:27 AM
Automate sFTPs and OpenPGP
It depends how the recipient wants the file? If you use GNUPG or OpenPGP, the file is encrypted and then sent over an unsecure connection. For the recipient to use the file, they will need to send you their public key so you can encrypt the file before sending it to them.
If you use SFTP, then the SSH key exchange is done before the transmission starts so the tunnel is secure. (You will need to exchange public SSH keys beforehand.) All passwords and login credentials are secure and the file you send is secure by reason that the tunnel is secure. You can also PGP encrypt the file, if you wish, before sending it via SFTP. This double encryption is not such a far out idea as many of our users are doing it in this way now. With this method the connection, passwords, and the file is secure. The file remains secure/encrypted on the recipient's end till they decrypt it, which is a benefit.
You can automate all these functions with a secure file transfer application like GoAnywhere Director.
Originally Posted by gayamantra
Last edited by DirkZwart; March 22nd, 2011 at 12:58 PM.
Reason: grammar error - fixed technical error.