connecting to SFTP with SSH - public / private keys

0 votes
asked Sep 8, 2010 by ubuser (140 points)
edited Mar 24, 2011

Hi, I am testing this before we buy and I am new to this kind of FTP.

Client has supplied us GPG Public key to encrypt data. How do I use it. Also, when I create private/public key, where are they saved? I need to send public key for server side validation.

I was looking at samples, but it is not clear.

Thank you in advance.

Ubuser

Applies to: Rebex FTP/SSL, Rebex SFTP

1 Answer

0 votes
answered Sep 9, 2010 by Martin Vobr (12,940 points)
edited Sep 9, 2010

Hi,

it's a bit unclear what protocol you are planning to use. The subject is about SFTP and, in question text you are talking about FTP and GPG.

FTP, SFTP, GPG

  • FTP - plain, old file transfer protocol. Unencrypted password is sent over the network

  • FTP/SSL - plain, old file transfer protocol sent over the TLS/SSL channel. Often called FTPS. Relation betewwn FTP and FTPS is the same as between HTTP and HTTPS.

  • SFTP - SSH File Transfer Protocol. Completely unrelated to FTP. Different protocol and is run over the SSH communication channel.

  • GPG is GNU implementation of OpenPGP cryptographic software. It can be used for encryption of files and emails. I'm not aware of any way how to use GPG keys for SFTP authentication.

SFTP, FTP, FTP/SSL are fully supported by Rebex components. We don't have any component supporting GPG yet.

For more info about SFTP, FTP and FTPS see http://www.rebex.net/kb/secure-ftp.aspx

For more info about GPG see http://en.wikipedia.org/wiki/GNU_Privacy_Guard

Storing public/private keys

1) Storing keys on server:

This varies from server to server. Check your FTP or SFTP server documentation or consult with it's admin for details.

2) Generating keys and key storage on client

Following articles will help you to implement it in your code:

commented Sep 9, 2010 by ubuser (140 points)
BTW, I am referring to SFTP and SSH. You mean I can not use GPG public key with your components? Let me know. Thanks
commented Sep 9, 2010 by Martin Vobr (12,940 points)
None of our components supports GPG, sorry. We are considering adding a PGP/GPG component in a future. If you are interested in one please vote for one of those two feature requests: PGP/GPG mail encryption: http://rebex.uservoice.com/forums/18155-rebex-net-components/suggestions/895133-openpgp-support-in-mail or PGP/GPG file encryption: http://rebex.uservoice.com/forums/18155-rebex-net-components/suggestions/895129-openpgp-support-for-file-encryption-signatures
...