Explain the details of the encrypted ftp server.

305    Asked by AndreaBailey in Cyber Security , Asked on Jan 25, 2022

 Our company wants to enhance our FTP authentication method with digital signature. I know we can implement PGP encryption for sending files to FTP server, but the problem is when encrypted files receive, they will be decrypted by the server with its private key and then the Admin will have full access to those files.


By deployment of Public Key Infrastructure, each client needs to have a smart card in order to log-on to FTP server with digital signature. But it is not possible for our clients to encrypt their files based on the receiver's public key. Because there might be a situation where there are several file recipients and one should encrypt a single file using dozens of public keys which takes forever!


Is there a solution to encrypt files on FTP server which can be deployed in this situation? 

Answered by Amit Sinha

My suggestion is to have your clients manage their own encrypted ftp password or certificates. Certain FTP clients will allow the use of encryption, as an example: http://www.coreftp.com/docs/web1/FTP_Encryption.htm. I want to make sure though that you're actually using some type of encryption for the transit of their data. You don't mention it and since vanilla FTP doesn't use encryption by default I want to be sure that part is covered too.




Your Answer

Interviews

Parent Categories