Certificate based authentication in SFTP

Top  Previous  Next

SFTP or FTP over secure shell as it is also known is deemed to be the most secure method of file transport. There are 3 methods of authentication in Sftp.

1.with a user name and password
2.with a user name and a private key cryptographic certificate and
3.with a user name, a certificate and a password

 

When you select SFTP as the FTP protocol, you will see two check boxes appear.

SFTP1

The sub choices when you select SFTP

Leaving both check boxes unchecked will result in the first option: Authentication with user name and password. You can also check just the user name and password with the same result.

In order to use the certificate based authentication you need to create and link to your own certificate. The certification module that HIPAAsuite employs uses a so called private key SSH2 certificate in pem format.

How do you create such a certificate? Here is one way:

The free secure shell program putty has the necessary tools. Download putty from www.putty.org When you install the program you will see several program installed on your computer.

putty1

The programs and files that come with putty

One of the programs is puttygen.exe. This program creates the necessary keys. When you start it up, you can generate a key pair.

putty2

Creating a public/private key pair with puttygen

You can save the public and private keys separately as .ppk files but that is not what we need. But puttygen has also tool to convert the keys to pem files. The top menu has a tab "Conversions"putty3

Converting the SSH key into a pem certificate

When we click on "Export OptnSSH key" we can then save the key with an .pem ending and that is it.