On Tue, Nov 16, 2004 at 11:54:07AM -0500, [EMAIL PROTECTED] wrote: > so here it is: is there a way to automate file transfers using ssl? I > installed openSSL and now I want to transfer files using sftp or ftp but > of course I want these files encrypted. Currently I am using GPG but for > this particalur client they want SSL.
GPG gives you content encryption: while a GPG-encrypted file sits on your or the remote end's hard disks, it remains encrypted. SSL or SSH gives you communication encryption: while the file is transmitted across the network it is encrypted. When the file is at rest on the hard disk it may be in the clear. (I've seen file transfers over SSH where source and destination directories were world-readable/writeable. Yup, these were declared "secure file transfers"!) If your data is sensitive, there is no reason to stop using GPG just because you're transmitting it over SSL/SSH. SFTP is part of the SSH suite which provides an FTP (the program) -ish user interface to file transfers over SSH. There are several commercial and open source SSH/SFTP implementations available. FTP/TLS is FTP (the protocol) extended to work over TLS. There are, like, innumerable ;-) FTP/TLS implementations available. You have several options to do bulk file transfer over SFTP or FTP/TLS: script a CLI program, use command macros that (I imagine) come with some GUI programs, write a program using an SFTP/SSH or FTP/TLS library. Another possibility is to use HTTP-POST to upload your files to a HTTPS server. This is easy to script, if only for the reason that there are many examples on the web demonstrating this. Cheers. -- Ng Pheng Siong <[EMAIL PROTECTED]> http://sandbox.rulemaker.net/ngps -+- M2Crypto, ZServerSSL for Zope, Blog http://www.sqlcrypt.com -+- Transparent AES Encryption For SQLite ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
