Encryption of your files with FTP

 

Encryption adds another layer of security to your files with Core FTP.  By encrypting files, your files are protected from being viewed or used on your FTP server, if a security breach or unauthorized access occurs.

 

(The following information can also be found in the Core FTP Help file under the help topic 'encryption / decryption').

 

To setup Core FTP for encryption and decryption of your files, rules must be setup.   To setup these rules, go to the following setup screen (view - options).

 

 

 

 

In this first example, we've setup a new rule called 'upload', by clicking on the new button, and entering the name of the rule.   Select the encryption button, as this rule will be for encrypting files that we will upload to the server.

 

Next, the AES cipher and number of bits have been selected.  The higher the bits, the higher the level of encryption.   Finally the password is entered, and then re-entered in the confirm line.    

 

Our encryption rule can be complete at this point with only a password, but you can also generate a private key which can be used to add another layer of security.   This key can then be sent to others (via email, storage, etc) who wish to decrypt the files you have encrypted.  If a key is used to encrypt the file, it can only be decrypted using the same key.  Using this additional method, only those with the key can decrypt your encrypted files, and vice versa (see help file for additional information on RSA keys, which provide a more complex method for even higher security).

 

 

 

In this next example, we've setup a new rule called 'download'

 

 

 

 

In this example, we've setup another new rule called 'download', by clicking on the new button, and entering the name of the rule.   Select the decryption button, as this rule will be for decrypting files that we will download from the server.

 

Next, the AES cipher and number of bits have been selected.  Be sure that you select the same cipher and bits as you did in the 'upload' rule - they must match in order to work correctly.   Once again, enter the password and then re-enter it in the confirm line.    

 

You are now ready to use your rules.  It's always a good idea to select each rule from the rules dropdown, just to make sure the ciphers and bits match correctly.

 

 

 

To use your new encryption rules, go into the site manager and select the site you plan to use your rules with.   It is advised that you make a copy of the site profile before proceeding by right clicking on the site, and selecting 'duplicate'.  Use the duplicate (or copy) of your site profile for testing purposes until you feel comfortable with setting up rules.

 

Once you have selected the site you wish to modify, click the advanced button, and then select 'encrypt/compress'.

 

In the above screen, we have selected our 'upload' rule to be used for uploading and encrypting files.  The 'download' rule has been selected for downloading and decrypting files.   Click ok to save the changes.

 

Now you're all set.  All files being uploaded to this site will be encrypted, and all files downloaded will be decrypted.   To test that your rules work, upload a file using this site profile, disconnect, and then connect using your original site profile that does not contain encryption rules.   If you select the file, right click, and select 'view' to view it, you will notice that the file has been encrypted (the file will be viewed as nonsensical garbage data).    This is confirmation that your files are being encrypted.   If your file looks normal, then it has not been encrypted.

 

Next,  disconnect, and connect with your site profile that has the encryption rules.   Once again, right click on the encrypted file in the remote directory and select 'view'.  You should now see the file as it originally was before encryption.  It is advised that you do not download until you have tested this step, as to avoid overwriting your original files with encrypted files.

 

The following ciphers are available for encrypting and decrypting files:

AES (128 & 256 bit)

Blowfish

Cast5

DES

DESX

3DES (triple DES)

RSA (1024 and 2048 bit)

 

 

Note:  A bug existed in build 1417 and earlier that did not set the transfer mode correctly for ascii files.  If you encounter this issue when transferring ascii files (ie: file.txt, file.html, etc), please upgrade to a later version.


FTP encryption