March 30, 2013 at 10:11 am
While this is not related to sql server I imagine that many database administrators have had to deal with this scenario.
My company just switched banks and we have to meet security requirements to upload check files to their SFTP site.
We have finished the formatting for the flat text file and once the accounting department has created the file they will need to upload. To make the process simple for the accounting department users I have created a virtual machine with a secured share that they can dump the file into. Every 15 minutes I have a scheduled task that will run and move the files to a directory where the files will be further secured and encrypted. Once every hour a scheduled sftp job will run using an application called cuteftp to the new bank.
The problem I am having is getting the files in the directory encrypted. I have tried using Symantec's PGP encryption software but keep coming across problems.
Can someone recommend a command line pgp tool where I can generate my own public and private keys and also sign the files we will be uploading to the bank with the public keys they have provided?
Any other thoughts are also welcomed. Thank you.
March 30, 2013 at 4:30 pm
GnuPG is a command line tool. It's open source and free:
April 3, 2013 at 12:15 pm
I used the Gnu version years ago. Worked well for me.
April 8, 2013 at 9:21 am
I have used the GNU for windows version and figured out what I need with the exception of encrypt and sign multiple files.
I have a directory which will contain multiple files that need to be encrypted. When I run the command line with the below swtiches and one file in the directory it works.
gpg2.exe --batch --sign --passphrase "somewords" --encrypt -r BankName --trust-model always c:\EncryptedFiles\*.*
However when I use the --multifile switch with multiple files the command fails.
The syntax I am using is below.
gpg2.exe --multifile --sign --passphrase "somewords" --encrypt -r BankName --trust-model always c:\encryptedfiles\*.*
The error I receive is
"usage: gpg [options] --sign -- encrypt [filename]"
Can anyone familiar with this please let me know what is the proper syntax for encrypting and signing multiple files?
April 9, 2013 at 8:36 am
The best syntax for multiple files is to zip them first, and then gpg the zipped single file :).
Note that if you're dealing with U.S. government standards, DSA/ElGamal keys are right out, as ElGamal is not a FIPS 140-2 algorithm.
To be as current as possible, ideally, generate your key with
gpg2 --gen-key --cert-digest-algo SHA512
or
gpg2 --gen-key --cert-digest-algo SHA256
and add the following four lines to the end of gpg.conf for every user that uses gpg
Substitute CAMELLIA for AES if you're in Europe or Japan.
personal-cipher-preferences AES256 AES192 AES 3DES
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
personal-compress-preferences BZIP2 ZLIB ZIP Uncompressed
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES 3DES BZIP2 ZLIB ZIP Uncompressed
To update existing public keys with at least a preferred cipher ordering,
gpg2 --edit-key "YourKeyName <YourKey@X.Y>"
showpref
setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES 3DES BZIP2 ZLIB ZIP Uncompressed
quit
y
September 14, 2022 at 3:01 pm
This was removed by the editor as SPAM
September 14, 2022 at 3:01 pm
This was removed by the editor as SPAM
September 14, 2022 at 3:01 pm
This was removed by the editor as SPAM
Viewing 8 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply