We've learned that SFTP <> FTPS. FTPS uses SSL, but SFTP is based on SSH.
Our trading partner also required that the SFTP do userID/password and key
exchange, which was the limitation most of the products could not do.

OpenSSH is free and works on i5/OS (albeit, runnng in PASE). It's the de-facto standard for SSH -- by far the #1 SSH software on the planet. Completely dominant.

It strikes me as very weird that your partner would require something that OpenSSH doesn't support. That would be like setting up a web site that requires a feature that only Opera supports (so IE and Firefox won't work). I guess it's possible, but it'd seem like a very strange thing to do.

Now, I spend a lot of time in BSD (not quite as much as i5/OS, but still a lot) and I've been using SSH since 1995, back when "SSH Communications Corporation" was the #1 SSH tool (they're long gone now.) I've been using it for all of these years, and I've never HEARD of someone requiring both a password AND a public key to be sent.

It's possible for the keys to be encrypted so that you need a password to decrypt the key before you can send it... that's common enough. But the password in that case isn't actually sent, it's just used to decrypt the key.

It's also possible for a software to be listed as "supporting both public key and password authentication" which would mean that you could use EITHER with that software package. (But doesn't imply that you'd use them both at once!)

I find myself wonderfing if maybe your trading partner requires one of these two things, and maybe you misinterpreted it?

Or, maybe OpenSSH does in fact support using both at once, and I've just never come across it? Certainly possible. But it seems weird. If you can work with someone's public key (which also means that to decrypt, you have to have the private key) then what good is the password? Certainly doesn't add any security. It might even make the connection more succeptible to social-engineering types of attacks. (unlikely, but maybe.)

I guess I'm wondering if you're SURE that OpenSSH won't work? Almost everyone using SSH is using OpenSSH. It'd be awfully weird for it not to work!

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.