IBM BPM, V8.0.1, All platforms > Authoring services in Integration Designer > Services and service-related functions > Access external services with adapters > Configure and using adapters > IBM WebSphere Adapters > FTP > Plan for adapter implementation > Security > Support for SFTP protocol
Public key authentication
Public key authentication is one of the most secure methods used to authenticate when using a Secure Shell. Public key authentication uses a pair of computer generated keys, one public and one private. The public key can be distributed and resides in the SFTP server. The private key is unique to the user and must not be shared.
The following properties are required to enable public key authentication:
- Host name
- Port number
- User name
- Private key
Passphrase is an optional property used to provide extra protection for the private key.
The key-pair can be generated using any third-party service and you can choose any of the standard encryption algorithms. The most commonly used algorithm is RSA; however, other algorithms such as DSA can be used.
The key-pair must be in the OpenSSH format.
For secure communication, certain SFTP servers allow the user to configure multiple modes of authentication for a single user. When use these servers, you can configure the users to authenticate to the SFTP server using both the password and the public-private key, simultaneously.
If both the Password (user name and password authentication) and the Private key (public key authentication) values are specified in the external service wizard, the adapter then tries to authenticate to the server using one or both the authentication modes, depending on the authentication mode specified on the SFTP server. If you have specified to use both the Password and Private key as the authentication mode on the SFTP server, then the adapter can access the server only if both the values are valid.
Previous topic: Server verification
Next topic: Configure the adapter for SFTP protocol
Related tasks: