Oracle JCA Adapter for FilesFTP 4-87 3. The session key is encrypted by using the recipients public key. Because the recipient already has the private key, it can decrypt the message by using its preferred PKI algorithm such as Rivest-Shamir-Adleman RSA or Digital Signature Algorithm DSA.

4.4.4.1.2 Authentication The SSH protocol inherently supports password authentication

by encrypting passwords or session keys as they are transferred over the network. In addition, the SSH protocol uses a mechanism known as known hosts to prevent threats such as IP spoofing. When this mechanism is used, both the client and the server have to prove their identity to each other before any kind of communication exchange.

4.4.4.1.3 Integrity The SSH protocol uses widely trusted bulk hashing algorithms such

as Message Digest Algorithm 5 MD5 or Secure Hash Algorithm SHA-1 to prevent insertion attacks. Implementation of data integrity checksum by using the algorithms mentioned in Section 4.4.4.1.1, Encryption prevents deliberate tampering of data during transmission.

4.4.4.1.4 Data Compression The SSH protocol supports zlib, an open-source

cross-platform algorithm for data compression. SSH uses zlib to compress in-flight data to reduce network bandwidth.

4.4.4.2 Install and Configure OpenSSH for Windows

OpenSSH for Windows is the free implementation of the SSH protocol on Windows. Perform the following steps to install and configure OpenSSH on Windows XP:

1. Log in as a user with Administrator privileges.

2. Download setup.exe from the following location:

http:www.cygwin.com 3. Run setup.exe. The Cygwin Net Release Setup window is displayed.

4. Click Next. The Choose Installation type window is displayed.

5. Select Install from Internet as the download source and click Next. The Choose

Installation Directory window is displayed. 6. Leave the root directory as C:\cygwin. Also, keep the default options for the Install For and the Default Text File Type fields.

7. Click Next. The Select Local Package Directory window is displayed.

8. Click Browse and select C:\cygwin as the local package directory.

9. Click Next. The Select Connection Type window is displayed.

10. Select a setting for Internet connection and click Next. The Choose Download

Sites window is displayed.

11. Select a site from the Available Download Sites list and click Next. The Select

Packages window is displayed.

12. Click View to see the complete list of packages available for installation.

13. Select openssh if it is not the default value.

14. Select the Binaries box for openssh.

15. Click Next to start the installation.

16. On Windows XP desktop, right -click My Computer and select Properties.

4-88 Oracle Fusion Middleware Users Guide for Technology Adapters

17. Click the Advanced tab and click Environment Variables.

18. Click New and enter CYGWIN in the Variable Name field and ntsec in the

Variable Value field. 19. Add C:\cygwin\bin to the system path. 20. Open the cygwin window. 21. Type ssh-host-config. 22. You are prompted with the following questions: a. Shall privilege separation be used? yesno Enter yes. b. Shall this script create a local user sshd on this machine? Enter yes. c. Do you want to install sshd as service? Say no if its already installed as service yesno Enter yes. d. Which value should the environment variable CYGWIN have when sshd starts? Its recommended to set at least ntsec to be able to change user context without password. Default is binmode ntsec tty. Enter ntsec. 23. Type net start sshd to start the sshd service. 24. Run the following command in the cygwin window to replicate the Windows local user accounts to cygwin: mkpasswd --local etcpasswd mkgroup --local etcgroup 25. To test the setup, type ssh localhost in the cygwin window.

4.4.4.3 Set Up Oracle FTP Adapter for SFTP

To use the SFTP functionality, you must modify the deployment descriptor for Oracle FTP Adapter. Table 4–11 lists the properties for which you must specify a value in the deployment descriptor. The values of these properties depend on the type of authentication and the location of OpenSSH. Table 4–11 SFTP Properties Property Description useSftp Specify true. Mandatory : Yes Default value : false