4-86 Oracle Fusion Middleware Users Guide for Technology Adapters

4.4.4 Using SFTP with Oracle FTP Adapter

SSH file transfer protocol SFTP is a network protocol that enables secure file transfer over a network. Oracle FTP Adapter supports the use of the SFTP feature on Windows and Linux. This section provides an overview of the SFTP functionality and describes how to install and configure this feature. This section includes the following tasks: ■ SFTP Overview ■ Install and Configure OpenSSH for Windows ■ Set Up Oracle FTP Adapter for SFTP

4.4.4.1 SFTP Overview

FTP is the network protocol that enables clients to securely transfer files over the underlying SSH transport. SFTP is not similar to FTP over SSH or File Transfer Protocol FTP. Figure 4–47 displays the communication process between an SSH client and an SSH server. SFTP is supported in Windows and Linux. Figure 4–47 SFTP Communication SFTP has the following features: ■ Encryption ■ Authentication ■ Integrity ■ Data Compression

4.4.4.1.1 Encryption The SSH protocol uses public key cryptography for encryption.

This section explains how data is encrypted:

1. The SSH subsystem uses symmetric key ciphers such as Data Encryption Standard

DES or Blowfish to generate a session key. The SSH protocol currently uses the Diffie-Hellman Key Exchange Algorithm to derive the symmetric key for the session.

2. The data is encrypted using the session key.

keystoreAlgorithm Set the value to SunX509 pkiProvider Must be left blank. jsseProvider Must be left blank. Table 4–10 Cont. JCA Properties for Oracle File and FTP Adapters Property Name Property Value SSH Client SSH Server Integrity Encryption Authentication Oracle JCA Adapter for FilesFTP 4-87 3. The session key is encrypted by using the recipients public key. Because the recipient already has the private key, it can decrypt the message by using its preferred PKI algorithm such as Rivest-Shamir-Adleman RSA or Digital Signature Algorithm DSA.

4.4.4.1.2 Authentication The SSH protocol inherently supports password authentication

by encrypting passwords or session keys as they are transferred over the network. In addition, the SSH protocol uses a mechanism known as known hosts to prevent threats such as IP spoofing. When this mechanism is used, both the client and the server have to prove their identity to each other before any kind of communication exchange.

4.4.4.1.3 Integrity The SSH protocol uses widely trusted bulk hashing algorithms such

as Message Digest Algorithm 5 MD5 or Secure Hash Algorithm SHA-1 to prevent insertion attacks. Implementation of data integrity checksum by using the algorithms mentioned in Section 4.4.4.1.1, Encryption prevents deliberate tampering of data during transmission.

4.4.4.1.4 Data Compression The SSH protocol supports zlib, an open-source

cross-platform algorithm for data compression. SSH uses zlib to compress in-flight data to reduce network bandwidth.

4.4.4.2 Install and Configure OpenSSH for Windows

OpenSSH for Windows is the free implementation of the SSH protocol on Windows. Perform the following steps to install and configure OpenSSH on Windows XP:

1. Log in as a user with Administrator privileges.

2. Download setup.exe from the following location:

http:www.cygwin.com 3. Run setup.exe. The Cygwin Net Release Setup window is displayed.

4. Click Next. The Choose Installation type window is displayed.

5. Select Install from Internet as the download source and click Next. The Choose

Installation Directory window is displayed. 6. Leave the root directory as C:\cygwin. Also, keep the default options for the Install For and the Default Text File Type fields.

7. Click Next. The Select Local Package Directory window is displayed.

8. Click Browse and select C:\cygwin as the local package directory.

9. Click Next. The Select Connection Type window is displayed.

10. Select a setting for Internet connection and click Next. The Choose Download

Sites window is displayed.

11. Select a site from the Available Download Sites list and click Next. The Select

Packages window is displayed.

12. Click View to see the complete list of packages available for installation.

13. Select openssh if it is not the default value.

14. Select the Binaries box for openssh.

15. Click Next to start the installation.

16. On Windows XP desktop, right -click My Computer and select Properties.