SFTP (Secure Shell FTP using SSH2 protocol)



Similar documents
BGC Interface Guide FTP-via-Internet MANUAL FOR YOUR COMPANY November 2008

Tamper protection with Bankgirot HMAC Technical Specification

Using SSH Secure Shell Client for FTP

Online Banking for Business Secure FTP with SSH (Secure Shell) USER GUIDE

AnzioWin FTP Dialog. AnzioWin version 15.0 and later

TECHNICAL SPECIFICATIONS GUIDE CANADA SAVINGS BONDS. csb.gc.ca PAYROLL SAVINGS PROGRAM 20$ 40$ 80$ 50 $ 30$ TECHGUIDE-14

2 Advanced Session... Properties 3 Session profile... wizard. 5 Application... preferences. 3 ASCII / Binary... Transfer

Secure Data Transfer

File transfer clients manual File Delivery Services

Online Banking for Business Secure FTP with SSL (Secure Socket Layer) USER GUIDE

Experian Secure Transport Service

Bankgiro Inbetalningar (Bankgiro Receivables) User Manual

Obtaining a user account and password: To obtain a user account, please submit the following information to AJRR staff:

Quick Reference Guide. Online Courier: FTP. Signing On. Using FTP Pickup. To Access Online Courier.

Royal Mail Business Integration Gateway Specification

Five Ways to Improve Electronic Patient Record Handling for HIPAA/HITECH with Managed File Transfer

RFG Secure FTP. Web Interface

SSH Secure Client (Telnet & SFTP) Installing & Using SSH Secure Shell for Windows Operation Systems

Clearswift Information Governance

WS_FTP Professional 12. Security Guide

XFTP 5 User Guide. The Powerful SFTP/FTP File Transfer Program. NetSarang Computer Inc.

File Transfer with Secure FTP

Install and configure SSH server

Basic Exchange Setup Guide

Sysax Multi Server User manual

Tera Term Telnet. Introduction

Methods available to GHP for out of band PUBLIC key distribution and verification.

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

Shipping Services Files (SSF) Secure File Transmission Account Setup

Network Management Card Security Implementation

Air Resources Board File Transfer Protocol (FTP)

Fundamentals of UNIX Lab Networking Commands (Estimated time: 45 min.)

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Managing the System Event Log

WinSCP for Windows: Using SFTP to upload files to a server

How Managed File Transfer Addresses HIPAA Requirements for ephi

User's Guide. Product Version: Publication Date: 7/25/2011

User Guide. WS_FTP Server

CASHNet Secure File Transfer Instructions

Connecting to the School of Computing Servers and Transferring Files

File Transfer With Win_SCP (on campus)

Managing the System Event Log

POP3 Connector for Exchange - Configuration

User Guide. WS_FTP Server

fåíéêåéí=péêîéê=^çãáåáëíê~íçêûë=dìáçé

Installing the SSH Client v3.2.2 For Microsoft Windows

SECURE FTP CONFIGURATION SETUP GUIDE

Guide to the Configuration and Use of SFTP Clients for Uploading Digital Treatment Planning Data to ITC

Adobe Marketing Cloud Using FTP and sftp with the Adobe Marketing Cloud

Secure File Transfer Protocol User Guide. Date Created: November 10, 2009 Date Updated: April 14, 2014 Version: 1.7

The LRS File Transfer Service offers a way to send and receive files in a secured environment

Corporate Access File Transfer Service Description Version /05/2015

Guide to the Configuration and Use of SFTP Clients for Uploading Digital Treatment Planning Data to IROC RI

Managing the System Event Log

Secure Shell SSH provides support for secure remote login, secure file transfer, and secure TCP/IP and X11 forwarding. It can automatically encrypt,

SECURE FILE TRANSFER PROTOCOL. Instructions for uploading Quarterly Wage Files

Georgia State Longitudinal Data System

WS_FTP Professional 12. Security Guide

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

Access Instructions for United Stationers ECDB (ecommerce Database) 2.0

Remote Logging. Tanveer Brohi(14cs28)

Setting Up Scan to SMB on TaskALFA series MFP s.

Network FAX Driver. Operation Guide

Easy Setup Guide 1&1 CLOUD SERVER. Creating Backups. for Linux

Management, Logging and Troubleshooting

Encryption. How do I send my encryption key?

Security Policy Revision Date: 23 April 2009

SFXCL Automation Tips

WS_FTP Professional 12

User s Manual. Management Software for ATS

MOVEIT: SECURE, GUARANTEED FILE DELIVERY BY JONATHAN LAMPE, GCIA, GSNA

TS-800. Configuring SSH Client Software in UNIX and Windows Environments for Use with the SFTP Access Method in SAS 9.2, SAS 9.3, and SAS 9.

Basic Exchange Setup Guide

Safe Financials Limited. The CREST Simulator. File Transfer Overview and SFL Gateway

What IT Auditors Need to Know About Secure Shell. SSH Communications Security

File Manager User Guide

Configuring Alarm s From The Field Logger DL1080/DL1081 Using SMTP2GO As The Outgoing Server

DEDUCTION PROGRAM HANDBOOK

Centers for Medicare and Medicaid Services. Connect: Enterprise Secure Client (SFTP) Gentran. Internet Option Manual

Aon Secure File Transfer EMEA

F-Secure Messaging Security Gateway. Deployment Guide

LifeSize Passport TM User and Administrator Guide

Magaya Software Installation Guide

Export & Backup Guide

SBCH Medicaid Verification System File Exchange

ARCIS/MRS MTF Customer WEB Portal MTF User Guide. Version:

Using SSH Secure FTP Client INFORMATION TECHNOLOGY SERVICES California State University, Los Angeles Version 2.0 Fall 2008.

ShareFile Security Overview

Accessing the FTP Server - User Manual

EMC VNX Series. Using FTP, TFTP, and SFTP on VNX. Release 7.0 P/N REV A01

FL EDI SECURE FTP CONNECTIVITY TROUBLESHOOTING GUIDE. SSL/FTP (File Transfer Protocol over Secure Sockets Layer)

IIS, FTP Server and Windows

USER GUIDE. General Information The BeAnywhere Service BeAnywhere Server BeAnywhere DRIVE Security... 2

FL EDI SECURE FTP CONNECTIVITY TROUBLESHOOTING GUIDE. SFTP (Secure File Transfer Protocol)

Microsoft XP Professional Remote Desktop Connection

HPCC - Hrothgar Getting Started User Guide

2- Electronic Mail (SMTP), File Transfer (FTP), & Remote Logging (TELNET)

Nebraska Insurance Reporting Guide

Transcription:

SFTP (Secure Shell FTP using SSH2 protocol) Technical Manual March 2014

1. Contents 1. 1. Table of contents 2. Introduction... 3 3. Criteria for SFTP... 5 4. Preparations for connecting to SFTP... 7 5. Adapting your system for SFTP... 8 5.1 Settings relating to encryption... 8 5.2 Settings relating to file format... 9 5.3 Settings relating to file transfer to Bankgirot... 11 5.4 File transfer from Bankgirot... 13 5.5 Testing... 14 6. Terms and definitions... 15 March 2014 2

2. Introduction 2. 2. Introduction This document This document includes detailed technical information on the communication method SFTP (FTP SSH). This document has been devised for anyone wishing to adapt their system for SFTP. This document is designed to be read on your PC and all terms mentioned in the factual section and the checklist are linked to chapter 6. Terms and definitions. There are also links to our website. User help: Click the Previous view page navigation button or use the Alt + Left Arrow keyboard shortcut to return to the point in the document where you clicked a term. What is Bankgirot? Bankgirot is: An open system for both payers and creditors. The link between payers and creditors. All banks operating in Sweden can participate in the bankgiro system. Bankgirot processes payments and information about incoming and outgoing payments for all parties. Payments and information always arrive on time. Regardless of your bank connection: As a payer you can reach all creditors. As a creditor you can receive payments from all payers. Customised payment solutions: Bankgirot offers everything from simple payment solutions for small businesses to automated electronic payment solutions for large enterprises with computerised accounting systems. Bankgirot has established collaborations with several of the largest business, accounting and communication software companies. Together we create efficient business solutions for all payment needs, saving your business both time and money. Continued on next page March 2014 3

2. Introduction 2., Continued What is a communication method? A communication method is the solution the company uses to send files to and retrieve files from Bankgirot. Payment messages and reports are sent between your company and Bankgirot by file transfer.. There are several different solutions for communicating with Bankgirot. Information on available communication methods can be found at www.bgc.se, under Om våra tjänster/ Kommunikationslösningar och säkerhet/bankgirots kommunikationslösningar. What is SFTP (SSH)? SFTP (SSH) is a communication method which involves secure file transfer between your accounting system and Bankgirot tamper protection in conjunction with your system sending a payment to Bankgirot. SFTP is suitable for companies with large payment volumes and the need to adapt and automate the communication method to their internal payment procedures. With SFTP files are transferred to Bankgirot over the Internet via an interception-protected channel (SSH between client and server). What is SSH? SSH is a technology for creating secure communication between two computers via the Internet using encryption. Nobody other than the people at the computers in question can access the files when they are transferred via the Internet. The file transfer itself takes place according to FTP. March 2014 4

3. Criteria for SFTP 3. 3. Criteria for SFTP Agreement with bank To be able to use and adapt your system for SFTP, your company has to have signed an agreement for a Bankgirot service with the bank. When your company concludes an agreement relating to a Bankgirot service, it also agrees on which communication method it wants to use. When Bankgirot has registered the agreement, your company will be assigned a customer number at Bankgirot. Bankgirot will then help you to set up a communication link between your company and Bankgirot. Technical criteria The table shows which technical criteria are required to be able to connect to SFTP. Technical criterion Comment Accounting information system Internet connection Software for SFTP Static and public IP address on an Note: It is not possible to use DHCP SFTP client or SFTP server Public key server (SSH) Protocol Software for tamper protection Public keys, Clients addresses. Public keys are exchanged automatically on the server at the time of first connection SFTP with SSH version 2. Secure Copy (SCP) is not permitted Cross-reference: For more information, see Tamper protection below This is used without they being on the server; see Public key server (SSH) above. Continued on next page March 2014 5

3. Criteria for SFTP 3., continued Tamper protection For security reasons, the company must tamper-protect all files sent to Bankgirot. To protect a file from tampering means that the file is protected from unauthorised alteration during transport. The file is assigned an encrypted check record (condensate) calculated based on the file's content and a unique code, before the file is sent to Bankgirot. Bankgirot checks the check record and can thereby confirm that the file has not been tampered with after the sender authenticated it. Tamper protection verifies that the instruction comes from the right sender. In conjunction with your company signing an agreement with the bank on a Bankgirot service you will receive authentication keys for tamper protection from Bankgirot or your bank. You will also receive a password from Bankgirot. Cross-reference: More information on tamper protection is available in the technical manual for Tamper protection. This is available to download from the Bankgirot website, www.bankgirot.se, under Om våra tjänster/blanketter, manualer och trycksaker. March 2014 6

4. Preparations for connecting to SFTP 4. 4. Preparations for connecting to SFTP Technical information required by Bankgirot When the company has signed an agreement with the bank, Bankgirot will contact the company's technical contact in order to get technical information. This information is needed so that Bankgirot can connect your company to FTPS. Bankgirot needs the following information: IP address of the company's SFTP client SFTP server username and password for the company's SFTP server the required recipient filename for deliveries from Bankgirot. Note: It is important for you to be prepared to give the above information to Bankgirot as soon as the agreement has been signed. Technical information from Bankgirot When Bankgirot has connected your company to SFTP, the company will receive the technical information required to allow you to adapt your system for SFTP. The table shows which information the company will receive from Bankgirot. Technical Comment information Username at Bankgirot Used to log in to the Bankgirot SFTP server. Bankgirot's IP Used to be able to link up to Bankgirot's SFTP addresses server. Data set names for See the data set name principles in Section 5.2 testing and production March 2014 7

5. Adapting your system for SFTP 5.1 5. Adapting your system for SFTP 5.1 Settings relating to encryption Settings The following settings are required for you to be able to use encryption: Encryption AES-256 Hashing algorithm: SHA1 Public key: SSH-RSA, key length 2048 Keys are exchanged automatically at the time of first connection March 2014 8

5. Adapting your system for FTPS 5.2 5.2 Settings relating to file format Character encoding standard Files to Bankgirot must be in ASCII format with the character set ISO8859-1 (Latin-1) Files from Bankgirot in ASCII format with the character set ISO8859-1 (Latin-1) are terminated with Line Feed (LF=0x0A) Principles for data set names The data set name of files from Bankgirot includes the customer or service bureau number together with the time and date the file was created. Files to Bankgirot must have a data set name according to the structure BFEP.Ixxxx.K0nnnnnn, where xxxx is replaced with a product code and nnnn is replaced with a customer number (right-justified and completed with zeroes). Example: The table shows examples of product codes for some of the various Bankgirot services. Bankgirot service Code for production Code for testing Autogiro (direct debit) IAGAG IAGZZ Supplier payments ILBLB ILBZZ Salaries/Account deposits IKIKI IKIZZ Continued on next page March 2014 9

5. Adapting your system for FTPS 5.2, Continued Data set name fields This diagram presents the different fields in the data set name. March 2014 10

5. Adapting your system for FTPS 5.3 5.3 Settings relating to file transfer to Bankgirot Bankgirot does not accept empty files Bankgirot does not accept empty files, i.e. files which contain no transactions. Several files can be sent on the same day All files received or sent in Bankgirot's system are automatically given a unique file name with the help of a generation data set. This means that several files can be sent on the same day with no risk of date being overwritten. Dialog when sending files The Bankgirot SFTP server is set up with a special feature in order to enhance security for your data. You cannot connect to the server using any protocol other than SFTP (e.g. SCP or Telnet). This is the structure of the dialog when sending files to Bankgirot: SFTP <login>@sftp.bankgirot.se Password: <password> PUT local_filename //BFEP.Ixxxx.K0nnnnnn Or PUT local_filename /-/BFEP.Ixxxx.K0nnnnnn (<login> = the company's user name at Bankgirot) QUIT The file name at Bankgirot must begin with // or /-/ as the file is created in the system's directory, not the user's directory. Commands for record length and file size The table shows which commands are applicable depending on record length and file size when sending files to Bankgirot. Record length/file size Command Comment Files with a record length of If a longer record length max. 768 characters is required, contact Files more than approx. 150 MB in size (the file size which can normally be sent) SITE PRI=nnnn Bankgirot. nnnn = file size in MB x 20 Continued on next page March 2014 11

5. Adapting your system for FTPS 5.3, continued Character conversion when sending files Files are saved at Bankgirot in EBCDIC format. Translation takes place between 8-bit ASCII (ISO8859-1) and EBCDIC Finnish/Swedish Code Page (1143). March 2014 12

5. Adapting your system for FTPS 5.4 5.4 File transfer from Bankgirot Sending files Bankgirot automatically sends files to the company when there is data ready to send in Bankgirot's system. The file is left in a preagreed location in your company's system. In other words, it is not possible to download files from Bankgirot. Bankgirot uses Line Feed (LF) as a line break character when sending files from Bankgirot (LF =0X0A). Note: For your company to be able to receive files, your business system has to be prepared for receipt. Several files can be sent on the same day All files received or sent in Bankgirot's system are automatically given a unique file name with the help of a generation data set. This means that several files can be sent on the same day with no risk of date being overwritten. Companyunique file names with Store Unique Bankgirot uses the Store Unique command to create a file name which is unique to your company. However, for this the function has to be enabled in your company's data system. March 2014 13

5. Adapting your system for FTPS 5.5 5.5 Testing How it works To check that the file transfer to Bankgirot is working and that the files you created in your business system or accounting system are correct, you can carry out a test at Bankgirot, which will notify you of the test results as soon as possible. The table shows how a test works. Step Description 1 Your company creates a tamper-protected file containing authentic data. 2 Your company connects to Bankgirot according to an agreed communication method and sends the file to Bankgirot as a test file. 3 Bankgirot or the bank (if testing international payments) sends confirmation of a successful test. Tip: To create your own files you can also use the sample files available at www.bankgirot.se, under Om våra tjänster and the relevant service. Test file The test file must include authentic data which you create in your company's payment software, i.e. payment jobs containing correct customer details (such as the real bankgiro number). The payments in the test file will not be actioned. Note: Check that your company's details are recorded in your payment software before you create the test file, as these details will be checked during the test run. Cross-reference: For more information on how to create test data in your business suite or accounting system, refer to the software documentation for your system or contact your software supplier. Tamper protection during testing The tamper protection must use a test key. When the test is passed, you can register a production key for tamper protection with a start date in your authentication software. Note: It is not possible to implement authentication for a file created with a date older than the date on which the authentication key is added. March 2014 14

6. Terms and definitions 6. 6. Terms and definitions Terms in this document This table lists Bankgirot's definitions of terms associated with the SFTP communication method. Term Bankgiro number Payment instructions Data set name DHCP Tamper protection SFTP SFTP client SFTP server IP address Communication method Customer number Server certificate Authentication key TCP/IP Technical Manual Testing Reporting Definition An address that points to a bank account. A bankgiro number can be associated with the bank and account number of your choice. The payments Bankgirot accepts and processes. The data set name is the technical name of all files sent to and from Bankgirot. It is generated from the customer number or service bureau number, the date and the time. Dynamic Host Configuration Protocol. A network protocol which permits automatic allocation of temporary IP addresses. To protect a file from tampering means that the file is protected from unauthorised alteration during transport. Tamper protection verifies that the instruction comes from the right sender. SFTP (Secure Shell File Transfer Protocol) A communication protocol which uses SSH to send encrypted files via the Internet. Software on a sending computer which starts an SFTP session. Software on a receiving computer which responds to calls from an SFTP client. A numerical address used for computers. The method a company uses to send files to and retrieve files from Bankgirot. A customer number at Bankgirot used as the address for file deliveries. A company can have one or more bankgiro numbers linked to it. A customer number is always linked to a service. A type of electronic identification. A combination of digits and code which, together with an encryption algorithm, locks the check record for anyone without access to the key. Transmission Control Protocol/Internet Protocol. A general file transfer standard using different data networks, such as the Internet. TCP/IP is a collection of several different protocols. It is included in all Unix systems and is available for most computers (from PCs to IBM mainframes). A user guide with record and file descriptions. Mainly aimed at software companies and companies that develop proprietary software. Conducted to verify that the information in the files complies with the specified layout. All companies receive reports on executed, unexecuted and monitored payments. Reporting comprises a number of reports that can be received on file and/or paper. The company can choose how often the reports are sent. March 2014 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information