Nets Denmark A/S Lautrupbjerg 10 P.O. 500 DK-2750 Ballerup T +45 44 68 44 68 F +45 44 86 09 30 www.nets.eu CVR-nr. 20016175 User guide Generate keys for SFTP solution for data communication with Nets
Contents Introduction... 3 Content... 3 Rights... 3 The private key... 4 Introduction... 4 Security aspects concerning the private key... 4 Get started... 5 Sign in for the SFTP solution... 5 Material from Nets... 5 Generate key... 6 Login to server... 6 Select signature... 6 Enter password... 6 Login for key generation... 7 Enter User ID and passsword... 7 Start generating key... 7 Enter information... 8 DSA- or RSA-key... 8 Enter and memorise passphrase... 8 Enter email address... 8 Enter phone numberr... 8 Key is being generated... 9 Key is ready... 9 Store the key... 9 Change password... 10 Introduction... 10 How it works... 10 Contact... 11 Nets Servicedesk... 11
Introduction Content This user guide is intended for customers sending data to and from Nets via the Internet using the SFTP solution. To ensure that the servers that are communicating with each other in this solution are known parties, security keys must be exchanged between you and Nets. Key generation is carried out by you from a PC with a standard Internet browser. To gain access to the Web solution for key generation, you must be in receipt of a chip card issued by Nets and have a chip card reader installed in the equipment from which the key generation is to take place. For guidance and the necessary software, we refer you to the Guide to installation of chip card reader Cardman 3121. If you are a danish company with a CVR-number you also can use the Medarbejdersignatur from Nets DanID A/S. This guide gives a step-by-step explanation of how to generate your security keys for use in the SFTP solution. Instructions for the SFTP solution itself depend on the platform you use for the SFTP solution and can be found at www.nets.eu - Select Support, Data communication, SFTP-løsning and then Download for SFTP-løsning. Rights All rights to this guide and the corresponding product belong to Nets Denmark A/S. Copying, forwarding or in any other manner making this material or parts thereof available to third parties without the consent of Nets is not permitted.
The private key Introduction The security of the solution consists of the exchange of security keys (private/public keys). You generate the private key yourself with the help of the activities described in this document. You must then copy your private key to the platform to be used for the SFTP communication. We refer you to your system supplier s specifications for copying and downloading security keys on these platforms. The public key will be issued from Nets SFTP server the first time you log on to it. On this point, we refer you to the user guidelines for your specific platform as well as your system supplier s specifications. Remark: To ensure proper use, you can only generate one key per day. If you have urgent needs for generating more keys, you can contact ServiceDesk in Nets. (refer to chapter Contact.) For security reasons you should exchange the key according to your own security policies. The way to generate a new key is as described below in the chapter Key generation. Security aspects concerning the private key Nets cannot be held responsible for the consequences of insufficiently secure storage of the keys issued to you. As mentioned earlier, we recommend that you change the key with regular intervals. You are responsible for ensuring that this corresponds with the security policy of your company and, if necessary, replacing keys at shorter intervals. We advise you to ensure that the keys and copies of them are only accessible to those who need them for their work. If you suspect that your key has been deciphered or for any other reason can no longer offer the security required, contact Nets immediately.
Get started Sign in for the SFTP solution Submit a DL01 form with which you register for the SFTP solution. If you do not have them already, remember to order a chip card and chip card reader on the DL01 form. Remember that the form must be duly signed by all necessary parties. You will then receive the necessary material from Nets. If you have ordered a chip card, you can expect to receive it in approximately 5 working days after we have received your order. Material from Nets When we have received your application, you will receive material needed for the solution. To get access to Nets web page for key generation you either have to have a chip card from Nets or a Medarbejdersignatur from Nets DanID A/S. To obtain a Medarbejdersignatur you company has to be Danish with a Danish CVR-number.
Generate key Login to server Open your browser and select https://ft.pbs.dk The screen below is shown Select signature Click on OK If several certificates are shown, you can select one of them and click on View certificate to find the right one. Here is a list of your certificates Having chosen a certificate and pressed OK you will get access to enter your Password/PIN-code Enter password This screen may only be shown in the bottom of your command line with the text Smart Card PIN. If so press on the element and it will be shown on your screen. Enter the password and then press OK.
Login for key generation Having done the logon to the server, you can logon to the application for key generation by use of your User ID and password. Press Log På - Next screen occurs Enter User ID and passsword Enter User ID and Password Press Log på below the boxes for User ID and Password. Remark : When you log on first time the password is the same as your User ID. You will be asked to change your password. This must be at least 8 characters long. If you receive an error message, check that the information entered is correct. If necessary, click on Fortryd to delete all the input information. Then try again. If you enter an incorrect password 5 times in succession, your User ID will be blocked and you will no longer be able to log on to the system. Contact Nets ServiceDesk to have your password reset and your User ID unlocked. Start generating key Having logged on this screen will occur. Press nøgle generering Next screen occurs
Enter information DSA- or RSA-key 1: Select between "DSA nøgle" and "RSA nøgle". If you use one of Nets' SFTP clients, you always should select "DSA nøgle". If you use another SFTP client, you should refer to the specification for this software to select the key type. Enter and memorise passphrase 2: Complete the Pass phrase field. The pass phrase must be at least 6 characters long. The pass phrase is a code word for the encryption of the key sent to you. It ensures that you are the only person who knows the non-encrypted key. Important: You must memorise your pass phrase as you will need to use it later to move the key to the platform from which you are to perform your SFTP transmission. Enter email address Important : enter an email address that is under monitored regularly not your own private. Enter phone numberr Important : enter a phone number that monitored not your own private. We will use this phone number in special needs. Press Lav nøgle screen below appears
Key is being generated Wait while the key is being generated After a little while the picture below is shown Key is ready Press Nøgle Store the key Choose where you want to save the key and then click on Gem. You public key will be installed automatically in your mailbox at Nets. The public key is exchanged on the platform from which you perform SFTP communication. Hence, the first time you log on to the SFTP server, you will have to do so manually. See also the section Security aspects.
Change password Introduction When logging on to the system with your UserID, you can change the corresponding password. Your new password must be at least 8 characters long. A distinction is made between upper and lower case letters. How it works Being logged on press again Log på. Instead of entering User ID and password, press Skift password Enter your current password followed by the new password. Repeat the new password and press Skift password. Remark that your new password must be at least 8 characters long and that it is case sentive.
Contact Nets Servicedesk If you have problems you can contact our Servicedesk: Phone +45 44 89 73 73 Email-address it-servicedesk@nets.eu Office Hours Monday - Thursday: 08.30 16.30 Friday : 09.00 16.00