Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

Administering the keys of partner systems

&pagelevel(5)&pagelevel

Public keys are stored in the config directory of the instance file tree of the local openFT instance see section “Installation of openFT” (Unix systems) or section “Installation of openFT” (Windows systems).

The public keys of the partner systems have to be stored as files in the directory syskey of the instance file tree of the local openFT instance, see section “Installation of openFT” (Unix systems) or section “Installation of openFT” (Windows systems). The instance ID of the partner system must be selected as the file name.

You can import the public key of a partner system in the following ways:

  • You can call the ftimpk command and enter the name of the key file. openFT saves the key in the syskey directory and uses the partner's instance identification in the correct notation (lowercase) as the file name.

  • You can use the methods made available by the operating system to save the key file in the syskey directory under the partner instance ID name.
    In Unix systems the file name must not contain any uppercase characters. If the ID contains any uppercase characters, they must be converted to lowercase characters.

If an updated, public key is made available by the partner instance, the old key file must be overwritten at that time.

You can use the ftshwk command to display the keys of partner systems (option -pn) and filter these on expiration date (option -exp).

For Secure FTP, some special features apply, see section “Monitoring and controlling FT operation”.

Modifying the key attributes of partner systems

You can use the ftmodk command to modify the key attributes of partner systems by specifying an expiration date (-exp option) or modifying the authentication level (1 or 2, -al option):

  • If you specify an expiration date then it is no longer possible to use the key once this date has expired.

  • If you set authentication level 2 then openFT also performs internal checks. Level 2 is supported for all openFT partners as of Version 11.0B. Level 1 authentication attempts to this partner are rejected.

You can make these settings for a specific partner or for all partners, as you require, and modify them subsequently if necessary.

Powered by Atlassian Confluence and Scroll Viewport.