FTP-SFTP conversion is available in the EFT Expansion Pack for SSH Tectia Client and SSH Tectia Server on Linux, HP-UX, Solaris, and Windows platforms. The server-side host can also run SSH Tectia Server for IBM z/OS. The principle of FTP-SFTP conversion is shown in Figure 4.7. The following steps happen during the conversion:
An application, a script, or a user triggers an FTP file transfer.
The Original FTP client in the File Transfer Client host starts opening a file transfer connection to the original destination (Original FTP server in File Transfer Server).
The SSH Tectia Capture DLL captures the connection and redirects it to the FTP-SFTP Conversion module. The filter rules that specify which connections to capture are defined in the Connection Broker configuration. Connections can be captured based on the FTP application used and the destination address and/or port.
The FTP-SFTP Conversion module manages the FTP connection so that it remains unchanged from original FTP client's point of view. Plaintext FTP is converted to encrypted SFTP.
The SFTP connection is managed by the Connection Broker module.
The Secure Shell SFTP server in the File Transfer Server host is the end point of the file transfer.
The unsecured Original FTP server program can be eliminated from the server host.
For a sample use case, see FTP-SFTP Conversion.