Automatically PGP Decrypt Files Upon Download from FTP Server

Enable your file transfer client to automatically decrypt PGP encrypted files downloaded from a FTP server.
  1. Blog

Overview

AnyClient has a special feature that allows it to automatically decrypt OpenPGP encrypted files upon download. This can cut down the number of steps for decrypting files, which normally involves using a separate OpenPGP encryption/decryption tool like GPG.

Prerequisites

If you aren't familiar with how OpenPGP encryption works, I suggest you read the post Securing Data at Rest with OpenPGP first.

Before you can decrypt a file that was encrypted with your public key, you will need your private key. Since the private key typically comes in the form of a password-protected file, you will therefore need: 1) the private key and 2) the key's corresponding password.

Figure 1

pgp decryption

Configuring AnyClient for PGP decryption

Note: If you are encrypting files with keys of 1024 bits or higher then you may need to install the Unlimited Jurisdiction Policy files for your JVM. Upon installation you will need to restart your instance of AnyClient.

Download Unlimited Jurisdiction Policy files for Java 7

Download Unlimited Jurisdiction Policy files for Java 6

Once you already have your PGP private key and its corresponding password, the next step would be to configure your AnyClient for PGP decryption. Let's move on to that part now.

Launch AnyClient and click Connect.

Figure 2

anyclient connect

Select a site from the Site Manager and then navigate to the PGP tab. I will assume you've already entered the appropriate settings to connect to your FTP server.

Figure 3

pgp ftp

Make sure the Enabled checkbox is ticked and then specify the following settings:

Filename regex - A regular expression for identifying PGP-encrypted files. For example, you can use: .*\.(pgp|gpg). This regular expression will act on files with the extensions .pgp and .gpg, which are the common filename extensions of PGP-encrypted files.

Private key - The path of your private key. You can navigate to the key file's path by clicking the Select button.

Password - the private key's password.

Figure 4

pgp settings

Downloading and decrypting PGP-encrypted files

After you're done configuring those settings, your AnyClient should be ready to decrypt PGP files that were encrypted with your public key. Here are some screenshots showing a typical download of a PGP-encrypted file.

Figure 5

downloading pgp file

Figure 6

decrypted pgp file

Notice that there are two files: the PGP-encrypted file (with the extension .pgp) and the decrypted file. If you don't want to keep the encrypted file, you can set AnyClient to automatically delete it right after the decryption process. Just tick the checkbox labeled Delete Source in the PGP tab of your AnyClient.

Summary

PGP file encryption is an important security countermeasure that can help you protect sensitive files from unauthorized access.

JSCAPE MFT Server is a managed file transfer server with support for automatically securing data at rest on the server side using PGP encryption.

AnyClient's automatic decryption feature simplifies an otherwise complex process of decrypting PGP-encrypted files that are downloaded from a secure file transfer server.

Still don't have JSCAPE MFT Server?

JSCAPE MFT Server comes with a fully-functional evaluation edition which you can download right now.