How to set up SFTP automation for FTP/DMZ transfer

We are using SFTP through a single firewall for exchange of various files with third parties. To improve security, I have now segmented the FTP server from the internal network and added a second firewall. What can I use that will, in real time, transfer files from a server on a DMZ to the internal FTP server without providing access to third parties? 

    Requires Free Membership to View

I am assuming you are looking for some form of SFTP automation when it comes to sending files between the server in the DMZ and a local server. There are a couple of ways to facilitate this FTP/DMZ transfer. The easiest would be to leverage public key authentication.

Assuming your DMZ server is the target to push and pull files from the internal system, generate a key pair using ssh-keygen on your internal system. Do not specify a password when created. Move the public copy of this key pair ( and append it to the end of the authorized_keys file on the server. Once that is done, you should be able to automate the SCP or SFTP transfer of the file without it prompting you for the password.

The system is able to support this is because you have the corresponding private key on the internal server whose public key is authorized on the DMZ server. In this technique, it is crucial to keep the private key safe. Also, ensure only the internal host is authorized to make the file transfer request to the host on the DMZ and not vice versa.

This was first published in August 2011

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: