Your browser does not allow storing cookies. We recommend enabling them.


FTP-SFTP Conversion

Tectia Server for IBM z/OS provides a FTP-SFTP conversion feature which captures plaintext FTP connections initiated by an FTP client and converts them to SFTP before the file transfer is started. All user names, passwords, and data are then transferred in encrypted format.

FTP-SFTP conversion works transparently

Existing FTP connections, including automated file transfers, can be transparently converted to SFTP without the need to modify the existing scripts or applications. Users can keep working with their familiar applications and use the existing IDs and authentication methods.

Easy and cost-effective conversion

The FTP-SFTP conversion module allows easy and cost-effective replacement of plaintext file transfers in large enterprise environments. Existing FTP scripts and client applications need no modifications. Only the FTP server will be replaced with an SFTP server.

Existing FTP clients can be used

Any existing client with FTP functionality can be used as before:

  • Application hard-coded FTP

  • Script-based automated FTP

  • Interactive passive FTP, for example Windows Explorer FTP, web-browser-based FTP, command-line ftp, or FTP GUI applications.

Any Secure Shell server as counterpart

With Tectia Server for IBM z/OS (client tools), the FTP-SFTP conversion feature can connect to Tectia Server or any other Secure Shell server. When Tectia is used as the server-side counterpart, it can run on any supported platform: on Linux, HP-UX, AIX, Solaris, Windows, or IBM mainframe.

Easy filter rule configuration

Tectia Server for IBM z/OS can be configured to extract the user name, password, and destination host name from the secured FTP application, and to use them for authentication and connection setup on the Secure Shell SFTP server. The configuration is made as a filter rule in the Connection Broker configuration file, and the same rule can be defined to cover all FTP traffic. In large FTP environments, this simple rule setting can save the effort of defining hundreds of connection profiles which would otherwise be needed separately for each destination.


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more