Encryption

Introduction

It is optional, but one of the features supported by the Wellhub SFTP Server is file encryption during upload and/or download.
Since we are dealing with sensitive data, this provides an extra layer of security.

Encryption is enabled for each SSH user. For example, you can have more than one SSH user managing the same company. One with encryption enabled and another without.
By default, a new SSH user will have encryption disabled for both uploads and downloads.

Note: Once encryption is enabled for file uploads, all files must be encrypted. Otherwise, the SFTP Server will reject them.
The same applies to file downloads. If encryption is enabled, all downloaded files will be encrypted.

Enabling encryption for file uploads

You can enable or disable encryption for uploaded files at any time through the Portal, on the "SFTP" page.

  1. Access the SFTP page (side Wellhub SFTP V2 - Getting started v2menu, "Settings," then "SFTP") in the Portal.

  2. Select an SSH user and click the arrow icon on the right.

  3. In the drawer that opens, select "Send encrypted files to Wellhub," enable the toggle, and wait for the "Settings saved" message.

sftp-se-enable-pgp-upload.png

  1. Click the "Copy" button. The Portal will provide a PGP Public Key. Copy and use this key to encrypt files before sending them to the SFTP Server.

Encrypting a file for upload

  1. Create a new file, for example pgp-key-wellhub.pub, and paste the key you copied in the previous step.

  2. Import this key by running the following command.

Terminal
1gpg --import pgp-key-wellhub.pub
  1. Now, you can encrypt a file using the PGP Public Key provided by Wellhub.

In the example below, from the recipient "ps@gympass.com.br", we are encrypting the file employees.csv using the key provided by Wellhub.
In this example, the result will be a new file called output.gpg. This is the file you can send to the SFTP Server.

Terminal
1gpg --encrypt --recipient ps@gympass.com.br --output output.gpg employees.csv

Enabling encryption for file downloads

To enable the SFTP Server to encrypt files for download, you need to enable encryption in the Portal and register your PGP Public Key, which will be used by the SFTP Server to encrypt the files before download.
First, we will generate a new PGP Key.

  1. Run the following command. You will be prompted for a name and email to associate with this key.
Terminal
1gpg --gen-key
  1. To view your public key for the new PGP Key, run the following command. Replace <RECIPIENT'S EMAIL> with the email used to generate the new key.
Terminal
1gpg --armor --export <RECIPIENT'S EMAIL>

Registering a PGP Public Key and enabling download encryption via the Portal

With the PGP Public Key that will be used by the SFTP Server to encrypt the files to be downloaded, enable download encryption in the Portal.
You can enable or disable encryption for downloaded files at any time.

  1. Access the SFTP page (side menu, "Settings," then "SFTP") in the Portal.

  2. Select an SSH user and click the arrow icon on the right.

  3. In the drawer that opens, select "Receive encrypted files from Wellhub," enable the toggle, and paste your public key in the appropriate field.

  4. Click "Save settings." Now, all downloads made through the SFTP Server using this same SSH user will be encrypted with your public key.

sftp-se-enable-pgp-download.png

  1. After downloading gympass-year-report.zip.pgp, for example, you need to decrypt it.

When you run the command, the file will be decrypted into a new file, in this case, called output.zip.

Terminal
1gpg --decrypt --output output.zip gympass-year-report.zip.pgp

Attention: PGP MDC

PGP MDC, which stands for Modification Detection Code, is a crucial security feature in OpenPGP used to verify the integrity of encrypted messages. In simpler terms, it helps you check if the message you received hasn't been tampered while in transit.

Why is PGP MDC important?

  • Ensures message authenticity: With MDC, you can be confident that the message you receive is exactly what the sender sent. If the code doesn't match, it indicates that the message content has been altered.

  • Prevents undetected modifications: Without MDC, even slight changes to the message content can go unnoticed. This is especially important for sensitive information.

  • Mitigates security vulnerabilities: MDC helps protect against attacks where someone might try to intercept and modify an encrypted message

The Wellhub SFTP system checks all PGP files MDC. The file will be rejected if the encrypted file sent to Wellhub has no MDC enabled.

Additional technical information:

  • Checking PGP MDC status depends on the specific software you're using.

  • Since 2003, MDC has been typically enabled by default for new keys in GnuPG. However, there is no direct way to check if MDC was used during encryption for older keys or messages received from others.

  • If messages lack integrity checks (no MDC), you'll encounter warnings during decryption. Newer GPG versions might require enabling workarounds to decrypt such messages, but this is highly discouraged for new messages.