Security for SSH/SFTP

Edit online

Sterling B2B Integrator provides features to enhance the security of file transfers by using SSH/SFTP.

For improved security, do the following:

  • Limit login attempts (users are locked out if they exceed the limit)
  • Limit concurrent logins for each user
  • Limit total concurrent logins for server
  • Require authentication with password and public key
  • Restrict access to a certain user or group of users

The amount of information returned in response to most failed logins is limited to prevent unauthorized users from obtaining information about the server that could be used to circumvent security. For example, if a user is not in the list of allowed users, the error is “access denied.” This avoids confirming the validity of the user to someone who may be attempting to use someone else's credentials.