Differences
This shows you the differences between the selected revisions of the page.
| file_encryption 2018-10-23 | file_encryption 2019-11-23 (current) | ||
| Line 1: | Line 1: | ||
| ====== File Encryption ====== | ====== File Encryption ====== | ||
| - | //The current beta version WinSCP// &beta allows you to seamlessly encrypt your files on an SFTP server using AES-256 encryption. | + | WinSCP allows you to seamlessly encrypt your files on an SFTP server using AES-256 encryption. |
| As part of session settings, you can [[ui_login_encryption|specify (or have WinSCP generate) an encryption key]]. WinSCP will then (by default) seamlessly encrypt all newly uploaded files and their names. | As part of session settings, you can [[ui_login_encryption|specify (or have WinSCP generate) an encryption key]]. WinSCP will then (by default) seamlessly encrypt all newly uploaded files and their names. | ||
| Line 13: | Line 13: | ||
| &screenshotpict(file_encryption) | &screenshotpict(file_encryption) | ||
| - | ===== Requirements on Server File System ===== | + | ===== [[files]] Encrypting Files ===== |
| - | Encryption of file names uses Base64 encoding. To preserve file names encoded in Base64 encoding, the target file system should be case-sensitive (Linux servers use case-sensitive file systems) or at least case-preserving (with a small risk of collision - Windows NTFS is case-preserving). | + | The following rules apply for encrypting files (assuming [[ui_login_encryption|file encryption is enabled in session settings]]): |
| + | |||
| + | * When overwriting an existing //unencrypted// remote file, the updated file is uploaded //unencrypted// too. | ||
| + | * When overwriting an existing //encrypted// remote file, the updated file is uploaded //encrypted// too. | ||
| + | * When uploading a new file, it is //encrypted// by default (can be changed in [[ui_transfer_custom|transfer settings]]). | ||
| + | * When creating a new folder, its //name// is //encrypted// by default (can be changed in default transfer settings). | ||
| + | |||
| + | You can identify encrypted files and folders using a [[ui_file_panel#special_files|lock overlay icon]]. | ||
| + | |||
| + | ===== [[requirements]] Requirements on Server File System ===== | ||
| + | |||
| + | Encryption of file names uses Base64 encoding. To preserve file names encoded in Base64 encoding, the target file system should be case-sensitive (Linux servers use case-sensitive file systems) or at least case-preserving (with a small risk of collision -- Windows NTFS is case-preserving). | ||
| The file system also needs to support reasonably long file names. Base64 encoding adds a 33% overhead to a filename length. Additionally, an encoded salt and the ''.aesctr.enc'' extension add another approximately 33 characters. | The file system also needs to support reasonably long file names. Base64 encoding adds a 33% overhead to a filename length. Additionally, an encoded salt and the ''.aesctr.enc'' extension add another approximately 33 characters. | ||