SSH2 File Encryption

I've seen tons of examples about how to encrypt a string using RSA encryption but doing so at the file level seems to have sparse examples.

I understand that the file is actually encrypted using a symmetric algorithm and only the symmetric key is encrypted using the asymmetric method and that encrypted key is packaged with the data. I just can't see any good examples of this that I know will work with an open standard.

What I really want to know is how can I ensure I implement this so that it conforms to the explanation found in the attached file? I need to be able to send files to the bank and make sure they can decrypt them properly.

SSH2 Encryption Description
LVL 22
Russ SuterAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
SSH does not do 'file encryption', it encrypts communication between a client and a server.  The description above is about SFTP which is FTP over SSH.  SSH and SFTP are implemented on almost all Linux machines and PUTTY provides an SSH terminal for Windows.  Filezilla and CoreFTP both provide SFTP.  Note that the server/receiver must have an SSH/SFTP server running for you to connect to them with SSH/SFTP.

If that text above is from your bank, you must make arrangements with them.
Russ SuterAuthor Commented:
I know what SFTP is and does.

If you read the text, it indicates that the file must be encrypted using the bank's public SSH key and then signed by our own private SSH key. Basically they're reusing the SSH keys to encrypt the files. What I'm trying to figure out is how do I encrypt the files using OpenSSH compatible methods in C#.
Dave BaldwinFixer of ProblemsCommented:
I'm pretty sure there are already .NET SSH libraries.  Here's one:  Google brought up a number of others.
PMI ACP® Project Management

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

Russ SuterAuthor Commented:
I don't need an SFTP library. I already have one. I need to use a public / private key pair to encrypt a file. That public / private key pair just happens to be the same key pair that is used to encrypt the SFTP session.
Dave BaldwinFixer of ProblemsCommented:
You could read the article and see that they have an SSH library and so do others.
Dave HoweSoftware and Hardware EngineerCommented:
That description doesn't make sense, even as sftp.

SSH has no mechanism to encrypt files - it is purely an encrypted comms protocol.  ssl is *both* a file encryption protocol AND a transmission encryption protocol (due to its x500 history) and is commonly associated with ftp as ftps, rather than encrypt-then-send

I have seen this done with pgp keys, and with x509 keys - encrypt-then-upload is a common mechanism for solutions where the security needs to be end-to-end rather than point-to-point - but it would not make sense to do this with ssh.

I would query the bank and enquire if they in fact meant SSL or PGP rather than SSH (if you global replace SSH with PGP in the above quote, it makes perfect sense and is in fact rather common, so I have a strong suspicion someone at the bank side has thought "we can do this with other protocols too, to round out the set" and taken the PGP wording and produced this nonsense....)
Russ SuterAuthor Commented:
I found a library here that has what I need. The one previously listed doesn't quite do the job.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Russ SuterAuthor Commented:
No other solution provided solved the inital problem as described.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.