LISTSERV at the University of Georgia
Menubar Imagemap
Home Browse Manage Request Manuals Register
Previous messageNext messagePrevious in topicNext in topicPrevious by same authorNext by same authorPrevious page (January 2007, week 3)Back to main SAS-L pageJoin or leave SAS-L (or change settings)ReplyPost a new messageSearchProportional fontNon-proportional font
Date:         Tue, 16 Jan 2007 17:24:00 -0500
Reply-To:     "Lamias, Mark (CDC/CCID/OD) (CTR)" <bnz6@CDC.GOV>
Sender:       "SAS(r) Discussion" <SAS-L@LISTSERV.UGA.EDU>
From:         "Lamias, Mark (CDC/CCID/OD) (CTR)" <bnz6@CDC.GOV>
Subject:      Re: Secure method of FTPing data
Comments: To: ben.powell@CLA.CO.UK
Content-Type: text/plain; charset="us-ascii"

Indeed, I've actually used PGP in the past to encrypt data using external calls (via the X command) to PGP's command line utility with the following macro:

/*Encrypt the CSV File Created in Previous Step*/ %macro encrypt; x "pgp -tea +force c:\HF\SASExtracts\Extract&todaydate..txt <&recipient>"; run; %mend; %encrypt;

%let recipient=mlamias@cdc.gov; /*The public key for PGP encryption*/ %encrypt;

Then, SAS automatically FTP's the encrypted file.

It worked well and met NIST standards for encryption and transmission of data at the time.

Mark J. Lamias SAIC Statistical Consultant Office of Informatics National Center for Preparedness, Detection, and Control of Infectious Diseases Coordinating Center for Infectious Diseases US Centers for Disease Control and Prevention

-----Original Message----- From: SAS(r) Discussion [mailto:SAS-L@LISTSERV.UGA.EDU] On Behalf Of ben.powell@CLA.CO.UK Sent: Tuesday, January 16, 2007 10:32 AM To: SAS-L@LISTSERV.UGA.EDU Subject: Re: Secure method of FTPing data

Thanks for the tip!

Rgds.

On Tue, 16 Jan 2007 05:22:07 -0800, MikeInWV <mikeslover@GMAIL.COM> wrote:

>If possible, look into using PGP software to encrypt the file before >sending it to an FTP server. You can obtain it from >http://www.gnupg.org > >One note---the recipient would need to have PGP and provide you with >their public key. I have recently gone through this process and it >works well. > > >ben.powell@CLA.CO.UK wrote: >> On Mon, 15 Jan 2007 20:50:50 -0800, daniel_coppin@BRADYCORP.COM wrote: >> >> >I am using the following code in SAS EG to send a pipe delimited file >> >to an external FTP site: >> > >> >filename create ftp "data.txt" >> > host="ftp.xxxx.com" >> > user="xxxx" >> > pass="xxxx"; >> >data _NULL_; >> > set TABLE1; >> > file create DSD DLM='|'; >> >if _n_ eq 1 then put "Account|Contact"; >> >put >> >AccountNo >> >ContactNo; >> >run; >> > >> >While I am happy that the FTP site is secure, I'm concerned that the >> >data may not be secure as it travels between the SAS server and FTP >> >site, and am looking for a way of making it more secure. >> > >> >I am unable to export the data first (and then zip/password protect it) >> >because of speed/bandwidth limitations. >> >> >> why not? This should take no more speed/bandwidth than creating the dataset >> in the first place? >> >> >> > >> >Is there any way to password encypt (either by zipping or not) a file >> >within SAS before sending it? >> > >> >Any help or advice is appreciated... >> >> >> FTP is an insecure protocol so you need to encrypt the file before it is >> sent. SAS has some options to do this, though since you are ftp'ing a >> dataset bolting on a 7z script would also make sense. Bear in mind you need >> a secure means to transfer the password... and keep that secure too, and >> the security for that... >> >> HTH.


Back to: Top of message | Previous page | Main SAS-L page