Secure FTP Upload

Recently a client of ours emailed us saying they had undertaken a security audit and the old method of uploading client data used standard FTP was not secure. They now needed to upgrade those systems to use Secure FTP so that client data uploaded to the internet was encrypted during transmission.

This was an extract of the old code written by me in 2014 -

Dim clsRequest As System.Net.WebRequest = System.Net.WebRequest.Create(New Uri(RemoteServerAddress)) 'e.g. "ftp//"
clsRequest.Credentials = New System.Net.NetworkCredential(FTPUsername, FTPPassword)
clsRequest.Method = System.Net.WebRequestMethods.Ftp.UploadFile
clsRequest.Proxy = Nothing

Dim bFile() As Byte = System.IO.File.ReadAllBytes(c:/test.txt)
Dim clsStream As System.IO.Stream = clsRequest.GetRequestStream()
clsStream.Write(bFile, 0, bFile.Length)

I looked on the net and found difficulty finding a simple solution. Eventually I found that WINSCP provide a really easy to use free .Net Assembly available here.

To install it to Visual Studio, I used the NuGet Package Manager, searched for WINSCP and then clicked install. Once installed I added Imports WinSCP to the top of the form and use code like this -

Dim sessionOptions As New SessionOptions
  With sessionOptions
      .Protocol = Protocol.Ftp
      .HostName = RemoteServer '(
      .UserName = FTPUsername
      .Password = FTPPassword
      .FtpSecure = FtpSecure.Implicit
      .TlsHostCertificateFingerprint = Fingerprint
  End With

Using session As New Session
   ' Connect
   ' Upload files
   Dim transferOptions As New TransferOptions
   transferOptions.TransferMode = TransferMode.Binary

   Dim transferResult As TransferOperationResult
   transferResult =
                    session.PutFiles("C:\test.txt", "\serverDestinationSubDirectory\", False, transferOptions)

   ' Throw on any error

   ' Print results
   For Each transfer In transferResult.Transfers
      Console.WriteLine("Upload of {0} succeeded", transfer.FileName)
End Using

You can obtain the Fingerprint from the Fingerprint of your FTPS/WebDAVS server TLS/SSL certificate to be automatically accepted (useful for certificates signed by untrusted authority). It will look something like this -

"b1:3a:16:ef:2d:f7:e5:02:49:11:a2:e7:2f:0f:a4:a8:ab:54:3c:b6" (The numbers have been changed to random numbers).

The code worked well and now I was able to use it to transfer files securely.

Comments are closed.