You can upload files in the Spend Cloud to have them automatically processed in the import planning. To make the uploading process of these files as automated and secure as possible, it is recommended
to upload these files via SCP upload using puclib/private key authentication. The following steps explain how to establish the connection.
The paths and file names can be changed to the name you see fit.
Is uploading files via SCP safe?
Uploading files via SCP (Secure Copy Protocol) is generally considered a secure method. SCP uses SSH (Secure Shell) to transmit data securely between computers. Here are some reasons why SCP is safe:
- Encryption: SCP utilizes the same encryption standards as SSH. This means that data is encrypted during transfer, preventing third parties from intercepting and reading the files.
- Authentication: SCP relies on SSH authentication, which requires either a username and password or an SSH key to access the server. This reduces the risk of unauthorized access. Above, you could read about how to generate and apply this SSH key.
- Integrity: Since SCP operates over SSH, it benefits from SSH's capabilities to ensure data integrity. This means that if the data is tampered with during transmission, it can be detected.
- Simplicity: SCP is straightforward and direct, which means there is less room for configuration errors that could undermine security.
While SCP is generally secure, there are a few considerations:
- Trusted SSH Keys: Ensure that your SSH keys are well-managed. Loss or theft of a private key can lead to unauthorized access.
- Server Security: SCP's security is dependent on the underlying SSH configuration and the security of the server to which you're uploading. If the server is vulnerable, SCP could also pose risks.
- Alternatives: For some use cases, alternatives like SFTP (Secure File Transfer Protocol) and rsync over SSH offer similar or better functionalities, potentially with more control over the transfer, such as resuming interrupted transfers.
In summary, SCP is a secure method for file transfer, provided it is properly configured and used in a secure environment.