RSA Admin

Drawback of the Sftp agent?

Discussion created by RSA Admin Employee on Jan 3, 2008
Latest reply on Mar 5, 2008 by David Bruskin
For the collection of Apache and Websphere logfiles on Windows 2003 we use the NIC sftp agent as described in the device configuration manual. This works fine. However we encountered some drawbacks. The SSH keys have to be imported in the profile of the account that runs the sftp service. This has the following consequences: 1. The service account has to have a profile (to store the keys) 2. The service account has to have its password set to "never expire" We don't want service accounts to have a profile. We don't want to give them the right to log on to the console at all. If we give the account a profile we have to comply to the password policy and change the password of the sftp service accounts every 90 days. That is why point 2 is not an option. How do you use this agent in relation to the account it runs with? Is there a way to use FTP to upload the logfiles? The older versions of enVision did not use Sftp, but standard ftp, Does anyone have this agent? I don't and it is not possible to download it from the support site? Best regards, Pim

Outcomes