I am developing both the client app and the cloud app.
When client updates data on the client, file needs to be sent to cloud, and visa versa.
So far I am using MBS CURLS in SSH mode (with a single key pair to establish sFTP transfer to cloud server) to transfer file to/from client PC to user private cloud folder.
It has been suggested that I should be concerned about using a single key-pair that needs to be published with the desktop app in order to establish sFTP connection with my server. Is this a valid concern?
Another suggestion is to generate a key-pair for each client. My concern with that approach is that I am thinking that these keys are used by the server to validate sFTP access, and this approach I think would cause me to manually enter each key-pair into the server for every client - this seem unscalable and hard to manage.
If I want many clients to establish secure sFTP file transfer between the client app and the cloud app what is the right way to implement that?