SFTP

From WebarchDocs
Jump to: navigation, search

Information about SFTP access to Webarchitects and Ecodissident shared hosting servers (Ecohost servers have FTP access, though SSH/SCP/SFTP access can be enabled, for now).

SSH File Transfer Protocol

Please note that SFTP uses a different protocol, on a different port, from FTP — you can't connect to a SFTP server using FTP, although many FTP clients also now support SFTP when you select SFTP as an option, for example SFTP#FileZilla.

(Also don't confuse S-FTP (FTPS) aka FTP SSL which is FTP over SSL or FTP over SSH with SFTP aka SSH File Transfer Protocol — we only support SFTP via sftp.)

You can mount a remote filesystem, which is available via SFTP, as part of your local filesystem, the method for doing this depends on which operating system your local computer is running. You can also use an application such as FileZilla, this is available for most systems. If you are using Android then the SFTP plugin for Total Commander has been reported to be one of the few clients that works.

On a machine with ssh installed you can use the command line, for example (change the user and probably the server name, in this example before trying it, see SFTP the server list for the server names):

sftp user@host2.webarch.net
  user@host2.webarch.net's password: 
  Connected to host2.webarch.net.
  sftp> ls
  logs         private      sites  
  sftp>

FileZilla

You can download FileZilla from the project web site or if you are running Linux it is probably in your list of available packages.

When you start FileZilla go to the Site Manager window and fill in the following details:

  • Host — whichever server your site is on, see the list below
  • Port — 22
  • Server type — SFTP – SSH File Transfer Protocol
  • Logon type — Ask for password
  • User — Your username

When you connect for the first time you will be asked to confirm the SSH fingerprint, please check these against the ones below.

SFTP Servers

Following are the SSH fingerprints for the various servers.

webarch1.co.uk

 1024 SHA256:tnmHntWG30fbhOwExQ0ZKgpWpIYt7gYpGgR8m/3xisM (DSA)
 256  SHA256:PlL5Ex8k8sMn57GZa+8jr3il5LyB9osWu1MoMSUAlNA (ECDSA)
 256  SHA256:YS5euQzn+tskGwhoUMJjonKoq6cUIt09ofDBayfhnts (ED25519)
 2048 SHA256:QI1ALRSfqNirgnrvhA1oI2xMPzKv6SIxpX9QMESivBo (RSA)

host-b.ecodis.net

 1024 45:74:b1:53:ad:37:15:3a:a3:7f:d1:1f:2b:72:2c:af (DSA)
 256  29:63:78:eb:4b:11:49:cb:7d:58:56:0a:b6:1e:02:d4 (ECDSA)
 256  a7:15:be:8b:51:3e:20:00:59:ef:f1:81:7d:14:f6:41 (ED25519)
 2048 98:52:0a:d1:6f:e4:13:8f:8c:29:69:3b:6e:c0:51:03 (RSA)

host3.webarch.net

 1024 80:c0:17:e0:a6:9f:73:b0:9c:a1:0f:da:30:20:d2:ef (DSA)
 256  3b:75:cb:de:62:08:f3:28:bc:39:a2:2d:7f:4a:d6:7f (ECDSA)
 256  3c:12:c4:6c:10:90:bc:6a:c7:56:10:83:99:36:eb:c1 (ED25519)
 2048 1d:9a:6f:74:54:b3:f4:16:c2:e8:54:1c:f3:a8:65:6d (RSA)

host2.webarch.net

 1024 56:ba:c0:04:40:5e:1c:de:4d:ea:61:8c:37:af:c0:f6 (DSA)
 256  91:8b:c5:69:f1:76:cf:f7:20:e9:cc:d3:d1:54:2c:a6 (ECDSA)
 2048 49:15:fb:f8:1e:0d:23:d6:95:61:04:5c:11:a4:2f:17 (RSA)

host1.webarch.net

 1024 e6:02:cb:af:89:24:75:ca:3c:43:7c:a3:37:40:2b:33 (DSA)
 2048 94:14:43:27:7d:68:59:ac:28:31:66:e7:9b:34:f2:30 (RSA)

hosting.webarch.net

 1024 d5:bb:14:01:9b:74:10:f6:5c:19:b4:8c:56:54:77:e9 (DSA)
 2048 da:6a:80:38:a2:b2:c5:bf:da:1a:9e:d6:71:a4:e6:b7 (RSA)

web1.ecohost.coop

 1024 d6:d4:c9:f9:24:cd:21:96:bd:84:b5:07:90:ac:c2:ba (DSA)
 2048 43:3d:22:2b:c5:2e:b7:26:8c:c7:09:55:08:e1:ff:e1 (RSA)

web2.ecohost.coop

 1024 e8:04:cd:36:b1:27:1c:c1:d3:0f:17:82:bd:f0:f4:d6 (DSA)
 2048 75:81:e4:36:95:dc:3e:79:4e:8c:a5:f7:11:6b:de:51 (RSA)

host-a.ecodis.net

 1024 17:9c:0d:a4:7f:ca:a4:e5:0a:0a:af:39:be:56:ea:66 (DSA)
 2048 c1:c0:05:f7:6f:5d:9b:11:08:16:2f:d5:9e:bc:93:14 (RSA)

SFTP Problems

Our servers are set to ban remote IP addresses after several failed login attempts — if you get your username and/or your password wrong several times in a row your IP address might get blocked, if you think this has happened please contact us so we can whitelist your IP address.

SSH Keys

To save typing the password you can upload a ~/.ssh/authorized_keys file, first generate a key pair (you have the option to protect your private key with a passphrase, it’s best if you do but it’s optional, this is not the same as your hosting account password):

ssh-keygen -t rsa -b 4096

Then copy the ~/.ssh/id_rsa.pub to ~/authorized_keys and upload this file:

cd 
cp .ssh/id_rsa.pub authorized_keys 
sftp user@host2.webarch.net
  sftp> cd .ssh/
  sftp> put authorized_keys 
    Uploading authorized_keys to /.ssh/authorized_keys
    authorized_keys                          100% 4651     4.5KB/s   00:0

Now you can connect on the command line without having to type your account password. This is especially useful on servers where the MySQL and SFTP password are linked.

Rsync over SFTP / SSHFS

You can’t use rsync directly with SFTP, however you can mount via SFTP and then use rsync, see the Q and A here.

An even better option is to use SSHFS to mount the filesystem locally and then use rsync, Linux distros come with SSHFS and it is also possible to install it on OS X, see the GitHub project.