From WebarchDocs
Jump to navigation Jump to search

Information about SFTP access to Webarchitects shared hosting servers (Ecohost servers have FTP access, though SSH/SCP/SFTP access can be enabled, for now).

SSH File Transfer Protocol

Please note that SFTP uses a different protocol, on a different port, from FTP — you can't connect to a SFTP server using FTP, although many FTP clients also now support SFTP when you select SFTP as an option, for example SFTP#FileZilla.

(Also don't confuse S-FTP (FTPS) aka FTP SSL which is FTP over SSL or FTP over SSH with SFTP aka SSH File Transfer Protocol — we only support SFTP via sftp.)

You can mount a remote filesystem, which is available via SFTP, as part of your local filesystem, the method for doing this depends on which operating system your local computer is running. You can also use an application such as FileZilla, this is available for most systems. If you are using Android then the SFTP plugin for Total Commander has been reported to be one of the few clients that works.

On a machine with ssh installed you can use the command line, for example (change the user and probably the server name, in this example before trying it, see SFTP the server list for the server names):

sftp user@host2.webarch.net
  user@host2.webarch.net's password: 
  Connected to host2.webarch.net.
  sftp> ls
  logs         private      sites  


You can download FileZilla from the project web site or if you are running Linux it is probably in your list of available packages.

When you start FileZilla go to the Site Manager window and fill in the following details:

  • Host — whichever server your site is on, see the list below
  • Port — 22
  • Server type — SFTP – SSH File Transfer Protocol
  • Logon type — Ask for password
  • User — Your username

When you connect for the first time you will be asked to confirm the SSH fingerprint, please check these against the ones below.

SFTP Servers

SFTP / SSH fingerprints of the servers can be found in the webarch-ssh git repo.

SFTP Problems

Our servers are set to ban remote IP addresses after several failed login attempts — if you get your username and/or your password wrong several times in a row your IP address might get blocked, if you think this has happened please contact us so we can whitelist your IP address.

SSH Keys

We can add SSH public keys to accounts on shared servers and other servers we provide for clients, if you are able to upload your keys to git.coop or another site and provide us with the URL to your keys this is the easiest method for us to add and update keys.

If you are unable to make your SSH public keys available at a URL then you can send them to us by email as an attachment so we can add them.

Keys that are added via a URL are uploaded to ~/.ssh/authorised_keys.d/authorised_keys_X where X is a number, each key added is numbered and then all the ~/.ssh/authorised_keys.d/authorised_keys_* keys are added to the ~/.ssh/authorised_keys file.

This enables additional keys named ~/.ssh/authorised_keys.d/authorised_keys_Y, where Y is not a number to also be added without the danger of them being clobbered if they are directly uploaded to the ~/.ssh/authorised_keys file.

A README file is added to the ~/.ssh/authorised_keys.d directory explaining the above at the same time as keys are added to accounts.

Rsync over SFTP / SSHFS

You can’t use rsync directly with SFTP, however you can mount via SFTP and then use rsync, see the Q and A here.

An even better option is to use SSHFS to mount the filesystem locally and then use rsync, Linux distros come with SSHFS and it is also possible to install it on OS X, see the GitHub project.