Portal Home > Knowledgebase > Articles Database > Setting up SFTP with my VPS
Setting up SFTP with my VPS
| Posted by RobInRockCity, 02-09-2015, 07:06 PM |
| I would like to set up an SFTP client to securely upload/download files to/from my VPS.
It seems to me that someone I chatted with several years ago said that there are "good" and "bad" ways to do this, and that there is more than just installing an SFTP client and entering in configuration values.
I also recall hearing about differences between using keys and login credentials.
Could someone help me understand what all is involved with this, and not only how to get started, but things I want to avoid?
(Security is of the utmost importance, so I would rather do things the trickier way and be more secure versus doing a "quick install" and not being as secure!)
I am on a MacBookPro and am thinking that Filezilla might work? My VPS runs CentOS 6.
Thanks,
Rob
|
| Posted by chenetwork, 02-09-2015, 07:29 PM |
| SFTP is nothing more than transferring files over the SSH protocol so you don't need special software other than sshd running (OpenSSH on a linux machine). What you may want to do is configure a special shell in a different location than the standard shell with no access. This way you don't provide regular shell access and that user can only do file transfers.
|
| Posted by Squidix - SamBarrow, 02-09-2015, 07:40 PM |
| The default OpenSSH setup is fine, just don't allow root access.
You can use filezilla or winscp.
|
| Posted by RobInRockCity, 02-09-2015, 08:24 PM |
| So OpenSSH is what would be on CentOS 6?
Don't I need to secure it?
Can you explain this a bit more. (I have heard the term "shell" lots, but don't really know what it means...
---
My bigger concern is on my side.
For example, I believe Mozilla can use SFTP, right? But don't I need to create some special "hand-shake" between my client and the server the first time so things don't get hi-jacked?
Rob
|
| Posted by chenetwork, 02-09-2015, 08:40 PM |
| OpenSSH is the default shell program for CentOS 6. That will work.
SSH stands for Secure Shell which means it's already encrypted.
Via the "shell" is how you access the Linux command line. You can turn off direct root access via the shell which you'll want to do. You can also make the default shell something else so that people cannot access the command and instead, have a user that can only use it for SFTP.
If you have an SFTP client such as filezilla, Cyberduck or Interarchy, all you have to do is put in the server's credentials with a valid user name and password and the connection will be secured. There handshake is handled by the software and nothing you need to do manually. It works similar to how accessing an https website via SSL does. You can also setup a hash based access so that if you have the hash on your end that matches the server's, you don't even need to use a password. It's called Keyed-access.
Here are a couple of tutorials that explain more:
http://wiki.centos.org/HowTos/sftp
http://www.how2centos.com/setup-sftp-server-centos/
|
| Posted by net, 02-09-2015, 09:39 PM |
| Moved > Hosting Security and Technology.
|
| Posted by Madbunny, 02-09-2015, 09:44 PM |
| Yes, please do that. Few things you can do:
1. remove password for ssh and instead use keys
2. change default ssh port
3. create non-root user and check what he can do
4. i like (and trust) more WinSCP then Filezilla
5. ... People with better knowledge can suggest few other things
Profit
|
| Posted by LVPSHosting, 02-10-2015, 04:26 AM |
| You can also use SCP, means that you can securely transferring files. It is based (and use the encryption and security) on the SSH protocol.
|
Add to Favourites 
Print this Article
Also Read
DNS Setup (Views: 779)