Ssh And Sftp

Posted on by



Both sftp-server and internal-sftp are part of OpenSSH. The sftp-server is a standalone binary. The internal-sftp is just a configuration keyword that tells sshd to use the SFTP server code built-into the sshd, instead of running another process (what would typically be the sftp-server). SFTP (SSH File Transfer Protocol) is a secure file transfer protocol. It runs over the SSH protocol. It supports the full security and authentication functionality of SSH. SFTP has pretty much replaced legacy FTP as a file transfer protocol, and is quickly replacing FTP/S. It provides all the functionality offered by these protocols, but more. In this short video I will walk you though the steps of SFTP services installation on Server 2019, Major steps are below 1. Add OpenSSH Server feature2.

  1. Sftp File Transfer Protocol
  2. Difference Between Sftp And Ssh
  3. Ssh And Sftp Hack Mac

SSH key pairs allow an additional level of security that can be used in conjunction with the SFTP protocol.

Key pairs are typically created by the client, and then the resulting public key is used by Core FTP Server.

Core FTP products use the OpenSSH SSH2 format, that can be generated using Core FTP software, or via the ssh-keygen utility.

Core FTP client -- creating a key pair
Step 1: Advanced site settings -> ssh


Step 2: Entering key information


Step 3: Selecting private key into client site profile


Additionally if no account password is being used for the server, check the Advanced -> General -> 'Don't prompt for password when empty' option.


ssh-keygen usage: (Unix/Linux)
rsa keys: ssh-keygen -t
dsa keys: ssh-keygen -t dsa
For Unix/Linux, dsa keys may be the preferred method due to better compatibility across operating systems.
Putty users using psftp need to export OpenSSH public keys using Puttygen


Entering public key into Core FTP Server
Once you have created a key pair, the public key file is then placed in a directory on the server that cannot be accessed by the client account.
Select the public key file in the Core FTP Server's user 'security properties', in the 'ssh pub cert' field.

The server will need the 'Allow key authentication' option checked in the domain setup.


For SSH key pairs and no account password, the 'Key authentication only' option should be checked. Users not using keypairs can bypass the public key requirementby selecting the 'User does not require key authentication' in the user's 'security' settings.


A SSH key pair can be created on the server side from the above screen, but it is not recommended due to the security issues involved in sending the private key and it's password to the client. A public key being passed from a client to the server (administrator) is a much better option from a security standpoint.

Example of a public key (file contents):AAAAB3NzaC1yc2EAAAABIwAAAIEA153PICRN2+viqQ2570jEfUPcWgknD079wX/QtdF0lIbMaOYeMba9jf/qqmfuWYSybNmpSxMZiyjbKDvH+iZ/iT0MwrK9x19Zkjb8nXugWtOOJSwiHc48DSwMkLDdbVdG/BvstHbBquBdQNkJz+VDxFO+P3TcfYbIsvx+YFxnbLU=
or
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA153PICRN2+viqQ2570jEfUPcWgknD079wX/QtdF0lIbMaOYeMba9jf/qqmfuWYSybNmpSxMZiyjbKDvH+iZ/iT0MwrK9x19Zkjb8nXugWtOOJSwiHc48DSwMkLDdbVdG/BvstHbBquBdQNkJz+VDxFO+P3TcfYbIsvx+YFxnbLU=
The '=' character should be the last character in the public key. Multiple keys can be in one file, one per line. Begining characters identifying the key type at the beginning (rsa or dsa) are acceptable and read by Core FTP Server.
Keys should be in multibyte format.

Core FTP software utilizes SSH2 and greater versions of SSH...SSH1 is not supported

Core FTP Server Build 405 and greater supports RFC 4716 SSH formatted keys

ssh keys

There are different ways to connect to your application remotely, some more secure than others. Two secure methods which we like to use ourselves are Secure Shell (SSH), and Secure File Transfer Protocol (SFTP). Both methods are supported over all our server plans include SSH and SFTP access.

Video Tutorial — How to Connect via SSH on Windows

Video Tutorial — How to Connect via SFTP on Windows

What is SSH?

Sftp

Secure Shell provides strong authentication and encrypted data communications between two computers or servers connecting over an open network such as the internet. This means that any device in the middle is unable to decipher the communication because only your end device/server is able to decrypt the information exchange.

Tip

You can also run additional tools such as Composer, Git, WP-CLI for WordPress, and database queries using SSH.

What is SFTP?

SFTP stands for Secure File Transfer Protocol (also known as SSH File Transfer Protocol). It is a file transfer protocol such as FTP yet operates over a secure network protocol like SSH. We highly recommend using SFTP for file transferring because:

  • It adds a layer of security.
  • Transferred data is encrypted, so it is not sent in clear text.

How to Connect to Your Application Using SSH/SFTP

Prerequisites

To connect to your server or application using SSH, you will need the following:

  • Master username or Application username.
  • Password
  • Public IP address (also known as Server IP)

We will help you locate this information on your Cloudways Platform in the next steps. Please note that the Master user has SSH access enabled by default; however, you need to manually enable SSH access for the application user(s).

SSH/SFTP — Accessing the Credentials

There are two types of credentials (Master credentials and Application credentials) on the Cloudways Platform that you can use to connect to your application. Usually, team members are provided with application credentials by the website owner. So, which credentials will you be using?

Important
  • If you are using Microsoft Windows you will either need to enable WLS (Windows Linux Subsystem) or else use a free third-party tool such as PuTTY . Alternatively, you can also use the built-in SSH Terminal of Cloudways Platform.
  • You need an SFTP client to connect to your server remotely. In this demonstration, we are using a free third-party tool called FileZilla , which is available on Windows and macOS, but you can also use any other client. Please make sure to download such tools only from their official website to always get the latest available version.
Using Master Credentials

Log in to your Cloudways Platform using your email address and password.

Ssh
  1. From the top menu bar, open Servers.
  2. Then, choose the server you wish to connect.
  1. Under Server Management, you can find your Public IP address, username, and password. Be sure to take note of it.
Tip

Click on credentials to copy it on the clipboard.

Using Application Credentials
Ssh And Sftp

Log in to your Cloudways Platform using your email address and password.

  1. From the top menu bar, open Servers.
  2. Then, choose your server where your desired application is deployed to view application credentials.
  1. Next, click www.
  2. Choose your desired application’s name.
  1. Under Application Credentials, you can find your Public IP address, application username, and password. Be sure to take note of it.
Tip
  • Click on credentials to copy it on the clipboard.
  • If there are no credentials, then you can create application credentials.

Below, you will find information about initiating connections using SSH and SFTP separately.

SSH (Microsoft Windows) — Initiating Connection
  1. Launch PuTTY client and enter your Host name (Server Public IP address).
  2. Input Port 22, which is also the standard TCP port for SSH.
  3. Click Open.
  1. You may see an RSA2 key prompt if this is your first time connecting to the server. Click Yes to make this a trusted host for future connections.
SSH (Microsoft Windows) — Logging in to Server
  1. Here, you need to input your master or application username, which you previously noted.
TipSsh
  • To paste the copied item in the terminal, tap right-click once.
  • The terminal screen will only work with arrow keys for navigation, not with a mouse.
  1. Next, input your password. Please note that no character will appear as you type the password due to security reasons.
  1. You are now connected to your server via SSH. Now, you can run commands such as ls to list and navigate your files and directories.
Important

If you are using the Master Credentials, you will need to browse to your target application folder. If you are using the Application Credentials, you will land directly in the respective application folder.

SSH (Linux/macOS) — Logging in to Server

We won’t require any external SSH client for Linux/macOS, although you are free to do so if you already have some preferred 3rd party application. In this example, we are using Linux (Ubuntu).

Sftp File Transfer Protocol

  1. Open your terminal and execute the following command. Username refers to a master username or application username, and the hostname is your Server Public IP address. By default, the SSH connection is initiated using port 22.

Example: ssh master_ojnokgldl@192.168.0.1

Note: you can also point your SSH client to which private key should be used by using the -i identity switch as follows:

Tip
  • The terminal screen will only work with arrow keys for navigation, not with a mouse.
  1. You may see an RSA key prompt if this is your first time connecting to the server. Type yes to make this a trusted host for future connections.
  1. Next, input your password. Please note that your password will not become visible due to security reasons.
  1. You are now connected to your server via SSH. Now, you can run commands such as ls to list and navigate your files and directories.

Difference Between Sftp And Ssh

Important
  • If you are using the Master Credentials, you will need to browse to your target application folder. If you are using the Application Credentials, you will land directly in the respective application folder.
  • Please note that SSH is a potent tool, and advanced users use it. Executing wrong instructions may break your website and delete the critical files; therefore, we recommend using it with extra care and always take a backup of the application you are working on or take a whole server backup always to restore if needed.
SFTP — Initiating Connection

Ssh And Sftp Hack Mac

Sftp
  1. Launch FileZilla client and enter sftp://server-ip-address in Host. By writing sftp:// , you are ensuring that the SFTP connection is formed.
  2. You need to input your master or application username, which you previously noted.
  3. Next, input your password.
  4. Set Port 22.
  5. Finally, click QuickConnect.
  1. You are now connected to your server via SFTP. Now, you can drag and drop files and folders between your personal computer and your server.
Important
  • If you are using the Master Credentials, you will need to browse to your target application folder. If you are using the Application Credentials, you will land directly in the respective application folder.
  • If you face any permission-related issues, then you can also reset your file and folder permissions.
That’s it! You have learned how to connect to your application(s) using SSH and SFTP remotely. If you are having trouble building remote connections, please feel free to contact us via LiveChat or open a support ticket so that our support heroes can assist.