In this tutorial, you will learn how to use SFTP with FileZilla to securely transfer and manage files on RunCloud server.
FTP is not secure
FTP (File Transfer Protocol) uses clear text for all transmissions. Anyone is able to read the FTP usernames, passwords, commands and data by packet capture (sniffing) on the network. By default, RunCloud Firewall blocks FTP (port 21) at your server. You are recommended to use SFTP for file transfer instead.
Tip: You can use RunCloud File Manager in RunCloud panel for simple file management.
What is SFTP?
SSH or Secure File Transfer Protocol (SFTP) is a secure file transfer protocol for file access, transfer, and management. It adapts the Secure Shell (SSH) protocol with encryption and secure authentication on both server and client.
SFTP provides two user-authentication options when connecting to your server: a)passwords or b)SSH2 key-based authentication. The SSH Keys is more secure than password.
What is FileZilla?
FileZilla is a free, open source FTP client that supports FTP, SFTP, FTPS. It is available for Windows, Mac OS X, and Linux. Download FileZilla Client.
SFTP via Passwords
- Open FileZilla client
- Open Site Manger by clicking the top left icon in menu bar, or press Ctrl+S
- Click New Site button and gives a name to the new site connection
- At the right side panel enter the following information:
- Host: [RunCloud server IP address]
- Port: 22
- Protocol: SFTP – SSH File Transfer Protocol
- Logon Type: Normal
- User: [System User’s username]
- Password: [System User’s password]
- Click Connect button to connect (OK button to save the connection)
- Accept fingerprint warning when prompt
- You are now connected to RunCloud server via SFTP using password
SFTP via SSH2 Key-based Authentication
If you have not yet create an SSH key pair, then follow one of the two tutorial below:
- Windows users: How To Use SSH Keys with PuTTY on RunCloud
- Mac and Linux users: Generating SSH Keys
Method #1
- Open FileZilla client
- Open Site Manger by clicking the top left icon in menu bar, or press Ctrl+S
- Click New Site button and gives a name to the new site connection
- At the right side panel enter the following information:
- Host: [RunCloud server IP address]
- Port: 22
- Protocol: SFTP – SSH File Transfer Protocol
- Logon Type: Key file
- User: [System User’s username]
- Key file: [select your SSH private key in .ppk or .pem format]
- Click Connect button to connect (OK button to save the connection)
- You are now connected to RunCloud server via SFTP using SSH key
Method #2
- Open FileZilla client
- In the Edit – Preferences menu, select SFTP under Connection
- Click Add key file… button to add your SSH private key (If your key is in OpenSSH format, FileZilla will prompt you to convert it to PuTTY’s PPK format)
- Click OK button to save setting and exit Preferences window
- Follow Method #1 above but select Interactive for Logon Type
Sources
https://wiki.filezilla-project.org/Howto
https://www.digitalocean.com/community/tutorials/how-to-use-sftp-to-securely-transfer-files-with-a-remote-server
Categories: Server Management, Tutorials
Is there any way to restrict each user to its home folder? In a way that they can’t browse other folders except theirs.
For example, runcloud user should only have access to /home/runcloud
Right now, it’s set in a way that you can browse on other folders without having any write permission. But you can still check files content.
For SFTP, each user only can browser their ‘home’ folder. They cannot browse outside of their home. For SSH, you try ‘rbash’
more info:
https://askubuntu.com/questions/267019/how-can-i-prevent-users-accessing-anything-but-their-own-home-directory
So where are the SFTP details?
Hey Kingsley, you can login to your website and use the username and password that you set up on RunCloud.