Secure FTP transfers

Getting images, files and folders onto and off a Slice can cause difficulties with concerns about security.

This article takes a look at SFTP - part of the SSH package - as a way of securely transferring files to your Slice.

---

Installation

SFTP (SSH File Transfer Protocol) is part of the SSH package.

In other words, there is nothing to install as it is ready to use.

Configuration

There is also nothing to configure.

Once you have setup your user(s) and configured SSH for your needs, SFTP uses the same usernames and ports.

Please see the Slice setup articles for more details of the initial Slice configuration - Ubuntu Hardy - Slice setup #1

Security

As mentioned, SFTP uses the SSH protocol to connect to your Slice.

As such, the connection and all data is encrypted to prevent any eavesdropping of passwords or sensitive data.

SFTP Client

We can start by looking at an SFTP client.

The 'client' is a programme on your local workstation. I won't go into listing all the available SFTP clients but suffice to say that the vast majority of modern FTP clients also support SFTP (keep in mind SFTP does not use the 'typical' FTP protocols and so some older FTP clients may not support SFTP).

You can search for SFTP clients for Windows, OS X, Linux or other Operating Systems.

Due to the vast array of clients available I can't go into how to use each one (they should have plenty of documentation with the software).

However, the preferences/options panel will allow you to enter the SFTP details.

Take a look at this example:

If you have followed the setup articles (see the link above) you will notice the details are the same as those we used to setup SSH.

We have the Slice IP, the user named 'demo', we are using port 30000 (the same port we set in the sshd_config file).

The protocol has been specified as SFTP - this particular client has several options available.

Lastly, you should be able to set the path for the UI. In this case, I want to open the client in my home partition.

Once I have submitted the information, I am connected to the Slice:

Note: In this case I have accessed the Slice at the root folder level. As such, you can browse the folders as shown above.

Most clients will allow you to 'double click' on a file and edit it in a local browser.

Permissions

Which brings us nicely to permissions.

Do remember that you are using the same details as the SSH user - as such they won't be able to automatically edit files owned by root.

All that would happen is a nice 'permission denied' error if you tried to open or save any changes to a root owned file.

So what to do about the permissions?

Well, to be honest, there isn't a lot you can do about it. The permissions are there for a good reason and are an integral part of Linux and how it is designed.

Neither do I recommend logging in as root - part of the initial SSH setup entailed disabling root logins.

However, beyond the initial Slice setup, there should be little reason to mess around with files owned by root and any changes in configurations would be done from the command line using the 'sudo' command.

The main reason for using SFTP clients is to ease the transfer of files - most of which will be to your public_html folder which you will have permission to write.

Summary

Secure FTP connections are very easy when using SFTP - it is already installed as part of SSH and all you need is a client that supports the SFTP protocol.

Transferring files and folders to your home directory has never been easier or more secure.

PickledOnion