SFTP: A More Secure Replacement for FTP

In order to upload files to the riseup.net webserver, you will need a SFTP client. We do not allow FTP access, because it is too insecure. For those who are accustomed to FTP, we understand it may take some time to get used to a new program, but hopefully the interfaces are similar enough that learning the new program won’t take too long.

First, some terminology:

Using SFTP with riseup.net

In general, when using SCP or SFTP, you need to use the following info:

Changing the SFTP Password

There are two kinds of accounts:

To change your SFTP account password:

  1. login at hosting.revolt.org
  2. click the link Accounts under the heading FTP
  3. click on the Change password link next to your username (not the change password link which is on the top left of the page).
  4. fill in the form and click Change password to confirm.

Windows

The best tool for securely moving files around in Windows is WinSCP:

It’s opensource/free and does both SFTP and SCP. It has a very similar feel to FTP you may have used in the past. It should automatically choose port 22. You can use either the SCP or SFTP protocols.

For other tutorials and help, type “winscp tutorial” into your favorite search engine (without the quotes).

Mac OS X

There are two good Free Software SFTP programs for Max OS X:

Mac OS 9

The options for Mac OS 9 are very limited, but these two programs will work:

Linux

Command Line Tools

On Windows, Mac OS X, and Linux you can also use several command line tools to copy files to the web server. If you have a Mac or Linux, these programs are already installed.

rsync

rsync is a fantastically complex and useful swiss army knife for copying files.

rsync allows you to intelligently copy just the files which have changed. Very briefly, suppose you wanted to syncronize your local files with the remote files on the server:

rsync —delete —verbose -a /path/to/local/files/ username@username.revolt.org:/var/users/webs/username

Be careful when using the —delete option, since this can remove all the remote files if you specify the options wrong. Also, the thing which is most confusing about rsync is that when specifying the source directory, a trailing slash on the pathname will make a big difference in which files are selected. The brief rule is this: without a trailing slash, the source directory itself is selected to be copied; with the trailing slash, the contents of that directory are selected.

scp

scp is a command line tool for copying files remotely. It is easier to use then rsync, but has less features.

The general form of the command is:

scp : @:

Example 1: upload
To upload smash.txt from my local harddrive to the webserver:

scp local_path/smash.txt username@revolt.org:smash.txt

Example 2: download
To get smash.txt from the webserver and download it locally:

scp username@revolt.org:smash.txt .

The dot at the end means “use the current directory”.

To copy smash.txt from my web directory on resist.ca and put it in my local /temp directory while renaming the file to smash2.txt, I can type:

scp username@revolt.org:smash.txt /temp/smash2.txt

Example 3: wildcards

You can also use wildcards like * to copy .txt etc:

scp -r my_local_html_files/ username@revolt.org:later

This will recursively copy everything in the directory “my_local_html_files” to a directory on the webserver called “later”.