SFTP: A More Secure Replacement for FTP¶

In order to upload files to the riseup.net webserver, you will need a SFTP client. We do not allow FTP access, because it is too insecure. For those who are accustomed to FTP, we understand it may take some time to get used to a new program, but hopefully the interfaces are similar enough that learning the new program won’t take too long.

First, some terminology:

SFTP: Secure File Transfer Protocol (SFTP) is a replacement for FTP which encrypts the data transferred between your computer and the web server.

SCP: Secure CoPy (SCP) is another way to encrypt file transfers, but has less bells and whistles. Only one whistle.

SSH: Both SFTP and SCP are built on top of SSH (Secure SHell). With a SSH client, you can get a command line login to the webserver.

Using SFTP with riseup.net¶

In general, when using SCP or SFTP, you need to use the following info:

Host: username.revolt.org
Login: username
Password: your SFTP account password.
Home Directory: /var/users/webs/username
Port: 22, this is the default and should be selected automatically by your client.
SSH Version: TLS is preferable, SSH2 is acceptable.

Changing the SFTP Password¶

There are two kinds of accounts:

SysCP accounts: we use SysCP to allow you to manage your website. We also refer to this account as the “hosting account”. You use this account to login at hosting.revolt.org.

SFTP accounts: when your SysCP account is created, a SFTP account is also created. Initially, they have the same username and same password, which is mailed to you (and which you should change right away). Once created, you can change the password of the ftp account independently of the syscp account. In the SysCP control panel, the SFTP account is listed under the heading FTP (even though we don’t support plain FTP). The SysCP interface will allow you to create multiple FTP accounts. In practice, however, all these different accounts will have the same access permissions, so there is not much point in creating more than one.

To change your SFTP account password:

login at hosting.revolt.org
click the link Accounts under the heading FTP
click on the Change password link next to your username (not the change password link which is on the top left of the page).
fill in the form and click Change password to confirm.

Windows¶

The best tool for securely moving files around in Windows is WinSCP:

WinSCP:
- Download: winscp.net/eng/download.php
- Notes: Download the latest ‘Installation’ version.
- Tutorials: www.foothill.edu/ctis/howto/SFTP_WinSCP...

It’s opensource/free and does both SFTP and SCP. It has a very similar feel to FTP you may have used in the past. It should automatically choose port 22. You can use either the SCP or SFTP protocols.

For other tutorials and help, type “winscp tutorial” into your favorite search engine (without the quotes).

Mac OS X¶

There are two good Free Software SFTP programs for Max OS X:

FUGU:
- Download: rsug.itd.umich.edu/software/fugu
- Tutorial: www.foothill.edu/ctis/howto/SFTP_Fugu.html
Cyberduck:
- Download: cyberduck.ch
- Tutorial: http://www.freesmug.org/tutorial/cyberduck/

Mac OS 9¶

The options for Mac OS 9 are very limited, but these two programs will work:

NiftyTelnet SSH:
- Download: www.lysator.liu.se/~jonasw/freeware/nif...
- Notes: This client requires a basic understanding of file paths.
MacSFTP:
- Download: pro.wanadoo.fr/chombier/MacSFTP/SFTP_in...
- Notes: This is proprietary software (costs $25 w/trial period). It may look familiar to users of the old Fetch program.
- Tutorial: www.foothill.edu/ctis/howto/SFTP_MacSFT...

Linux¶

KDE: You can use the standard KDE file/web browser (Konqueror) to browse remote files using SFTP. Specify this as your location:~
sftp://username@username.revolt.org/var/users/webs/username
Gnome: You can use the standard Gnome file browser (Nautilus) to browse remote files using SFTP. Specify this as your location:~
sftp://username@username.revolt.org/var/users/webs/username

Command Line Tools¶

On Windows, Mac OS X, and Linux you can also use several command line tools to copy files to the web server. If you have a Mac or Linux, these programs are already installed.

rsync¶

rsync is a fantastically complex and useful swiss army knife for copying files.

rsync allows you to intelligently copy just the files which have changed. Very briefly, suppose you wanted to syncronize your local files with the remote files on the server:

rsync —delete —verbose -a /path/to/local/files/ username@username.revolt.org:/var/users/webs/username

Be careful when using the —delete option, since this can remove all the remote files if you specify the options wrong. Also, the thing which is most confusing about rsync is that when specifying the source directory, a trailing slash on the pathname will make a big difference in which files are selected. The brief rule is this: without a trailing slash, the source directory itself is selected to be copied; with the trailing slash, the contents of that directory are selected.

scp¶

scp is a command line tool for copying files remotely. It is easier to use then rsync, but has less features.

The general form of the command is:

scp : @:

Example 1: upload
To upload smash.txt from my local harddrive to the webserver:

scp local_path/smash.txt username@revolt.org:smash.txt

Example 2: download
To get smash.txt from the webserver and download it locally:

scp username@revolt.org:smash.txt .

The dot at the end means “use the current directory”.

To copy smash.txt from my web directory on resist.ca and put it in my local /temp directory while renaming the file to smash2.txt, I can type:

scp username@revolt.org:smash.txt /temp/smash2.txt

Example 3: wildcards

You can also use wildcards like * to copy .txt etc:

scp -r my_local_html_files/ username@revolt.org:later

This will recursively copy everything in the directory “my_local_html_files” to a directory on the webserver called “later”.