Configure FileZilla’s SFTP – better than FTP: VPS BIBLE




new password?
login
X

Setup FileZilla for Secure FTP (SFTP)

14 May 09
filezilla logo image

This tutorial shows you how to configure FileZilla, the most popular Secure FTP (SFTP) client.

Having set up the Nginx web server we’re on the brink of setting up some sites or blogs, but first here’s a handy detour.

Thing is, I’m aware this series will be especially useful to Linux newbies building their first VPS. And, having been brainwashed with Windows all these years, I know how difficult it can be to pound the terminal, without so much as a GUI to be able to check on what you’re doing. Kinda disconcerting.

.. and when it comes to file transfer, while this guide’s admin section covers my recommended methods – PSFTP for Windows (locally) and SCP for Linux (locally) – no doubt many folks will prefer a visual FTP client.

Then, at least, you can physically see your directory structure.

Setup Unmanaged VPS: The Ubuntu-Nginx Guide

Take your virtual private server from zero to hero

  .. from blank box to cute-as server ..  

with this easy-to-follow copy/paste guide.

22+ parts with video, here’s the index.

Video: Tweak Filezilla for Secure FTP

Watch the, er, guvideo for a better idea of how to do this.


Please sign up for automatic premium content access.

Just $15/year* will save you hours, maybe days!

Alternatively, the vpsBible forum is free and you are welcome.

Except FTP is bad, no? Unencrypted, all that, so yes. We’ll use Secure FTP instead, or SFTP, which uses the same tunnelling as our PuTTY configuration, SSH.

Not only is (S)FTP handy, for us noobs, when it comes to uploading those websites and their assets, but in the rest of this series it’ll help to illustrate the file structure we’ll be creating, on which to hang those sites and blogs.

FileZilla vs WinSCP

Another popular SFTP client is called WinSCP. Personally, I prefer it, because it allows us to set up our connection using the password-protected private authentication key we created in the guide Encrypt Data with OpenSSH & Auto-Login with PuTTY. In other words, with a couple of clicks, you’re into your SFTP in just the same way we log into our VPS using PuTTY and Pageant – using the key set, not a password.

With FileZilla, on the other hand, while you can use authentication keys, you cannot use passphrase-protected keys and in my opinion, not using a passphrase is just too risky. Here’s the error message that pops up when you try to set up FileZilla using the kind of private key we’ve set up.

filezilla convert keyfile screen image

So we’re going to be using our Linux username and password instead to set up FileZilla, which is pretty standard fare anyhow.

Most importantly, both clients use the secure encryption protocol that is most valuable.

Why not just provide a WinSCP Setup Guide?

Despite this shortfall, FileZilla is more user-friendly for newbies, so I’ll show how to set that up. As an addendum to this series, I’ll likely provide a guide for setting up WinSCP as well.

Isn’t it better to skip FTP clients altogether and use the CLI?

Yes. And Linux purists would argue so strongly, because an FTP client is another potential security breach. However, for us less experienced Linux users, the lack of a visual guide is a concern, and it’s easier to make mistakes and lose files.

I think a regular FTP client is a no-no, the command line too complicated, but an SFTP client is a good compromise.

How to Set Up FileZilla

Download FileZilla. Here’s the file or, if you wanna take a peek, here’s the site.

Install it.

Hit CTRL-S to open the Site Manager.

Click on ‘New Site’ and there are four main tabs. We only need to worry about the ‘General’ tab. Here’s some help:-

filezilla settings screen image
  • Host – Use the IP you used setting up PuTTY
  • Port – Use the Port you used with PuTTY
  • Servertype – SFTP – SSH File Transfer Protocol
  • Logintype – Normal
  • User – Your Linux username (not root, the one we created)
  • Password – The password for that user

Click ‘Connect’.

Thassit. You have a window to your Linux box. Count yourself lucky!

Moving Swiftly On

We’ve moved up a gear now.

We’ll find the SFTP client useful in the next part, when we create the file structure for multiple sites and blogs. It’s all free-wheeling downhill from there.

You guessed it, here’s the index ..

Setup Unmanaged VPS: The Ubuntu-Nginx Guide

Take your virtual private server from zero to hero

with this easy-to-follow copy/paste guide.

“My local PC runs Windows” Show me for Linux

22+ parts with video, here’s the index ..

Manage Unmanaged VPS: Ubuntu-Nginx Administration

Already set it up? We’d best maintain it then.

Toggle to the ..  Ubuntu-Nginx Admin Index

Manage Unmanaged VPS: Ubuntu-Nginx Administration

Maintain your virtual private server with ..

.. cheatsheets, tutorials, tips & guides.

Head back to the ..  Ubuntu-Nginx Installation Index

Nginx Admin: In the Works ..

This lot’s marked for addition already:-

  • Setup or Edit DNS using Bind
  • Network Tools Troubleshooting Guide
  • The Comprehensive Permissions Guide
  • Configuring Nginx Rewrites
  • Custom Website Error Page
  • Setting up Cron Jobs
  • Rsync for Incremental Remote-to-Local Backup
  • Cron & Rsync for Automatic Backup
  • Cron & mysqldump for Auto DB Backup
  • Safeguard Bandwidth with Hotlink Protection
  • Block Access with Nginx’ IP Deny


«
»

Got a Question? Want to Comment?

This site has no comments system. We've got a better system!

Please use the link at the top of the post and goto this topic's forum thread:-

  • to help build community
  • for a superior knowledge base
  • to keep info in one place, not diluted between forum & comments.

For those posts ported from Guvnr.com (pre-Feb/2010), archive comments remain.

Handy info from these comments is in the process of being ported to the forum and attributed to the original author.

If you think this idea sucks, let me know.

Thank you.

  • kajdo May 25th, 2009 at 7:20 pm

    good work mate – exactly what i was searching for! thx a lot

  • the_guv May 26th, 2009 at 11:24 am

    @kajdo – crackin’. good to hear, pleased to help.

  • Configure NGINX Multi-Site Virtual Hosts - VPS Bible Pt 13 - GUVNR June 11th, 2009 at 12:56 pm

    [...] Part 12: * Setup FileZilla for Secure FTP (SFTP) [...]

  • Mottster June 28th, 2009 at 4:36 am

    Great series, this will enable me to be free from having to used a managed service. Instead of paying $13 for a managed VPS, for a couple of extra dollars I will be able to have so much.
    Thank you for this great information!!!

  • the_guv June 28th, 2009 at 7:55 am

    @Mottster – good to hear. $13 – that’s actually not bad though, huh, and no hassle. Prices are plummetting. But sure, you won’t get an optimised solution with managed, and likely far from it. Hey, the market’s changing really fast now.

  • Dale Lukas Peterson July 6th, 2009 at 7:31 am

    Guv,
    My installation of ubuntu didn’t come with a ftp server configured — I’ve tried to find a good tutorial on how to get proftpd setup, and have it still be secure, but I haven’t found a good one. Any chance you want to do a tutorial on this? It would be much appreciated!!

  • the_guv July 7th, 2009 at 12:54 am

    Hey Dale, Dunno about proftpd, I hear it’s popular but haven’t tried it.

    Have you tried winSCP? .. that’s very good too, very simple and powerful. In fact, I wonder I shouldn’t add that as another FTP client option in this post. Great for tunnelled SSH connections, using your private authentication key .. so no passwords with winSCP.

    Damn, I’ll have to add it now ;)

  • Ashesh August 27th, 2009 at 5:38 pm

    Guv,

    For newbies like us it would be great if in this chapter you mention not to change “PasswordAuthentication” to “no” in configuration file as suggested in “Harden the Secure Shell (SSH) & Create a Firewall *”

    # PasswordAuthentication yes
    # – change “yes” to “no”. Prevents login using a password, now unnecessary with OpenSSH keys. **

    Actually it took me some time to figure out why FileZilla is giving error “Disconnected: No supported authentication methods available
    ” as I had turned off PasswordAuthentication in ssh configuration file :D

    thanks

  • the_guv August 28th, 2009 at 2:03 pm

    @Ashesh .. not sure why you were getting this, to be honest. Just tried replicating the error but can’t, unless I try to log in with regular FTP.

    As we’re using SFTP, and as we’ve set up our authentication keys already, it ought to be a non-issue, and the Password Authentication rule in the sshd_config file should be irrelevant (specifically to this problem, that is.)

    Anyone else had this or similar?

  • Sarteck September 19th, 2009 at 2:48 am

    Guv, I am having the same problem as we speak. As Ashesh says, turning PasswordAuthentication back on does “solve” the problem, but then it defeats the purpose of having the shared key, doesn’t it? XD

    I suppose, though, you -could- have another port listen for SFTP, but that, too, would defeat the purpose of having shared keys.

    Anyways, the problem is that (at least for my FileZilla, 3.2.2.1), you have to add the key file by going to Settings -> SFTP.

    Big problem, though, they don’t support passphrases yet but give the option to convert it to a “useable format.” Dunno what that might be.

  • Sarteck September 19th, 2009 at 4:10 am

    Hey, Guv, sorry for double-posting, but I just wanted to let anyone reading know…

    It seems to be impossible to find a Linux GUI to accomplish this task, at least for me. :( I was recommended to try kFTP, gftp, FireFTP, and (almost unanimously, lol) FileZilla. For any Linux user in need of a GUI SFTP client that can use your PPK file and connect to your server as Guv has laid it out, you may have to use WinSCP through WINE (whic, btw, is tested and working on my Linux home computer, also Ubuntu 9.04).

  • the_guv September 23rd, 2009 at 10:05 am

    @Sateck .. WinSCP is a cracking programme but, having to go through Wine and all that malarky .. why not just use SCP? .. well, I guess you want the GUI. Sure. Silly Q!

    BTW, you may like this ..

    Virtually the Best Web Dev PC on the Planet

    For Linux, SCP is best, better than anything. Using it is covered in the VPS Admin series, along with the PuTTY equivalent for Windows. I do use FileZilla sometimes when I want a visual reference on a directory. Never get these errors Ashesh has had with this method .. and my ssh does not allow passwords.

    .. don’t forget to go with the SFTP option in FileZilla, after setting up your authentication keys .. but I don’t thing that’s the issue.

    How many more folks having this problem? Bit bloody annoying, what!

  • Setup Local-Windows-Remote-Linux Encrypted Connection: VPS BIBLE - vpsBible February 10th, 2010 at 5:01 pm

    [...] to shore up an otherwise unencrypted FTP connection, making it SSH FTP, or Secure FTP or SFTP for short. We’ll set that up in FileZilla for Secure FTP (SFTP) [...]

  • Install NGINX (better than Apache or Lighttpd): VPS BIBLE - vpsBible April 23rd, 2010 at 4:46 pm

    [...] Setup FileZilla for Secure FTP (SFTP) we’re taking a quick detour, setting up FileZilla so we’ve got a Secure FTP (SFTP) [...]