Having set up the Nginx web server we're on the brink of setting up some sites or blogs, but first here's a handy detour.
Thing is, I'm aware this series will be especially useful to Linux newbies building their first VPS. And, having been brainwashed with Windows all these years, I know how difficult it can be to pound the terminal, without so much as a GUI to be able to check on what you're doing. Kinda disconcerting.
.. and when it comes to file transfer, while this guide's admin section covers my recommended methods – PSFTP for Windows (locally) and SCP for Linux (locally) – no doubt many folks will prefer a visual FTP client.
Then, at least, you can physically see your directory structure.
Video: Tweak Filezilla for Secure FTP
Except FTP is bad, no? Unencrypted, all that, so yes. We'll use Secure FTP instead, or SFTP, which uses the same tunnelling as our PuTTY configuration, SSH.
Not only is (S)FTP handy, for us noobs, when it comes to uploading those websites and their assets, but in the rest of this series it'll help to illustrate the file structure we'll be creating, on which to hang those sites and blogs.
FileZilla vs WinSCP
Another popular SFTP client is called WinSCP. Personally, I prefer it, because it allows us to set up our connection using the password-protected private authentication key we created in the guide Encrypt Data with OpenSSH & Auto-Login with PuTTY. In other words, with a couple of clicks, you're into your SFTP in just the same way we log into our VPS using PuTTY and Pageant – using the key set, not a password.
With FileZilla, on the other hand, while you can use authentication keys, you cannot use passphrase-protected keys and in my opinion, not using a passphrase is just too risky. Here's the error message that pops up when you try to set up FileZilla using the kind of private key we've set up.
So we're going to be using our Linux username and password instead to set up FileZilla, which is pretty standard fare anyhow.
Most importantly, both clients use the secure encryption protocol that is most valuable.
Why not just provide a WinSCP Setup Guide?
Despite this shortfall, FileZilla is more user-friendly for newbies, so I'll show how to set that up. As an addendum to this series, I'll likely provide a guide for setting up WinSCP as well.
Isn't it better to skip FTP clients altogether and use the CLI?
Yes. And Linux purists would argue so strongly, because an FTP client is another potential security breach. However, for us less experienced Linux users, the lack of a visual guide is a concern, and it's easier to make mistakes and lose files.
I think a regular FTP client is a no-no, the command line too complicated, but an SFTP client is a good compromise.
How to Set Up FileZilla
Hit CTRL-S to open the Site Manager.
Click on ‘New Site' and there are four main tabs. We only need to worry about the ‘General' tab. Here's some help:-
Thassit. You have a window to your Linux box. Count yourself lucky!
Link Your Private Authentication Key
.. If you've added the extra security recommended in Harden the Secure Shell (SSH) & Create a Firewall, for example with the use of authentication keys to connect to your server with the terminal and by disallowing password access, then you'll have to let FileZilla know by importing to it your private authentication key file.
In this case, in FileZilla click on Edit > Settings and choose the SFTP option, then click on Add keyfile.
Browse to the private authentication key you created (along with the public one which should now be living on your server). If you have both keys in this folder, the private one has no extension, so there's a clue, whereas the public one will have an extension of .pub.
Having selected the private key, up pops a dialogue box saying FileZilla has to convert the file to a format it's happy to work with. Click Yes and, if you gave a passphrase when originally you created the keys, type that in (or leave it blank if you didn't create a passphrase), clicking OK.
Now select a name and a place for FileZilla's newly converted keyfile to live.
Click OK to leave the Settings dialogue box.
You're done. FileZilla will now use your key to access the server. Chocks away.
Moving Swiftly On
We've moved up a gear now.
We'll find the SFTP client useful in the next part, when we create the file structure for multiple sites and blogs. It's all free-wheeling downhill from there.
You guessed it, here's the index ..