The ability to transfer data and log in to your dedicated server is an integral function of server administration. There are several different ways to accomplish this. Some of the more popular methods include FTP, SFTP, and SSH. Each of these functions in a different way and you may select each one for different reasons. This post will give you an overview of these protocols, and how you may use them in your everyday tasks while you are managing your dedicated server.
SSH (Secure Shell)
SSH it is the most popular method of connecting to a remote server to login and perform administrative functions. The standard port assigned for SSH is TCP port 22. It was designed as a secure replacement for insecure protocols like Telnet. SSH typically secures connections using an automatically generated public/private key pairs to encrypt communications and then authenticate the user using a login/password. SSH can also be secured using a fixed public / private key, in which case login authentication is typically not performed.
How do I connect to my server using SSH?
Connecting to your server via SSH is easy. On Windows, you can download a free SSH client, such as PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty/), which will allow you to connect to the server. When the application loads, simply enter in the server IP or hostname, click “connect” and the software will prompt you for your server username and password.
If you are using Mac or Linux, simply load your terminal and type “ssh user@IP” substituting your server username and IP address accordingly. The terminal will prompt you for your password, and you will then be logged in and have full access to the server terminal.
How can I make SSH access more secure on my server?
There are two popular ways of making the process of SSH more secure. First, if you’re able to, you should run SSH on a different port than the standard port 22. This way, anyone trying to login to your server will not know on which port you are running SSH. Secondly, disabling direct root login makes SSH more secure as well. Anyone trying to login will instinctively try to login as “root”, but if you disable root login and instead login using a standard user and sudo to root, this blocks another potential source of intrusion.
Related Post: 6 Ways to Secure SSH for Dedicated Hosting
FTP (File Transfer Protocol)
FTP is a method of uploading and downloading files from a dedicated server. FTP typically sends commands on port 21 and data on port 20, but this can be changed on the FTP software running on your server. FTP runs on a server / client relationship, meaning that the server runs FTP software to facilitate the download / upload of files, and the client uses a piece of software such as a web browser or FTP client to communicate with the server. Users can connect with a username / password, or anonymously if the server is setup with anonymous FTP.
How do I connect to FTP from my local computer?
Simply download an FTP client, enter in your server IP, username, and password, and you will instantly be connected to your server to transfer files! FileZilla (https://filezilla-project.org/) is a free client available for Windows, Mac, and Linux and is one of the most popular clients in use today.
What’s the difference between active and passive FTP?
Whether the connection is run in active or passive mode determines how the connection between the server and the client is established.
In both active and passive modes, the client establishes a connection on their local network from a random, unassigned port to port 21 (or whichever port is running FTP commands) on the server. Using active mode, the client sends a command to the server to alert it to which port it is listening for incoming data connections on. The server then connects back to that client port using port 20 on the server. When the client is behind a NAT and cannot accept incoming TCP connections, passive mode can be used. In this case, the client sends a PASV command, and receives the server IP and port number in which to make connections to.
In passive mode, the client facilitates both connections to the server, whereas in active mode, the client makes one connection, and the server makes the return connection.
SFTP (Secure File Transfer Protocol or SSH File Transfer Protocol)
SFTP can be considered a cross between SSH and FTP. Unlike FTP, SFTP transfers data on a single port (22) rather than having two separate connections. All data is transferred using an agreed upon encryption type or public and private keys between the client and the server.
How do I use SFTP?
Connections via SFTP work in the same fashion as a standard FTP connection. After setting up your favourite FTP client, connect to your server using port 22, rather than the usual port 21 for FTP. You’ll need to ensure that you have both SSH and FTP access configured on your server.
How do I make SFTP access more secure?
While SFTP can use the standard username / password authentication for SSH, it is much more secure to setup public and private keys for SSH access so that only those clients with the key may connect to the server. You may also restrict access via IP address if you are regularly communicating with clients that have assigned static IPs.
—-
As you can see, there are a variety of different methods for communicating between your computer and a dedicated server. SSH, FTP, and SFTP all facilitate the easy connection and transfer of data between our world class data centers.
What FTP clients and SSH software do you use to improve your workflow? Please share your tips and tricks on the ReliableSite Facebook page!