SSH/Shell Access

SSH/Shell Access

Don't you provide FTP?

We discontinued running a FTP server, because¹⁾ passwords and data are usually transferred unencrypted via the FTP protocol. As we were aiming at a safe setup, we made the decision to offer SSH/SFTP only. Now don't worry – every fairly recent FTP Client should be getting along just fine with SFTP.

SSH/SFTP server details

Criteria	Value
protocol	SSH for shell access, SFTP for file uploads
server name	name of your server, e.g. ghost.puffinhost.com
port	3389
user name	your user name, usually starting with “u-”

What is key-based authentication and how can I use it?

Key-based authentication is a method to sign in to your SSH account without entering your password. This doesn't necessarily mean it is less secure. In key-based authentication your “password” is a file only you have on your computer (the so-called private key). This file has a corresponding file²⁾ at the server (the so-called public key). Only if these two files match, login is possible.
To use key-based authentication, you have to generate a private/public key pair (e.g. using PuTTY Gen on Windows or ssh-keygen on Linux and OS X). Keep the private key secret and on your computer and add the public key³⁾ to your ~/.ssh/authorized_keys2 file (create it, if it doesn't exist), where ~ is your home directory.
Some FTP/SFTP software even supports key-based login, so you don't have to type your password, when uploading files.

List of supported SSH/SFTP programs

The following is a list of programs that we know work with our setup, you are free to use others of course.

FileZilla
- A SFTP program that works with OSX, Linux, and Windows, also works with key-based authentication and is Open Source
- http://filezilla-project.org/
CyberDuck
- A SFTP program that works with OSX, has a large feature set and is Open Source
- http://cyberduck.ch/
Transmit
- A SFTP program that works with OSX, its a commercial product that focuses on simplicity with functionality
- http://www.panic.com/transmit/
PuTTY
- A SSH client for windows, allows you to connect and administer your website from SSH, and its free
- http://www.chiark.greenend.org.uk/~sgtatham/putty/

Changing your password

Log in using SSH, execute the passwd command and follow the steps. If you see no error messages, passwd completed and you see a propmt again, your password has been changed.
To choose a safe password, you should use at least 10 characters, upper and lower case letters, numbers and special characters. Make sure your password can't be found in a dictionary. We are currently not enforcing a minimum password complexity but might consider adopting a complexity check should accounts be compromised because of weak passwords. Remember the system is publically accessible and there's a lot of bad people out there trying to guess your passwords⁴⁾.

¹⁾ including, but not limited to!

²⁾ well, technically, it's not a file at the server, but that's not important here

³⁾ some utilities provide you with the copy-and-paste-ready text

⁴⁾ you would actually be suprised how many