Did you know that FTP transfers your password in plain text? Instead of FTP you can use the more secure SFTP. The SFTP service is based on SSH which encrypts all passwords and data. You do not even have to install a separate service, to do everything what you need is to configure SSH properly.
Root access is required to edit the following files and to execute commands. Log in as root (
su) or simply prepend sudo to all commands that require root privileges.Edit the SSH daemon configuration
Open the file /etc/ssh/sshd_config with your favorite text editor.
vi /etc/ssh/sshd_config
Paste the following directives at the end of this file.
# General configuration Subsystem sftp internal-sftp AllowUsers stan moe PermitRootLogin no # User specific configuration Match User stan ChrootDirectory /var/www/vhosts/stans-homepage.com X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp
Prevent login over SSH
Open the file /etc/passwd and change the shell for given user to prevent login over SSH. We want only to give access through SFTP.
stan:x:505:506::/var/www/vhosts/stans-homepage.com/httpdocs/:/bin/nologin
Restart the SSH server
/sbin/service sshd restart
Connect with SFTP
Now you can try to connect your server. Be sure that your client supports SFTP. If you cannot connect, maybe your OpenSSH version doesn’t support SFTP. You have to install the current version.
