Grogan
08-08-2005, 03:25 PM
The usage of traditional services, like telnet and ftp, to work on or transfer content to servers should be avoided. The reason is that these services use plain text, and passwords and data can be stolen by miscreants using IP sniffing techniques.
Instead, encrypted SSH protocols should be used for command line administration, and for transferring files. Most Windows servers won't likely have SSH capabilities, but most all Unix/Linux servers will. So if your Web hosting directory resides on a Unix or Linux server, there's no excuse for using plain text services to administer your site. Especially when there is Free Software available, for both Windows and 'Nix platforms.
We will cover Windows clients first, in this part of the tutorial. First of all, you need to obtain some software.
PuTTY
This is a free Secure Shell (SSH) client for Windows, licensed under the MIT License. This is recommended for logging on to your shell account if you wish to remotely administer your site from the command line. (knowledge of Unix commands is required)
This is the official Web site, where you can read more about it and download it:
http://www.chiark.greenend.org.uk/~sgtatham/putty/
WinSCP
This is a "Secure Copy" (SCP) and "Secure FTP" (SFTP) client for Windows. This is recommended for uploading files to your Web space, because it uses encryption to prevent theft of data and passwords in transmission. It is very easy to operate, and behaves much like a two paned file manager with the local system in the left pane, and the remote system (server) on the right. No arcane knowledge is required. It is Free Software, licensed under the GNU General Public Licence. (GPL)
This is the official Web site, where you can read more about it and download it:
http://winscp.net/eng/index.php
Secure Shell
PuTTY is a standalone program and no installation is required. Simply double click putty.exe to launch the client. You may also create a shortcut to the program if desired.
The first thing you will see is the login and configuration screen:
http://www.bitbenderforums.com/~grogan/sshhowto/01_putty.jpg
You can either use the server's IP address, or its host name (e.g. yourdomain.com or www.yourdomain.com). You want to use port 22, and the SSH protocol.
While PuTTY won't save the username and password for you, I would recommend that you save a session so that you don't have to enter the host name every time, and so that it will retain your font settings. I like to use Fixedsys in Windows, but choose one that suits your tastes if you don't like the default.
http://www.bitbenderforums.com/~grogan/sshhowto/02_putty.jpg
Once you have entered the host name and changed your font settings (there are many other advanced settings that you shouldn't need to worry about), go back to Session in the left pane of the configuration dialog, type a name in the Saved Sessions field, and click Save. I chose "My Server" but it can be anything you want.
http://www.bitbenderforums.com/~grogan/sshhowto/03_putty.jpg
Once you've saved a session, you can highlight and click Open, or simply double click it to launch the connection.
The first thing you will see when connecting to a server with SSH for the first time, is a prompt to save the server's key. Say Yes.
http://www.bitbenderforums.com/~grogan/sshhowto/04_putty.jpg
Once you connect, a terminal window will open where you are prompted for your username, then prompted for the password.
http://www.bitbenderforums.com/~grogan/sshhowto/05_putty.gif
You can click on the edges of this terminal window, and drag it larger. Once you are finished what you set out to do, type logout to log off the shell, break the connection and terminate the putty program.
Even if you aren't Unix savvy and couldn't be bothered to learn how to use a shell account, there is still one useful thing you may wish to do. It's an easy way (and sometimes the only way) for a user to safely change their own password. To do this on 'Nix systems, you use the passwd command:
http://www.bitbenderforums.com/~grogan/sshhowto/05_puttypasswd.gif
The passwd command first prompts for the old password, then prompts for the new, and prompts for the new again to confirm your typing. The password change takes effect immediately, so any new logins must use the new password.
Another useful command is the chmod command for changing permissions. Note the "rw-------" permissions on the index.html file in the image below. That won't do, for people would just get a 403 Forbidden error message from the Web server when attempting to access your site.
http://www.bitbenderforums.com/~grogan/sshhowto/05_puttychmod.gif
With the command chmod 644 index.html I change permissions so that everyone has read access to the file. The only user with write access is the owner (you). After changing permissions, the file is shown with rw-r--r-- permissions.
See Here (en.wikipedia.org/wiki/Permissions#Traditional_Unix_permissions) for a discussion of Unix permissions, but what you mainly need to know for Web hosting purposes is that directories must be "rwxr-xr-x" and files must be "rw-r--r--". The respective commands to do that are:
chmod 755 directoryname
chmod 644 filename
When you are finished with your shell session, type the logout command.
Instead, encrypted SSH protocols should be used for command line administration, and for transferring files. Most Windows servers won't likely have SSH capabilities, but most all Unix/Linux servers will. So if your Web hosting directory resides on a Unix or Linux server, there's no excuse for using plain text services to administer your site. Especially when there is Free Software available, for both Windows and 'Nix platforms.
We will cover Windows clients first, in this part of the tutorial. First of all, you need to obtain some software.
PuTTY
This is a free Secure Shell (SSH) client for Windows, licensed under the MIT License. This is recommended for logging on to your shell account if you wish to remotely administer your site from the command line. (knowledge of Unix commands is required)
This is the official Web site, where you can read more about it and download it:
http://www.chiark.greenend.org.uk/~sgtatham/putty/
WinSCP
This is a "Secure Copy" (SCP) and "Secure FTP" (SFTP) client for Windows. This is recommended for uploading files to your Web space, because it uses encryption to prevent theft of data and passwords in transmission. It is very easy to operate, and behaves much like a two paned file manager with the local system in the left pane, and the remote system (server) on the right. No arcane knowledge is required. It is Free Software, licensed under the GNU General Public Licence. (GPL)
This is the official Web site, where you can read more about it and download it:
http://winscp.net/eng/index.php
Secure Shell
PuTTY is a standalone program and no installation is required. Simply double click putty.exe to launch the client. You may also create a shortcut to the program if desired.
The first thing you will see is the login and configuration screen:
http://www.bitbenderforums.com/~grogan/sshhowto/01_putty.jpg
You can either use the server's IP address, or its host name (e.g. yourdomain.com or www.yourdomain.com). You want to use port 22, and the SSH protocol.
While PuTTY won't save the username and password for you, I would recommend that you save a session so that you don't have to enter the host name every time, and so that it will retain your font settings. I like to use Fixedsys in Windows, but choose one that suits your tastes if you don't like the default.
http://www.bitbenderforums.com/~grogan/sshhowto/02_putty.jpg
Once you have entered the host name and changed your font settings (there are many other advanced settings that you shouldn't need to worry about), go back to Session in the left pane of the configuration dialog, type a name in the Saved Sessions field, and click Save. I chose "My Server" but it can be anything you want.
http://www.bitbenderforums.com/~grogan/sshhowto/03_putty.jpg
Once you've saved a session, you can highlight and click Open, or simply double click it to launch the connection.
The first thing you will see when connecting to a server with SSH for the first time, is a prompt to save the server's key. Say Yes.
http://www.bitbenderforums.com/~grogan/sshhowto/04_putty.jpg
Once you connect, a terminal window will open where you are prompted for your username, then prompted for the password.
http://www.bitbenderforums.com/~grogan/sshhowto/05_putty.gif
You can click on the edges of this terminal window, and drag it larger. Once you are finished what you set out to do, type logout to log off the shell, break the connection and terminate the putty program.
Even if you aren't Unix savvy and couldn't be bothered to learn how to use a shell account, there is still one useful thing you may wish to do. It's an easy way (and sometimes the only way) for a user to safely change their own password. To do this on 'Nix systems, you use the passwd command:
http://www.bitbenderforums.com/~grogan/sshhowto/05_puttypasswd.gif
The passwd command first prompts for the old password, then prompts for the new, and prompts for the new again to confirm your typing. The password change takes effect immediately, so any new logins must use the new password.
Another useful command is the chmod command for changing permissions. Note the "rw-------" permissions on the index.html file in the image below. That won't do, for people would just get a 403 Forbidden error message from the Web server when attempting to access your site.
http://www.bitbenderforums.com/~grogan/sshhowto/05_puttychmod.gif
With the command chmod 644 index.html I change permissions so that everyone has read access to the file. The only user with write access is the owner (you). After changing permissions, the file is shown with rw-r--r-- permissions.
See Here (en.wikipedia.org/wiki/Permissions#Traditional_Unix_permissions) for a discussion of Unix permissions, but what you mainly need to know for Web hosting purposes is that directories must be "rwxr-xr-x" and files must be "rw-r--r--". The respective commands to do that are:
chmod 755 directoryname
chmod 644 filename
When you are finished with your shell session, type the logout command.