Summary #
Some software used to manage websites supports SFTP or SCP for transferring files, but they do not support the full featureset of SFTP or SCP. They leave out the ability to use private/public key authentication, which is required for connecting to the hosting server from the Internet. Most programs support private/public key authentication, even if they do not have a way to load the keys directly themselves. The way to test this is to run Pageant and load your keys into it, then try to connect with your client software, leaving your password blank. If you can’t connect, then you need to follow this article to setup an SSH tunnel.
More Information #
The hosting server allows the use of passwords to authenticate, only once you have connected already with private/public key authentication. SSH has a feature that allows you to create tunnels / forwarded ports to send traffic through to the remote machine over your encrypted SSH connection, like a proxy. The way this works is you configure PuTTY to listen on a certain port, and it routes that traffic through to the remote server on the remote port you specify. Then on you client, you connect to PuTTY instead of the remote host directly. The hosting server allows password authentication when you use this method, so programs that do not support private/public key authentication will work using your password.
Creating The Tunnel #
As with any connections to the hosting server, you must have Pageant running with your keys loaded into it. You need to use PuTTY to create the tunnel. Launch PuTTY and setup the basic connection properties: the host you want to connect to, the connection type, and the port:
- Host: Your website address or websites2.andmore.com
- Connection type: SSH
- Port: 22
Next, on the left side go to “Connection”, “SSH”, “Tunnels”. Fill in the following, then press “Add”:
- Source port: 2200
- Destination: 127.0.0.1:22
- Select “Local”
- Select “Auto”
If you want to save these settings (which is recommended), on the left side go to “Session”. In the blank field under “Saved Sessions” type in a name you want for these settings then click on the “Save” button.
When you’re ready to connect, click the “Open” button at the bottom of the window. After a few seconds you’ll see a prompt for your username. After you enter that, Pageant will send your key to the server and you’ll be logged in (you’ll be at a shell prompt). The tunnel runs in the background and is basically invisible to you. The tunnel is open and and listening on connections on port 2200 as long as the PuTTY window stays open and connected.
Getting The Client Software Through The Tunnel #
To connect to the server using your client software is barely different then not using a tunnel. The different is that the server you’re connecting to will be “127.0.0.1” with a port of “2200”. That’s where PuTTY is listening for connections for the tunnel on. Use your regular username and the password for the account (if you don’t know what the password is or haven’t set one up, call us at 877-225-0100). When the client connects, PuTTY will route that traffic to a special SSH server on the hosting server which knows how to deal with password based authentication.
