sftp not working

desi

New Member
#1
Greetings,

I'm a new user of knownhost and can't seem to get sftp to connect on any of the accounts I've established. FTP works fine, but attempting to use sftp on port 22 results in a timeout -- the client never connects.

Is there a setting in WHM or Cpanel that has to be configured?

Any suggestions appreciated.
 

KH-Paul

CTO
Staff member
#4
Desi,

All VPS accounts comes with full root-level ssh access, as such it is possible to use ssh, scp, sftp.

Regards,
Paul
 
#5
So without root access you cannot use SFTP?

I was reading up on the difference between FTP and SFTP and it seemed to me to be a rather large security risk... plain text = bad.

Risks when using the FTP protocol

Using the FTP protocol is regarded to be very unsafe because a password must always be entered for the transfer. The password is subsequently transmitted over the Internet without encryption. Despite the fact that FTP is one of the oldest and most widely used Internet protocols, there are security risks when using it. These include:

  • A user's name and password are transferred in clear text when logging on and can therefore be easily recognized.
  • When using an FTP connection, the transferred data could "stray" to a remote computer and not arrive at their intended destination. Third parties can then download data from the remote system to their own computers, or existing data can be viewed and edited. This presents a significant risk, particularly when transferring company confidential information.
  • FTP can also be used to determine the passwords of individual users, since the password is transferred in clear text when logging on. As a result, even those with unauthorized access to this network can record the password information.
It is therefore advisable to use SFTP connections to ensure that data is securely transferred. This data transfer protocol encrypts the connection between your computer and the FTP server. Data is then transferred to your computer over an encrypted connection (SSH-Tunnel).
 
#6
FTPES works

I did some searching around online and eventually did this:

In Cpanel, generated a 1024-bit private key under SSL/TLS manager. Then generated a SSL certificate. If using Filezilla, you can then connect using FTPES (explicit SSL) and it will ask you to accept your self-generated key.

Since it uses AUTH TLS and then transfers with a SSL/TLS layer it *should* then be encrypted and not send things over plain text.

KnownHost guys or someone more knowledgeable, am I correct?
 
Top