Open WebDevMike2018 opened 1 year ago
evtimov
commented
1 year ago Make sure you include it in "ignore", for example:
{
"name": "Project 1",
"host": "192.168.0.10",
"username": "ftpuser",
"password": "supersecretpassword",
"ignore": [ "tmp/", "temp/", ".vscode/", ".git/", "_notes/", ".well-known/", ".DS_Store" ],
etc...
} 
neil-powers
commented
1 year ago If you'd prefer, it's also possible to use an ssh key with this extension. This is generally a more secure option, and it prevents you from saving any secrets in a file that you've inadvertently uploaded.
Instead of having your password in sftp.json, you could add the privateKeyPath option. This way, even if sftp.json gets uploaded to the remote server, your password is still secure. I've added this option to the example above.
{
"name": "Project 1",
"host": "192.168.0.10",
"username": "ftpuser",
"privateKeyPath": "~/.ssh/id_rsa",
"ignore": [ "tmp/", "temp/", ".vscode/", ".git/", "_notes/", ".well-known/", ".DS_Store" ],
}Of course, for this to work you need to have your public key (probably something like ~/.ssh/id_rsa.pub) on the remote server.
So I have a public folder that I'm working in. I have .vscode/sftp.json in it. It uploads the files fine. The problem is it also uploads itself. Which is a problem because it contains the username and password to access the server. Am I using it wrong?