Add SFTP support

[bdbch]

See the title. :) thank you

[Atrox]

Yeah, SFTP is really needed here.

[lucienn3]

aggreee

[jging]

+1

[bry5912]

please add sftp, it's a must!

[horford]

please add this support, it would be much appriciated

[frederichoule]

@timburgess Should be pretty easy to implement I think. Using grunt-sftp-deploy maybe? https://github.com/thrashr888/grunt-sftp-deploy

[marktyers]

+1

[PwrSrg]

+1

[timburgess]

@dominikbiedebach @Sh00ck @lucienn3 @jging @everwonder @britishdelight @frederichoule @marktyers @PwrSrg I’m opening up a beta SFTP product to all the folks here who have requested SFTP support. It has been a lot of work but after using/tweaking it over the last couple of weeks, I’m now happy with it to the point where it’s at least ready for beta. It runs on OS X, Windows and Linux. All existing FTP functionality is there and you can flip between SFTP & FTP.

You will need to be using OpenSSH 6.1 or greater on your server and as SFTP is an extension to ssh, you should have ssh keys created and be able to ssh in to the remote server you intend to sync to. The new code has a dialog box which needs the path to your public key

If you would like to try it out, please let me know at info@tim-burgess.com and please advise your github name so I can confirm you have previously posted on this issue.

I’ll be putting an SFTP help page up on the github wiki in a few hours to help clarify any questions. And once it’s ready for release, I’ll also drop a comment here.

[timburgess]

Wiki page for SFTP is now up - https://github.com/timburgess/brackets-ftp-sync/wiki/SFTP-(Secure-File-Transfer-Protocol)-Support

[PwrSrg]

Doesn't load in Edge Code. I will try it in Brackets when I get a chance.

On Mon, Apr 7, 2014 at 6:02 PM, Tim Burgess notifications@github.comwrote:

I'm opening up a beta SFTP product to all the folks here who have requested SFTP support. It has been a lot of work but after using/tweaking it over the last couple of weeks, I'm now happy with it to the point where it's at least ready for beta. It runs on OS X, Windows and Linux. All existing FTP functionality is there and you can flip between SFTP & FTP.

You will need to be using OpenSSH 6.1 or greater on your server and as SFTP is an extension to ssh, you should have ssh keys created and be able to ssh in to the remote server you intend to sync to. The new code has a dialog box which needs the path to your public key

If you would like to try it out, please let me know at info@tim-burgess.com and please advise your github name so I confirm you have previously posted on this issue.

I'll be putting an SFTP help page up on the github wiki in a few hours to help clarify any questions. And once it's ready for release, I'll also drop a comment here.

Reply to this email directly or view it on GitHubhttps://github.com/timburgess/brackets-ftp-sync/issues/4#issuecomment-39794409 .

[slavede]

Can you enable SFTP to be able to login only with username and password (without private/public key)?

[bry5912]

+++ for the login using credentials

[phobrla]

'Thirded.' I'm not sure if I have the ability to generate anything server-side with my uni's server, so...

[timburgess]

Let me look into the fallbacks that the native ssh client goes through. I'm not fully clear yet how the host user password plays into the secure shell auth process.

That said, creating and using keys may seem scary but it's not that hard. If you have a Github repo, you probably already have the keys. If not, Github has (a page all about generating keys)[https://help.github.com/articles/generating-ssh-keys]. And key creation is all done on your local machine.

Once you have a public key file created, all that needs to happen on the remote host is appending the contents of the keyfile to the authorized_keys file on the remote host. The authorized_keys files is almost always located in the .ssh directory in your home dir.

The only other requirement is for SFTP to be enabled in the server's sshd_config. And that is usually set on by default. If an admin has disabled SFTP, that's a problem. Can't make a phone call if the other side doesn't pickup.

Lastly, I have on my TODO list to create a wiki page for stepping through the setup of an Amazon AWS server with SFTP - now that they have a free tier :-) If that would be of value to anyone, let me know and I will bump it up the priority list.

[jging]

This worked flawlessly for me, connecting to an AWS server with keys. Would have been helpful to have a "browse" button to locate my key file instead of having to type/paste in file path. I keep it in a non-standard location for security purposes.

Thank you SO much for working on this!

[slavede]

Yeah, I know it's simple way to do it. You can use PuttyGen on WIndows

1) Generate public/private keys (just moving your mouse over screen in PuttyGen) 2) Upload public into authorized_key 3) Use your private to login to machine

I just said, it would be useful (let's say I have someone who doesn't want me to login with keys :)).

[mirorauhala]

+1

[timburgess]

Work on adding password authentication (in addition to existing key-based auth) is underway. However any server admin should be aware (or be made aware of) that password-based auth is not as secure as key-based auth. The Hail Mary Cloud performs distributed, continual password attacks and so eventually any password scheme will be compromised.

The way I intend this to work is for the keyfile text field in the dialog box to be initially blank. If a keyfile path is added to that textfield, key-based auth will be used and the password text field will be used as the keyfile passphrase. If the keyfile path is blank, the password-auth will be used - and the password text field used as the user password.

After being entered, settings will be cached - as they are now.

@jging After pwd auth is done, I will add a Browse button for populating the keyfile path. Ideally would already be there(!) but I wanted to get a functional product out for people to test with.

[jging]

Thanks @timburgess - the browse button is purely for convenience, so certainly not a major priority by any stretch!

[bdbch]

You guys are awesome. Thank you for your support on that issue. And thank you @timburgess for your feedback and the beta! :)

[timburgess]

I'd actually like to leave this open until I get the newer revision out - specifically support for password authentication and a Browse button (and some associated internal cleanups and general testing). I will advise the test group when that is ready.

[timburgess]

Those in the beta group should expect a new email from me shortly. The new revision now has password authentication as well. If there is no text in the keyfile text box, password authentication will be used. A new Browse button is also on the dialog. It opens the default .ssh directory for your particular platform. There is also a fix for error events not passing correctly from the Node.js backend - if you fluff your password now, you should receive an appropriate message.

[timburgess]

FTP-Sync Plus is now complete. Thankyou to everyone in the testing group and happy SFTPing :-)

[bdbch]

@timburgess sure! Thank you for doing all this for us. :+1:

[bagusflyer]

It's not free.