When connecting to your server using an FTP client, you have the option to use the FTP protocol or the SFTP protocol. It’s always recommended to use SFTP as this protocol is encrypted and secures your data during transit.
More technically, SFTP is a network protocol designed to provide secure file transfer and manipulation facilities over the secure shell SSH protocol. SFTP is NOT just FTP run over SSH, but rather a new protocol. It is often called Secure FTP because it uses an encrypted transport layer.
There are also a couple distinctions that should be made:
- SFTP may also refer to Simple File Transfer Protocol, an unsecured and rarely used file transfer protocol though this is not what DreamHost provides.
- SFTP is not the same as FTPS. FTPS is traditional FTP, encrypted using SSL. DreamHost does NOT support FTPS.
This article covers a description of the DreamHost SFTP service which allows you to securely connect to your server.
Requirements and setup
Please be aware of the following new SFTP rules:
- When adding a new domain/subdomain you can choose to create a new user at that time. If you create a user, it defaults to SFTP and FTP is disallowed.
- If you edit an existing domain and decide to create a new user for it, then the user is also set to SFTP and FTP will be disallowed.
- If you still require FTP, deselect the Disallow FTP? box on the (Panel > ‘Users’ > ‘Manage Users’) page when editing the username.
Please view the Enabling Shell Access article for detailed instructions on how to change the type of web user.
- FTP user accounts use port 21. These accounts cannot be accessed using the SFTP protocol which uses port 22.
- If you’ve modified your user, it takes approximately 20 minutes for the system to update the changes.
View the How to obtain your FTP Login Credentials article for instructions on how to obtain your login credentials. The only difference with FTP and SFTP/SHELL users is that you’d use port 22 instead of port 21 (FTP).
There are several clients you can use to connect to your DreamHost server via SFTP. View the SFTP Client Software article for a full list.
Notes on using SFTP
When logging in to your account using SFTP you may notice some differences from what you would normally see when you logged in with a normal FTP user.
- If you want to ensure that a particular users home directory cannot be accessed by other users (even those in your same group) you can enable "Enhanced security?" option for that user.
- You may notice that you can also access other directories above the /home directory. That's normal, as all users have some level of access to those directories. However, as a regular user you won't be able to view files that you don't have access to, nor are you able to harm the server.
- Hidden files/directories: On a Unix system, hidden files are those that begin with a period (.) in their name. As with FTP clients, SFTP clients usually have an option to "enable/disable viewing hidden files". If that is enabled, you'll be able to see these files/directories (if your user has permissions to do so). If you are having problems deleting a directory (that you do have the correct permissions to delete) and it gives you an error saying "directory not empty", it may be that there are hidden files/directories in that directory that your client is not allowing you to see. Check your program options before going any further. If you do have the option enabled to view hidden files/directories and still cannot delete a directory, please contact support for assistance. Give support the server, user account, and full path to the directory you are trying to delete so they can investigate. View the How do I show hidden files? article for further information.