FTP is a file transfer protocol that is usually being used to connect to a shared hosting. This is because a shared hosting can not reveal any security access mainly SSH key to access the server. As a result, shared hosting companies give all of their customers, a panel usually Cpanel or Spanel, to manage the website easily like uploading files and folders. Without FTP itself, user can do the task via web browser. However, to be simple uploading without opening browser, they use FTP.
For Google Cloud, we must understand that it is not shared hosting. It is a dedicated virtual server as if we own our physical server. To access it, the most secure crytography technology available for today, SSH, being used. SSH for logging into the server and SCP, is used for transferring file. Both with command line via command prompt. To be easy in operation like FTP, we use WinSCP.
What is WinSCP?
WinSCP is a graphical software with interface like FTP. The difference is we use credential that is used to log into the server itself. When we use a dedicated server, we need to consider the following:
- Performance of a server. The more service we start, the more resource we need and it is slowing down the server. FTP is a service.
- Security consideration. When we start a service, we need to open a port that is occupied by that service for example port 21 for FTP. Fewer port opened means the better server security that we have.
WinSCP is a client for Windows. Like FileZilla, we need credential to log in. Here are the detail that we need:
- Server IP address. This address is aquired when creating an instance in Google Cloud. Log into Google Cloud Dashboard and find the IP under the instance.
- User of a server
- SSH Key or password only
It is strongly suggested that we use SSH Key to login and give it a passphrase to open the key. To create the credential, follow the instruction below:
- Log in to your server as root. In Google Cloud, we can access it on Dashboard via web.
- Create a new user:
- Give sudo access to userone: usermod -aG sudo userone
- Change to the newly created user by typing:
In Google Cloud we don’t need to activate firewall in operating system because Google Cloud comes with default firewall activated when creating instance.
Now, we want to create SSH Key. Here are the steps:
- Log into your terminal with the newly created user. In command prompt terminal of your local desktop computer, you could type the following command: ssh userone@server-ip-address. Enter the password.
- After login, we will be landed in
- In the directory, type the following command, to generate SSH key:
ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/userone/.ssh/id_rsa): Created directory '/home/userone/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/userone/.ssh/id_rsa Your public key has been saved in /home/userone/.ssh/id_rsa.pub
- Change directory
ls id_rsa id_rsa.pub
Open file id_rsa by this command: nano id_rsa then we would find code like the following. Copy and paste it in your local filesystem and save it with name id_rsa
-----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAA 2It+3c1xAw/HHfAAAAEAAAAAEAAAGXAAAAB3NzaC1yc2EAAAADAQABAAABgQ jh2h9ZBSPvPufmCORHOFpBMm04TsewtcZMdwsK0x45GKwB6/I1TM55bLm/y9VGr1AHkedn .............
Now, we have the following:
- Server IP Address
- A user
- An SSH Key
- A keyphrase to open SSH key
It is time to use the WinSCP software. Here is the guidance how to use it:
This manual valid not only for Google Cloud but also for all cloud hostings.