FTP and SSH

Raekye edited this page Feb 19, 2018 · 6 revisions

What is FTP?

FTP is a protocol for transferring files between computers. This is useful for uploading Minecraft server jars, Bukkit plugins, Forge mods, downloading world backups, and so on.

What is SSH?

SSH is a protocol that gives users remote shell access to a computer. Although Minecraft servers typically don't require SSH access, it is a very useful tool for system administrators.

Note: there are troubleshooting tips below.

Do I use FTP or SSH?

FTP is probably easier to use for people less familiar with servers and Linux, but arguably all server administrators should know how to SSH. It's easy to pick up if you're willing, and once you're good with it SSH can be much quicker (you have more control and flexibility)!

Note: Since SourceForge is badness now... you should probably stick to PuTTY and WinSCP on Windows and stick to the ssh and scp commands on OSX and Linux.

Change your password!

  • SSH into your server
  • Run passwd
  • Enter your old and new password into the prompt
  • Exit (run exit)

Notes

  • Your home folder is /home/mcuser. This is sometimes abbreviated as a tilda (~)
  • "Your Minecraft folder" refers to ~/minecraft. Inside here you'll find the server jar and world folder
  • You should always stop Minecraft and back up your world before making changes
  • Do not rename/delete the minecraft folder
  • Avoid changing files outside your home directory. You may break components Gamocosm relies on to automate your server
  • For SSH, you are given sudo access, but again, please be careful what you do or you may break the server setup. You shouldn't need to change anything outside of the minecraft folder. Gamocosm is all open source, so you can see exactly how it works, and figure out what you can do.

FTP and SSH Credentials

Your credentials, such as the user, host/ip address, port, and password are specified under the "FTP and SSH Access" tab on Gamocosm.

FTP: Client

To use FTP, you first need an FTP client. We recommend FileZilla, which is open source, free, and cross-platform. You can download FileZilla from it's website (the download link will take you to SourceForge). On Linux, Filezilla is usually available from the official repositories, and you can get it from your package manager ((sudo) apt-get install filezilla or (sudo) yum install filezilla). On Windows, there's also WinSCP.

FTP: Connecting

  1. Click "File" -> "Site Manager", and then "New Site"
  2. Fill in the information under the "General" tab using the credentials from Gamocosm. Make sure you choose the SFTP protocol. Ignore the other tabs
  3. You may be prompted about a "fingerprint". Choose "Trust", but don't check "Always trust this host". Read more about fingerprints in the SSH section below
  4. You can now connect! Your Minecraft data is in the "minecraft" folder in your home directory

FTP: Use

You now have two file explorers; the one of the left shows your computer's files, and the one on the right shows your server's files. Double click or drag to download/upload.

FTP: Editing files

  1. Download the file to your computer
  2. Edit the file on your computer
  3. Upload the file back, replacing the old version

SSH: Client

SSH is included on vanilla Unix/Linux systems. On OSX, open Terminal.app. On a Linux distro, open your terminal emulator (gnome-terminal, konsole, xterm, etc.).

On Windows, you need to download an SSH client. We recommend PuTTY. Download "putty.exe" somewhere convenient, such as your Desktop. There's also WinSCP if you just need an FTP/SFTP/SCP client (no SSH).

SSH: Connecting

In your terminal, run ssh -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -p <port> <user>@<host>. If you leave out the two "-o" flags, SSH will ask you about a fingerprint. Type "yes" to continue, and SSH will save the fingerprint. If you restart your server, it will have another fingerprint, and you will have to remove the saved fingerprint from ~/.ssh/known_hosts to continue. You can do this manually with a text editor or run sed -i "/<ip address>/d" ~/.ssh/known_hosts (sed on Wikipedia).

On Windows, start PuTTY and enter the host and port. Connect and PuTTY will also say something about fingerprints. Choose "yes", and enter the user, and password. The next time you connect after restarting your server, PuTTY will tell you that the fingerprint has changed; choose "yes" - this is expected.

If your server IP address changes, you may not get the warning about a changed fingerprint (although the SSH client will tell you about accepting a new fingerprint), because you are connecting to a new IP. If you have connected to that IP before, then your SSH client may have recorded the old fingerprint and warn you.

SSH: Use

To upload files, you can use scp (secure copy, transfer files over SSH): scp -P <port> <path/to/your/file> <user>@<host>:<path/to/remote/file> (run this from your computer's terminal). Alternatively, you can download the directly from the server with wget: wget -O <name/or/path/to/your/file> <url> (run this while SSH'd into your server).

To download files from your server, run scp -P <port> <user>@<host>:<path/to/remote/file> path/to/local/file (notice: this is just the reverse of uploading files).

To edit text files remotely, you can use a terminal based editor such as vi. You don't have to download files, edit them locally, and upload them, which is one way SSH is faster/more convenient than FTP.

Windows users: there is a SCP client for Windows by the same person who made PuTTY, but it does the same thing as FTP - upload and download files.

Troubleshooting

SSH is the typical way to access Linux servers, so it's kinda a chicken or egg problem if you can't SSH. Fortunately, with Digital Ocean you can still access your server without SSH, see Regaining Server Access, which lets you access a web console/shell. Unfortunately, you may have to learn how to use a terminal text editor such as vi/vim, emacs, or nano.

Bad file permissions

Do ls -la ~/.ssh:

  • . (first entry, stands for the current folder (~/.ssh): Should be drwx------ (700)
  • authorized_keys: public keys that are allowed to connect: Should be -rw-r--r-- (644) or less (more restrictive)
  • id_rsa (private key file, if you made one on your server): Should be -rw------- (600)
  • id_rsa.pub (public key file corresponding to your private key): Should be -rw-r--r-- (644) or less
  • known_hosts (SSH server fingerprints you've connected to from your server): Should be -rw-r--r-- or less

SSH daemon config

See Regaining Server Access.

You can set them by chmod <number> <file/folder>. If the first two permissions are incorrect you will not be able to SSH into a server. If the private or public key files are incorrect you will not be able to SSH from your server using those keys.

About SSH Fingerprints

SSH uses public and private key cryptography for secure data communication. A fingerprint is a short sequence of bytes used to verify a longer public key. When you stop your server, Gamocosm has to save it and destroy it, or Digital Ocean continues to charge you. When you start a server, Gamocosm restores your server from the backup. Because it is a new server, it has a new fingerprint. That is why SSH clients complain about the server having a different fingerprint.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.