Filezilla or WinSCP alternative for Ubuntu

On Windows I'm using FileZilla to upload/download files on my WordPress website, via sftp, while using ssh key.

Now Linux is my primary operating system. For the last month FileZilla client was working fine on Ubuntu 16.04, but now it crashes whenever I start it. I search on internet and found that it is happening with a lot of users. Unfortunately the FileZilla support just have one answer if we ask them:

Ubuntu 16.04 is old OS, use 17.10 or Debian latest version.

I don't want to use 17.10. So I am looking for FileZilla client alternative for Linux, which I can use as sftp client with ssh key.

I found gFTP (which is an old program and I'm not sure how much secure is it?), I also found that I can use Ubuntu file manager to connect to my server. Is that a good idea to connect to server while using Nautilus or Caja?

Actually I don't want to put my username / password in dialogue box which appear when I click File > Connect to server, instead I want to use my .ppk key. How I can add that in Nautilus or Caja?


Using Nautilus

You can use the option Connect to Server in Nautilus as it is shown on the next image.

enter image description here

  • If you need to find the command-line path to the mounted directory use one of the approaches presented here: CLI path to ftp network connection.
  1. The first example - sftp://victoria-pass/home/tri - uses predefined host called victoria-pass and mounts the home/ directory of the remote user called tri.

    To use this approach, you should create user's configuration file for the local ssh client. The file must be called config and placed in the directory .ssh/ in user's home: ~/.ssh/config. According to the example the content of the file should be:

    Host victoria-pass             # this is as 'nickname' of the connection
        HostName victoria.org      # or use the IP address
        IdentityFile ~/.ssh/id_rsa # or provide the fill path to another key
        User tri                   # use the actual name of the remote user
        Port 1111                  # provide the actual port of the remote server
        # other parameters...
    
    # setup each another Host in the same way...        
    

    Change the file permissions:

    chmod 600 ~/.ssh/config
    

    In addition, now you should be able to connect to each of these hosts by a command as:

    ssh victoria-pass
    
  2. The second example - sftp://[email protected]:1111/home/tri - shows how to connect to a remote ssh (sftp) server without using predefined ~/.ssh/config file with a custom ssh port.

    The main cons of this approach is that if the authentication file is not ~/.ssh/id_rsa you should provide it in advance by the command ssh-add. For example if the authentication file is called file.pem:

    ssh-add /full/path/to/the/authentication/file.pem 
    

    I think you should do this every time when you restart the local machine, or you should include the above command in the ~/.profile file.


Usung gFTP

Here are the steps how to setup gFTP to use SSH keys.

enter image description here

  1. In the FTP menu click on Preferences;

  2. Go to SSH tab;

  3. Fill the field SSH Extra Params with this value:

    -o IdentityFile=/home/<your user>/.ssh/id_rsa
    

    Change <user name> with your real username. Or use:

    -o IdentityFile=~/.ssh/id_rsa
    
  4. In gFTP's main window choice SSH2 as type of the connection;

  5. Enter the target Host name, or IP address;

  6. Setup the SSH Port of the target machine (if it's not the default - 22);

  7. Enter User for the SSH connection;

  8. Enter your SSH key's Passphrase (if there is some);

  9. Hit Enter.


Using SSHFS

You could mount a remote directory (or the entire file system) via the command-line tool sshfs. Then you could manipulate it "locally" as you wish. This is my preferable way. Let's assume the mounting directory is ~/mount and you want to mount the remote user's home directory:

sshfs [email protected]:/home/<user> /home/<local-user>/mount/

Or if you have created ~/.ssh/config file:

sshfs host-name:/home/<remote-user> /home/<local-user>/mount/

In addition you could create also /etc/fstab entry - references:

  • How to convert sshfs command to fstab entry?
  • sshfs is not mounting automatically at boot, despite /etc/fstab configuration

Convert the PPK Key

Please note if you are previously have used PPK key, which means PuTTY Private Key, you should convert it because, unlike CloneZilla, the above tools can't read this format. For this purposes you should use the tool puttygen that is a part of the package putty-tools:

sudo apt install putty-tools

Now you can convert the key in this way:

puttygen input-key-filename.ppk -O private-openssh -o output-key-filename.pem

Thanks to @steeldriver for this note. Here is the source and few additional references:

  • How to convert Filezilla PPK to openssh sftp compatible key
  • How to convert PuTTY's .ppk to SSH key
  • How to convert .ppk key to OpenSSH key under Linux?
  • How to SSH Ubuntu from Windows via PuTTY, using key

According to the security

While all approaches use the same method of connection - SSH - the security that they provide should be equivalent. From Wikipedia:

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network... SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server...

The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet... SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary...

One way is to use automatically generated public-private key pairs to simply encrypt a network connection, and then use password authentication to log on...

Another is to use a manually generated public-private key pair to perform the authentication, allowing users or programs to log in without having to specify a password. In this scenario, anyone can produce a matching pair of different keys (public and private)...