Uploading using SFTP
When publishing a site, Sandvox is able to upload files by three methods; FTP, WebDav and SFTP. You make this choice when setting up your host.
We encourage you to use SFTP if possible since it is more secure. This article is about uploading using SFTP connections. For a more in-depth look at the SFTP protocol, you may find this article helpful.
Passwords versus Public Keys
There are two ways of securing an SFTP connection; You can either use a password or a public key. You make this choice when entering your Host settings.
To use a public key instead of a password requires your computer and Host to be suitably set up. By using a public key, the security of the connection is increased since the encryption method is agreed before the handshake. (Suffice to say, if you don't understand this, using a public key is not for you!).
For some background information on public keys, you may be interested in this article.
The Connection Process
Authorizing the Connection
Whenever Sandvox connects to a host by SFTP, it checks the fingerprint of the server. If the fingerprint has changed since the last time Sandvox connected, you are alerted like this:
This is because if the fingerprint of a server changes, it is possible that the server has been compromised, placing your personal data at risk.
However, if you are connecting to the server for the very first time (i.e. you are setting up your host), then you will still be warned. In that scenario, it should be fine to authorize the connection. If not, you should contact your host to check that this behavior is correct.
Public Key Passphrase
If you have chosen to use a public key, Sandvox will prompt you:
A passphrase can be used to further protect your public key. If you are using a passphrase enter it, if not simply leave the box blank.
You can check the "Save" box to have Sandvox securely store the passphrase in your Keychain so that you will not have to enter it each time you connect to the Host.
