With WinSCP you can easily upload and manage files on your DigitalOcean droplet/server over SFTP protocol.
Before starting you should have WinSCP installed.
While you can use the root password to login with WinSCP, it is more secure to use a public key authentication.
First you need to generate your key pair, if you do not have one yet:
- Use PuTTYgen tool to generate new key.
- PuTTYgen installs by default with WinSCP. One way, to run it, is using Tools > Run PuTTYgen command on WinSCP Login dialog.
Easiest way to setup the public key authentication is directly when creating the droplet.
- In PuTTYgen, copy the contents of Public key for pasting into OpenSSH authorized_keys file to the clipboard;
- In Add SSH Keys section of the Create Droplet form, click Add SSH Key;
- Paste the public key fingerprint from clipboard;
- And confirm by clicking Add SSH Key button.
If you want to add the key to your existing droplet:
Collect information about your droplet:
- IP address: It is the dotted number in a format
aaa.bbb.ccc.dddbelow your droplet hostname on the droplet console panel.
- Host key fingerprint: On the first connect you will be prompted to verify a server host key. While the DigitalOcean documentation suggests you can accept the droplet host key on the first connect without verifying it, to maintain maximum security, you should securely acquire a fingerprint of the host key:
- Connect to the droplet with the DigitalOcean console;
- Use the following commands to display fingerprints of the host keys:
root@droplet:~# ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub 2048 SHA256:z6YYzqGiAb1FN55jOf/f4fqR1IJvpXlKxaZXRtP2mX8 root@droplet-1 (RSA) root@droplet-1:~# ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub 1024 SHA256:K1kYcE7GHAqHLNPBaGVLOYBQif04VLOQN9kDbiLW/eE root@droplet-1 (DSA)
Start WinSCP. Login dialog will appear. On the dialog:
- Make sure New site node is selected.
- On the New site node, make sure SFTP protocol is selected.
- Enter your droplet IP address (see above) into the Host name box.
rootinto the User name box.
- If you are authenticating with the root password:
- Enter your root password into the Password box.
- If you are authenticating with the private key:
- Save your site settings using the Save button.
- Login using the Login button.
- Verify the host key by comparing fingerprints with those collected before (see above).