Secure PHP development and deployment with SSH and SFTP
|
PHP is first and foremost the language of the web applications. This implies that PHP development and deployment process often involves communications with a remote server. These communications happen every time when you
Securing PHP server with SSH public-key authentication
In a previous article we looked at accessing a remote computer (Unix, Linux or Windows) over non-trusted network and explained how to setup Secure File Sharing with SSH. In that article, we used traditional password based authentication to connect to the login server. In the traditional password based authentication scheme the login server asks you for the password to get in. You need to give your password to the server or it won’t let you in. At the same time, the majority of experts consider password based authentication schemas less secure than those based on certificates or public and private keys. In this article we will look at using Public key authentication as a different means of identifying yourself to a login server, instead of typing a password.
How does Public key authentication work?
There is tons of the information available on the subject of Public key authentication. We will explain it in simple, almost layman’s terms. First, you need to generate a pair of keys:
- Public key to be stored on the server
- Your Private key, to be stored on your own computer
Public Key is placed on the server, nobody but you have the private key, which is vital to the security of SSH or SFTP communications tunnels. We found that the easiest (albeit slightly silly) way to explain the inner workings of Public key authentication is by comparing it to some James Bond spy action movie. Is the Hollywood Academy Award Oscar in our near future? You’ll be the judge of our PHP security scenario.
How to generate Public and Private Keys for PHP deployment
So now you know how these keys work securing the access to your PHP files on the remote server. The advantages of Public key authentication are clear and you are probably wondering now whether you can use it with your PHP IDE. The question is though: How do I generate these keys, where is the nearest SSH locksmith? If PhpED is your favorite IDE - you are in luck, because not only does it provide SSH Terminal it can also generate Public and Private Keys for you - and you don't even have to ask it nicely - just press a couple of buttons . And now lets take a look at the things you can do with PHP Editor equipped with SSH, SFTP and other PHP Tools. The world of opportunities is wide open
|
|
Download NuSphere PHP IDE
Download a free trial of the fast PHP EDitor and robust Integrated Development Environment for PHP.
|
Buy NuSphere PhpED® now
|
Special Team4 Offer
Get 4 copies of PhpED for the price of 3!
Optimum solution for development teams.
|
|
Need more than 4 licenses? Contact Us for more quantity discounts, please use "Ordering/Payment issue" subject on the form.
|
|
"To be honest its bloody awesome, I have looked at loads of PHP editors and this is THE only one that actual works straight out of the box!!! Brilliant, well done."
Andrew Breward, Director of Technology caboodal.com
|
|