If you’re running an Amazon Lightsail instance, chances are that you’ll want to edit files directly on the server. To do that, you need to connect to your Lightsail instance using SFTP (SSH File Transfer Protocol or Secure File Transfer Protocol), which is a more secure option than traditional FTP (File Transfer Protocol). It allows server-to-server transfers between your and your Lightsail instance in a safe way, allowing you to upload, download or edit files securely on your Lightsail server.

Choosing an SFTP Client

There’s many different clients available and most support SFTP. Two of our favourites are Cyberduck (Mac OS and Windows) and Nova (Mac OS).

Cyberduck is available for free, so it tends to be a popular option if all you’re looking for is an SFTP client. It supports other protocols and cloud storage systems as well, such as FTP, WebDAV, Amazon S3, OpenStack Swift, Backblaze B2, Microsoft Azure, Files.com, OneDrive, Google Drive, and DropBox. However, it’s not a text editor, so you’ll need to edit your files in another application.

Nova is a text editor with built-in support for many programming languages – 27 to be exact, plus plain text.  The huge time-saver with this software is that you can edit files all within the Nova interface, without needing to switch to another application. It includes support for SSH/SFTP, FTP, Amazon S3, WebDAV HTTPS, Amazon S3 with IAM Role, Backblaze B2, Box, DreamObjects, DropBox, FTP with Implicit SSL, FTP with TLS/SSL, Google Drive, Microsoft Azure, Microsoft OneDrive, Microsoft OneDrive for Business, OpenStack Swift, Rackpsace Cloud Files and WebDAV. Do you really need anything more?

If you’re looking for an excellent way to write code and be connected to your server environment at the same time, then Nova is an amazing choice, albeit not free. If you’re just looking for a free SFTP client, then Cyberduck is hard to beat and easy on the wallet.

Connecting to Lightsail using SFTP

We’re going to tell you how to connect to Lightsail using Nova and Cyberduck since they are both popular options, plus we’ll be using the Terminal application in a Mac OS environment. The process is essentially the same for both, with just a few subtle differences between the Nova and Cyberduck interfaces.

Download the Lightsail private key

To connect to your server using SFTP, you’ll first need to obtain the private key .pem file for your Lightsail instance. It is used in the SFTP client instead of a password and is a way to protect your connections from stolen passwords.

  1. Go to the Lightsail Account Page.
  2. Select the SSH keys tab.
  3. Click Download to obtain the .pem file.

Elevate permissions on the Lightsail private key

For the private key to work correctly, we need to elevate permissions on the file.

  1. Start the Terminal application on Mac OS from Finder under Applications > Utilities > Terminal.
  2. Type chmod 400  ensuring you include a space at the end of this command as shown – it’s important!
  3. Drag and drop the .pem file you downloaded in the previous section onto the Terminal window.
  4. Hit return to run the command against the file.
  5. Type exit and hit return, then Cmd+Q to quit the Terminal application.

Move the private key to your .ssh folder

The .ssh folder in Mac OS is a designated location for storing private keys. You don’t have to use this location, but most SFTP clients will automatically look here for a key when you first create a new connection. If you don’t want to use the .ssh folder, you can add your private key .pem file from any location directly into the SFTP client. See more in the following section.

  1. From the Finder application, press Cmd+Shift+G on your keyboard.
  2. Enter ~/.ssh in the Go to folder field.
  3. Hit return or click Go.
  4. Drag your .pem file from its current location into the .ssh folder.

Connect to the Lightsail server using an SFTP client

Use Cyberduck to connect to Lightsail

  1. On the toolbar, click Open Connection.
  2. Select SFTP (SSH File Transfer Protocol) from the dropdown box.
  3. In the Server field, enter the Public IP address of your Lightsail instance.
  4. In Username enter bitnami – this is the default username for Lightsail installations and cannot be changed.
  5. From the SSH Private Key dropdown, select the .pem file you added to the .ssh folder earlier. If you’ve opted not to store your .pem file in the .ssh folder, select Choose then locate and select your .pem file and click the Choose button.
  6. Click the Connect button.
  7. Your SFTP connection is now open. To save this connection for future use, click Action on the toolbar, then New Bookmark.
  8. A new window will appear with the credentials you entered earlier.
  9. Set the Nickname field to a friendly name, such as your website domain name.
  10. Close the window.
  11. Double-click the new connection added to the Cyberduck interface.
  12. Your SFTP connection is now open, and you can add, remove and edit files.

Use Nova to connect to Lightsail

  1. Press Cmd+, on your keyboard to access Preferences.
  2. Click Servers.
  3. Click the + icon at the bottom left of the window.
  4. Set the Untitled Server field to a friendly name, such as your domain name.
  5. Ensure the selected Protocol is SSH/SFTP.
  6. In Address enter the Public IP of your Lightsail instance.
  7. In Username enter bitnami – this is the default username for Lightsail installations and cannot be changed.
  8. In the Password field, click the image of the key then Manage Keys.
  9. Click the + icon at the bottom left of the window then Import Keys.
  10. Find and select the .pem file you downloaded earlier. If you can’t see the .pem file, you may not be in the .ssh folder. If so, navigate to Macintosh HD > Users > [username] > .ssh and you should see your private key .pem file. If you’ve opted not to store your .pem file in the .ssh folder, you can select the file from any other location.
  11. Click Import.
  12. Go back to the previous window by clicking the < icon in the toolbar.
  13. In the Password field, click the image of the key once again, then under Authenticate with Key select the .pem file you just imported.
  14. Set Remote Path to your preferred default location. For Bitnami WordPress installations, this will probably be the WordPress root folder at /opt/bitnami/apps/wordpress/htdocs.
  15. Set Remote URL to your website URL.
  16. Click Save.
  17. For quick access, you can now drag the server connection you created onto the Nova desktop.
  18. Close the Servers window.
  19. Double-click the new connection added to the Nova desktop.
  20. Your SFTP connection is now open, and you can add, remove and edit files.