If the username and password are lost, anybody who knows this can access the server using the FTP Client. How to prevent this? My owner wants the developer can access the server through only the DigitalOcean website.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
In addition to what has been mentioned already, an alternative option is to use a Cloud firewall. That way you can add firewall rules and lock down port 22 directly via your DigitalOcean Control panel.
For more information on how to set that up you can follow the steps here:
Hope that this helps.
This is probably the best tutorial on the subject even if you are not using DO, https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-20-04
Well, Filezilla and FTP use users created on your Droplet. What you can do is disable those users if they are not needed OR change the password of the user so that nobody knows it.
Another solution would be to turn off PasswordAuthentication in your /etc/ssh/sshd_config so that only people that have their key added to your Droplet are able to log in.