One of the first thing I look for in Un*x/Linux shared hosting is, whether the host provides Secure Shell (SSH) access. As the hosting market becomes more competitive, more and more budget hosts start to provide this feature. However, many, especially ones under big names like GoDaddy and Yahoo, do not offer this essential feature as part of their package.

But what is so essential about SSH?

I can’t live without the shell!

First of all, uploading files via FTP sucks. Period.

Plain vanilla FTP is not secure. While many have accused those who telnet around for sending plain text password through the wire, many people are still relying on unencrypted FTP access to their web host. Hosts should at least have FTP over SSL/TLS, and actively encouraging their users to explicitly demand SSL/TLS when FTPing.

Moreover, FTP to upload files is slow. I am not talking about uploading one or two files. Many sites now consist of many files — server-side scripts, images, Javascript, stylesheets, etc. The easiest way to do is by ensuring the live copy of the site is synchronised with your local copy, so that only those files that have been updated will be uploaded.

Personally I have not found an efficient solution that utilises FTP, to ensure my live copy of the site is synchronised with my local copy. All the FTP synchronisers require traversing through directories to move files up and down. It takes ages (and large amount of bandwidth and CPU time wasted) to ensure two copies are synchronised, and it only works one way.

With SSH, you have a choice to use rsync or related friends over SSH tunnel. It only sends out the bits that have changed, very efficiently. Very useful if you have hundreds or thousands of files.

Better still — this is my personal favourite — you can use the Unison File Synchronizer over SSH tunnel. Unlike rsync which will only synchronise one way, unison does two-way sync and will prompt you to resolve conflicts, in case the same file in both live and local copies have been modified since the last sync. Every now and then I do tinker with my live site just to test things out, and unison ensures my changes also get merged into my local copy.

With efficient tools like rsync and unison where you can upload files efficiently and securely over SSH tunnel, I do not think I can go with a web host that offers only plain FTP.

Debugging Live Scripts

Although it is Linux, but there is rarely identical Linux setup across web hosts. Moreover, the web host environment will probably be very different from your local setup, if you are developing on Windows. The differences in setup will sometimes cause your perfectly working server-side scripts to stop working under live hosting environment. And sometimes it is necessary to do your debugging on the live site — although it is not recommended (especially if you have habit of breaking stuff), but sometimes necessary when code-upload-test-debug cycle just takes too long.

SSH is essential, when you need to log onto the live site to inspect things like error_log or PHP logs in real time.

I do not even know how you are supposed to do if you do not have SSH access to the raw error log files. FTPing in the modified code and FTPing the error log file out every time you made a small adjustment? Get real.

Shell = Power

Well, I won’t touch on this one. But remember what the wise one used to say, “with great power comes great responsibility”. Don’t abuse it :)

Who’s got shell?

Plenty of them. But make sure you check out their plan features and ensure SSH is on the table. Of course, if you have a dedicated server or VPS, you not only have SSH access to your box, you also have the root privileged. However, even in shared hosting not all shells are equal.

For example, with two of my shared hosting accounts, DreamHost and Jumba, you get very different experience when you log in. Take Jumba for example, as it is a cPanel account, you get jailshell with limited visibility (although I can still see the full process list — might be a bug on their side). Moreover, development tool is limited. Python 2.3, Perl 5.8.3, Ruby 1.8.2 and there is no access to gcc.

(Note: this kind of jailed limited environment is probably what you’ll expect from most cPanel hosting that provides SSH. Jumba has in fact provided SSH under a great price — AUD$35.40/USD$27.40 per annual shared hosting in my case. I have also heard that they also provide SSH access to their free hosting clients. However they will only offer on request, and you need a static IP for their firewall rules.)

On the other hand, DreamHost, gives me a great shell. You are still under some kind of jail — at least the visibility to other processes are limited, but you do get to see many other directories and files in the FS (remember: great power - great responsibility). They have 3 different versions of Python installed. Moreover, you have gcc at your disposal. Many DreamHost wiki entries actually suggest you to compile your own version of PHP, Python and other tools, in case they are not provided by the Debian install. That certainly has made your hosting account much much more useful.

What if the compiler is not provided? Fortunately you can know very well what kind of architecture your host is on, and if you have access to a local Linux box, provided your package is not too complicated, you can easily compile a static version (or one that depends on only glibc for example) of binary and upload them. Compiling unison is tedious, as you need to compile and install another bugger. So I just upload the binary I used at home into my hosting account, and it just works.

Final Remark

Still looking for a Linux shared hosting? Besides storage, bandwidth, cost, etc, do look for whether Secure Shell access is provided. It makes your hosting account much more useful.

(Note: This blog entry assumes that you have already acquired the skill to operate inside a un*x shell. I am a software developer, and I have been a Linux user since ‘95 so it is all very natural to me…)