Field-programmable gate arrays (FPGAs) are, like CPUs, susceptible to side-channel information leakage and covert communication. The malleability of FPGAs enables users to create and control physical effects, and sense and measure the consequences. With FPGAs becoming integrated into the cloud, a range of hardware-and software-based attacks may be waiting to be discovered. In this survey, we focus on physical channels used for side-channel attacks or covert communication. Physical channels are those that exist due to the physical properties of FPGAs, for example: power consumption, temperature, or electromagnetic emission. We include the most recent demonstrations of malicious or unintended use of physical channels in remote and/or shared FPGAs, propose taxonomies, compare the efficiency and feasibility of the attacks, and discuss challenges in preventing them.