DEV Community

Cover image for SFTP server in Ubuntu
Anirudhan
Anirudhan

Posted on • Edited on

SFTP server in Ubuntu

As you all know, there are already multiple sites and blogs available in the internet for configuring SFTP server in Ubuntu. This is no difference from them in terms of content. Instead, I am just quickly summarizing the steps here and even giving little insights (with screenshots) for any reference in the future.

Note: Please use sudo before each command if not root user

Verify SSH is installed in your ubuntu

systemctl status ssh

Alt Text

If SSH not installed, please follow the below steps to install it

  • Install it - apt-get install openssh-server
  • Enable the ssh service - systemctl enable ssh
  • Start the ssh service - systemctl start ssh

Now that SSH is installed and running on your Ubuntu system you can connect to it via SSH from any remote machine.

  • Try accessing the system using SSH - ssh user@server-name

If you can't connect to remote machine using SSH, please make sure to enable firewall on that ubuntu system

  • Check the status of the firewall - ufw status
  • Open the SSH port in firewall - ufw allow ssh
  • Enable the firewall - ufw enable

Create a parent folder for sftp

Once you connect sftp, this will be the parent folder.

E.g. I have already created a folder named 'sftp' in the root ('/') directory as shown in the below diagram.

Alt Text

Create a new group to access sftp server

This step is optional. You can create a group and then add user to it or directly create a user too - To access sftp server

  • Create a new group - addgroup sftpusers (sftpusers is the group name)

Alt Text

Create a new user to access sftp server

  • Create a new user - useradd sftpuser (sftpuser is the user name)

Alt Text

  • Verify the new user created - less /etc/passwd | grep sftpuser (sftpuser is the user that I have created)

Alt Text

  • Set the password for the new user created - passwd sftpuser (Ensure to remember the password for the created user)

Alt Text

Add this new user to the group created

Please skip this step, if you didn't create a group and plan to access sftp server directly using the user

  • Add the new user to new group created - usermod -a -G sftpusers sftpuser

Alt Text

  • Verify the user is added to the group - grep sftpusers /etc/group

Alt Text

Create directories inside sftp folder

Create a directory inside parent sftp directory (here inside /sftp)

E.g. Creating couple of directories named uploads, downloads inside /sftp directory

Alt Text

Set permission for the created directories inside sftp folder

  • Give ownership and full permission for the root to access parent directory - chown root:root /sftp and chmod 755 /sftp

Alt Text

  • Likewise, give ownership for the user/ group to the folders inside parent directory

    • If group created - chown sftpuser:sftpusers /sftp/uploads /sftp/downloads
    • If user only created not group - chown sftpuser /sftp/uploads /sftp/downloads [here sftpuser is the user]

    Here sftpuser is the username and sftpusers is the groupname that we have created above

  • Provide required permission to the folders inside parent directory - chmod 775 /sftp/uploads /sftp/downloads

Alt Text

Modify the SSH server configuration file

  • Open the SSH server configuration file - sudo nano /etc/ssh/sshd_config

  • Comment out the following line - #Subsystem sftp /usr/lib/openssh/sftp-server (Highlighted in Yellow)

  • Also, add block of lines at the end of file to enable sftp (Highlighted in Yellow), then save the file

Alt Text

  • For the specification of parent folder created for SFTP and if only user created (not group) to access SFTP server - Refer the text (Highlighted in Red)

Restart the SSH service

  • To apply the configuration changes, restart the service - systemctl restart sshd

Alt Text

Verify the SFTP connection

  • Now you can access SFTP server using the following command - sftp username@hostname [here sftp sftpuser@localhost]

  • After entering the password, it will go inside the sftp parent directory configured in the above step [here /sftp] within which it will show the folders we have created [here two folders named uploads and downloads will be shown - which is created before]

Alt Text

Hurray ! Now you have successfully configured SFTP server and accessed it

Note: In real-time operating system, SFTP is configured in a particular server (or the even the whole server is used for SFTP purpose) and all the applications access the SFTP server by mentioning the respective hostname, port, username and password

Top comments (1)

Collapse
 
morphzg profile image
MorphZG

Thanks for sharing. Trying to connect android phone over Total commander SFTP plugin and my linux pc. Hope this will work.