As you all know, there are already multiple sites and blogs available in the internet for configuring SFTP server in Ubuntu. This is no difference from them in terms of content. Instead, I am just quickly summarizing the steps here and even giving little insights (with screenshots) for any reference in the future.
Note: Please use
sudo
before each command if notroot
user
Verify SSH is installed in your ubuntu
systemctl status ssh
If SSH not installed, please follow the below steps to install it
- Install it -
apt-get install openssh-server
- Enable the ssh service -
systemctl enable ssh
- Start the ssh service -
systemctl start ssh
Now that SSH is installed and running on your Ubuntu system you can connect to it via SSH from any remote machine.
- Try accessing the system using SSH -
ssh user@server-name
If you can't connect to remote machine using SSH, please make sure to enable firewall on that ubuntu system
- Check the status of the firewall - ufw status
- Open the SSH port in firewall -
ufw allow ssh
- Enable the firewall -
ufw enable
Create a parent folder for sftp
Once you connect sftp, this will be the parent folder.
E.g. I have already created a folder named 'sftp' in the root ('/') directory as shown in the below diagram.
Create a new group to access sftp server
This step is optional. You can create a group and then add user to it or directly create a user too - To access sftp server
- Create a new group -
addgroup sftpusers
(sftpusers is the group name)
Create a new user to access sftp server
- Create a new user -
useradd sftpuser
(sftpuser is the user name)
- Verify the new user created -
less /etc/passwd | grep sftpuser
(sftpuser is the user that I have created)
- Set the password for the new user created -
passwd sftpuser
(Ensure to remember the password for the created user)
Add this new user to the group created
Please skip this step, if you didn't create a group and plan to access sftp server directly using the user
- Add the new user to new group created -
usermod -a -G sftpusers sftpuser
- Verify the user is added to the group -
grep sftpusers /etc/group
Create directories inside sftp folder
Create a directory inside parent sftp directory (here inside /sftp)
E.g. Creating couple of directories named uploads, downloads inside /sftp directory
Set permission for the created directories inside sftp folder
- Give ownership and full permission for the root to access parent directory -
chown root:root /sftp
andchmod 755 /sftp
-
Likewise, give ownership for the user/ group to the folders inside parent directory
- If group created -
chown sftpuser:sftpusers /sftp/uploads /sftp/downloads
- If user only created not group -
chown sftpuser /sftp/uploads /sftp/downloads
[heresftpuser
is the user]
Here
sftpuser
is the username andsftpusers
is the groupname that we have created above - If group created -
Provide required permission to the folders inside parent directory -
chmod 775 /sftp/uploads /sftp/downloads
Modify the SSH server configuration file
Open the SSH server configuration file -
sudo nano /etc/ssh/sshd_config
Comment out the following line -
#Subsystem sftp /usr/lib/openssh/sftp-server
(Highlighted in Yellow)Also, add block of lines at the end of file to enable sftp (Highlighted in Yellow), then save the file
- For the specification of parent folder created for SFTP and if only user created (not group) to access SFTP server - Refer the text (Highlighted in Red)
Restart the SSH service
- To apply the configuration changes, restart the service -
systemctl restart sshd
Verify the SFTP connection
Now you can access SFTP server using the following command -
sftp username@hostname
[heresftp sftpuser@localhost
]After entering the password, it will go inside the sftp parent directory configured in the above step [here
/sftp
] within which it will show the folders we have created [here two folders nameduploads
anddownloads
will be shown - which is created before]
Hurray ! Now you have successfully configured SFTP server and accessed it
Note: In real-time operating system, SFTP is configured in a particular server (or the even the whole server is used for SFTP purpose) and all the applications access the SFTP server by mentioning the respective hostname, port, username and password
Top comments (1)
Thanks for sharing. Trying to connect android phone over Total commander SFTP plugin and my linux pc. Hope this will work.