AMZ DIGICOM

Digital Communication

AMZ DIGICOM

Digital Communication

Configure an Ubuntu SFTP Server

PARTAGEZ

Ubuntu is a safe and reliable platform if you are looking to set up an SFTP server. The Linux distribution offers integrated tools and packages for use with SFTP. Follow our step-by-step instructions to install and configure an Ubuntu SFTP Server and transfer your data encrypted.

SFTP server under Ubuntu: system requirements

If you’ve ever compared FTP and SFTP, you know that SFTP is a much better solution. Based on FTP, the SFTP protocol uses cryptographic processes to encrypt your data. It is therefore necessary to install additional components, such as Secure Shell (SSH). To install an SFTP server under the current Ubuntu version 22.04the following system configuration must be respected:

  • Processor (CPU) : 2 GHz (dual core)
  • RAM : 4GB
  • Hard disk space : variable depending on the volume of data
  • Operating system : Ubuntu (user with “root” rights)
  • Software suite : OpenSSH
  • Internet connection : sufficient to download packages and connect to the SFTP server

With a secure FTP server hosted by IONOS, enjoy secure hosting of your files, including regular backup and 24/7 support.

Step-by-step instructions: installing an SFTP server in Ubuntu

To configure an FTP server that supports SFTP, first check whether OpenSSH is well installed. Packages are already available by default in Ubuntu. If not, grab said packages from the official repository.

Open the terminal of your Ubuntu system and run the commands given below.

Step 1: Check OpenSSH Packages

This command lists all installed packages by applying the “ssh” filter:

In our example, this gives the following result:

Terminal: OpenSSH packages installed
Terminal: OpenSSH packages installed

If the characters “ii” are displayed, then the packages are successfully installed.

Step 2: Install SSH

OpenSSH not installed? You can fix this using the package manager APT :

$ sudo apt install ssh

bash

Step 3: Change SSHD Configuration

After installation, the SSH daemon configuration file must be adapted. To access it, you can for example use the Nano editor:

$ sudo nano /etc/ssh/sshd_config

bash

Then enter the following lines of code:

Match Group sftpgroup
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

bash

This allows users in the SFTP group to access their home directory via SFTP.

Dedicated servers with IONOS

At the crossroads of hardware and the Cloud: dedicated servers with Cloud integration and per-minute billing + personal advisor!

24/7 support

Unlimited traffic

SSL certificate

Step 4: Restart the SSH Service

Once the configuration file has been modified, you must restart the SSH service:

$ sudo systemctl restart sshd

bash

Step 5: Create an SFTP User and Group

The next step is to create a new group “sftpgroup”, as well as a new user “sftpuser”. For security reasons, it should only be able to access your SFTP server under Ubuntu, and not the SSH service.

$ sudo groupadd sftpgroup

bash

The new user is added to the SFTP group with the “-G” option. The “-d” option allows you to define the home directory, while the “-s” option controls access to the shell.

$ sudo useradd -G sftpgroup -d /srv/sftpuser -s /sbin/nologin sftpuser

bash

Step 6: Create a Password for SFTP User

Choose a secure password for the SFTP user using the “passwd” command:

Step 7: Configure the “chroot” directory

Creating a “chroot” directory allows you to set up a sandbox for running processes. Start by creating a new folder:

$ mkdir -p /srv/sftpuser

bash

Ownership is then assigned to the “root” user using “chown”:

$ sudo chown root /srv/sftpuser

bash

You must then assign read and execute rights to the group:

$ sudo chmod g+rx /srv/sftpuser

bash

Then create a subdirectory and set “sftpuser” as owner:

$ mkdir -p /srv/sftpuser/data
$ chown sftpuser:sftpuser /srv/sftpuser/data

bash

So SFTP user can upload files to subdirectory “ data ”, with rights that remain limited in the “sftpuser” directory. For security reasons, it has read rights, but not write rights.

Step 8: Connect to SFTP Server with Ubuntu

The connection to the SFTP server can be established using the SFTP command line or an FTP client with GUI. Enter the command “sftp” in the terminal, followed by the username and hostname or IP address of the SFTP server.

$ sftp sftpuser@SERVER-IP

bash

If using a user-defined port, it can be specified as follows:

$ sftp -P PORT ftpuser@SERVER-IP

bash

You will then need to enter the password for the SFTP user.

Step 9: Upload Files to SFTP Server

To upload your files to the SFTP server, you should use the “put” command.

Try transferring a file to the “/” directory:

put /path/to/file/on/local /

bash

This command should not work because it concerns the “chroot” directory for which the SFTP user does not have write permission.

Now try again with the “data” directory:

put /path/to/file1/on/local1 /data/

bash

Step 10: View Files on SFTP Server in Ubuntu

List the files in the SFTP command line with the “ls” command:

Files that are on the SFTP server appear here:

Terminal: list of files on the SFTP server
Terminal: list of files on the SFTP server

Télécharger notre livre blanc

Comment construire une stratégie de marketing digital ?

Le guide indispensable pour promouvoir votre marque en ligne

En savoir plus

Souhaitez vous Booster votre Business?

écrivez-nous et restez en contact

Suivez-nous:

© 2024 AMZ DIGICOM All Rights Reserved