How to set up an SFTP server on Linux | TechRepublic about:reader?url=https%3A%2F%2Fwww.techrepublic.com%2Farticl...
techrepublic.com
How to set up an SFTP server
on Linux
Jack Wallen
4-5 minutes
These steps walk you through the process of
setting up an SFTP server on Linux for the secure
transfer of files for specialized file transfer-only
users.
1 of 7 05/10/2022, 15.15
How to set up an SFTP server on Linux | TechRepublic about:reader?url=https%3A%2F%2Fwww.techrepublic.com%2Farticl...
Image: Jack Wallen
Editor’s note: The article was edited to correct
username conventions within the commands.
CentOS 7 or any Linux server distribution is a very
powerful server that performs above and beyond
what your business might need. Whatever task you
throw at the server, it will be ready. And, if it isn’t
ready out of the box, you can make it so.
Take, for instance, the ability to easily configure
CentOS 7 to work as an SFTP server. If you aren’t
sure about SFTP, it is the FTP service built into
Secure Shell (SSH), which allows users to securely
push and pull files to and from the server, using
SSH. With CentOS 7, there’s no third party
software to install to make this work–everything is
installed out of the box. There is, however, a slight
bit of work to be done to get this configured.
I’m going to walk you through the process of
setting up an SFTP server. I’ll demonstrate by
2 of 7 05/10/2022, 15.15
How to set up an SFTP server on Linux | TechRepublic about:reader?url=https%3A%2F%2Fwww.techrepublic.com%2Farticl...
creating a single user that is limited to only SFTP
logins. Once you know how to do this, you can
create as many users as you need. I’ll be using
CentOS 7 as my platform, but this process will
work on any Linux distribution.
Let’s make it work.
What you’ll need
As I mentioned, CentOS 7 already has everything
you need, out of the box. What you must have,
however, is access to an account with admin rights.
Once you’ve procured that access, it’s time to
make this work.
SFTP Directory
The first thing we must do is create a directory that
will house our FTP data. Open up a terminal
window, su to the root user (type su and then,
when prompted, type the root user password), and
then issue the following two commands:
mkdir -p /data
3 of 7 05/10/2022, 15.15
How to set up an SFTP server on Linux | TechRepublic about:reader?url=https%3A%2F%2Fwww.techrepublic.com%2Farticl...
chmod 701 /data
Create the SFTP group and user
Now we’re going to create a special group for
SFTP users. This is done with the following
command:
groupadd sftp_users
Now we’re going to create a special user that
doesn’t have regular login privileges, but does
belong to our newly created sftp_users group.
What you call that user is up to you. The command
for this is:
useradd -g sftp_users -d /upload -s
/sbin/nologin USERNAME
Where USERNAME is the name of the user.
Next, give the new user a password. This
password will be the password the new users use
to log in with the sftp command. To set up the
password, issue the command:
passwd USERNAME
4 of 7 05/10/2022, 15.15
How to set up an SFTP server on Linux | TechRepublic about:reader?url=https%3A%2F%2Fwww.techrepublic.com%2Farticl...
Where USERNAME is the name of the user
created above.
Create the new user SFTP directory
Now we’re going to create an upload directory,
specific to the new user, and then give the directory
the proper permissions. This is handled with the
following commands:
mkdir -p /data/USERNAME/upload
chown -R root:sftp_users
/data/USERNAME
chown -R USERNAME:sftp_users
/data/USERNAME/upload
Where USERNAME is the name of the new user
you created above.
Configure sshd
Open up the SSH daemon configuration file with
the command:
nano /etc/ssh/sshd_config
At the bottom of that file, add the following:
5 of 7 05/10/2022, 15.15
How to set up an SFTP server on Linux | TechRepublic about:reader?url=https%3A%2F%2Fwww.techrepublic.com%2Farticl...
Match Group sftp_users
ChrootDirectory /data/%u
ForceCommand internal-sftp
Save and close that file. Restart SSH with the
command:
systemctl restart sshd
Logging in
You’re all set to log in. From another machine on
your network that has SSH installed, open up a
terminal window and issue the command:
sftp USERNAME@SERVER_IP
Where USERNAME is the name of our new user
and SERVER_IP is the IP address of our SFTP
server. You will be prompted for USERNAME’s
password. Once you successfully authenticate, you
will be greeted with the sftp prompt. Type pwd to
check the working path and you should see /upload
(Figure A).
Figure A
6 of 7 05/10/2022, 15.15
How to set up an SFTP server on Linux | TechRepublic about:reader?url=https%3A%2F%2Fwww.techrepublic.com%2Farticl...
A simple solution
That’s all there is to setting up an SFTP server on
Linux. For any company looking to offer staff and
clients a simple, secure means of uploading and
downloading files, this is a not only a great solution
but also very budget friendly one. Get your SFTP
server up and running with zero cost and zero
headache.
7 of 7 05/10/2022, 15.15