@vmanalyst

Cloud

Setup Secure FTP Server

By Ash Thomas

Loading

The deployment is done on Ubuntu 21.X and I’ve updated the packages on the VM prior to running and installing the SFTP package on it.

Install the SSH server on our VM using the command 

apt-get install openssh-server -y

Start the SSH service and enable the service using the command

systemctl start ssh && systemctl enable ssh

Verify the SSH service is running using the command

systemctl status ssh

Configure SSH for SFTP

Open the sshd config using vi editor and add the following settings towards the end of the file as shown

Match Group sftponly
PasswordAuthentication yes
PermitRootLogin yes 
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp -d uploads

Finally, restart the SSH service

systemctl restart ssh

Create SFTP User Account

We will now create an FTP group and FTP user account who want SFTP access. Create a new group by running the below command

addgroup sftp

Create a new user sftpuser and add the user to sftp group as shown

useradd -m sftpuser -g sftp

Set a password for the user

passwd sftpuser

Grant full access to the sftp user on their own home directory using chmod 

chmod 700 /home/sftpuser

That completes all the configuration of our SFTP server so let’s test access.

On the client machine, just run the below command 

sftp sftpuser@sftp-server-ip

Once you are connected to the SFTP server, you will get the SFTP shell as shown below

Authentication issues if any can found in the auth.log 


root@nsd01:~# tail -f /var/log/auth.log
Jan 17 20:21:55 nsd01 systemd-logind[877]: Session 15 logged out. Waiting for processes to exit.
Jan 17 20:21:55 nsd01 systemd-logind[877]: Removed session 15.
Jan 17 20:27:38 nsd01 sshd[36223]: Accepted password for sftpuser from 192.168.11.102 port 55688 ssh2
Jan 17 20:27:38 nsd01 sshd[36223]: pam_unix(sshd:session): session opened for user sftpuser by (uid=0)
Jan 17 20:27:38 nsd01 systemd-logind[877]: New session 17 of user sftpuser.
Jan 17 20:27:38 nsd01 systemd: pam_unix(systemd-user:session): session opened for user sftpuser by (uid=0)
Jan 17 20:27:39 nsd01 sshd[36352]: fatal: bad ownership or modes for chroot directory "/home/sftpuser"
Jan 17 20:27:39 nsd01 sshd[36223]: pam_unix(sshd:session): session closed for user sftpuser
Jan 17 20:27:39 nsd01 systemd-logind[877]: Session 17 logged out. Waiting for processes to exit.
Jan 17 20:27:39 nsd01 systemd-logind[877]: Removed session 17.
(Visited 57 times, 1 visits today)

By Ash Thomas

Ash Thomas is a seasoned IT professional with extensive experience as a technical expert, complemented by a keen interest in blockchain technology.