The deployment is done on Ubuntu 21.X and I’ve updated the packages on the VM prior to running and installing the SFTP package on it.
Install the SSH server on our VM using the command
|
1 |
apt-get install openssh-server -y |
Start the SSH service and enable the service using the command
|
1 |
systemctl start ssh && systemctl enable ssh |
Verify the SSH service is running using the command
|
1 |
systemctl status ssh |
Configure SSH for SFTP
Open the sshd config using vi editor and add the following settings towards the end of the file as shown
|
1 2 3 4 5 6 7 |
Match Group sftponly PasswordAuthentication yes PermitRootLogin yes ChrootDirectory %h X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp -d uploads |
Finally, restart the SSH service
|
1 |
systemctl restart ssh |
Create SFTP User Account
We will now create an FTP group and FTP user account who want SFTP access. Create a new group by running the below command
|
1 |
addgroup sftp |
Create a new user sftpuser and add the user to sftp group as shown
|
1 |
useradd -m sftpuser -g sftp |
Set a password for the user
|
1 |
passwd sftpuser |
Grant full access to the sftp user on their own home directory using chmod
|
1 |
chmod 700 /home/sftpuser |
That completes all the configuration of our SFTP server so let’s test access.
On the client machine, just run the below command
|
1 |
sftp sftpuser@sftp-server-ip |
Once you are connected to the SFTP server, you will get the SFTP shell as shown below
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
Authentication issues if any can found in the auth.log root@nsd01:~# tail -f /var/log/auth.log Jan 17 20:21:55 nsd01 systemd-logind[877]: Session 15 logged out. Waiting for processes to exit. Jan 17 20:21:55 nsd01 systemd-logind[877]: Removed session 15. Jan 17 20:27:38 nsd01 sshd[36223]: Accepted password for sftpuser from 192.168.11.102 port 55688 ssh2 Jan 17 20:27:38 nsd01 sshd[36223]: pam_unix(sshd:session): session opened for user sftpuser by (uid=0) Jan 17 20:27:38 nsd01 systemd-logind[877]: New session 17 of user sftpuser. Jan 17 20:27:38 nsd01 systemd: pam_unix(systemd-user:session): session opened for user sftpuser by (uid=0) Jan 17 20:27:39 nsd01 sshd[36352]: fatal: bad ownership or modes for chroot directory "/home/sftpuser" Jan 17 20:27:39 nsd01 sshd[36223]: pam_unix(sshd:session): session closed for user sftpuser Jan 17 20:27:39 nsd01 systemd-logind[877]: Session 17 logged out. Waiting for processes to exit. Jan 17 20:27:39 nsd01 systemd-logind[877]: Removed session 17. |