How to set up an SFTP Server on Linux

SFTP is an excellent method of file transfer over the FTP when you need a secure file transfer, but how does SFTP differ from FTP? Let's look at core differences, and how to create an SFTP server on your Linux system.

When it comes to “file transfers”, there are myriad ways to do it. We already covered a decent amount of methods, including transferring files between the Windows and Linux systems, FTP, or File Transfer Protocol to move files between various machines over the network. If you are looking for a more secure way of transfer data over the web, then you have to look at SFTP.

SFTP Vs. FTP

SFTP, which is short for Secure File Transfer Protocol, is a great protocol that is used to establish a secure and encrypted connection to transfer files safely. This is possible because SFTP uses an encrypted type of fingerprint technology to verify host keys before any data transfer has begun. On the other hand, FTP offers no encryption of any kind and is not recommended for use on an insecure network such as the cloud.

Another area where SFTP shines is due to a simpler client-side firewall. Only port 22 will need to be open to send and receive data, which implies firewall configurations can be simpler and improves file sharing security. FTP protocol needs to open multiple channels for the data transfer to take place.

Additional Layer of Security

Additionally, and for more security, we recommend enabling the chroot feature on specific user accounts. The idea behind the chroot is that it depends on isolating some applications, files and putting them in something like a jail to detach them from the rest of your machine directories. Hence, if a user account has the chroot feature enabled, then he or she is the only one that has access to the content of his or her directories, applications, and files.

Setting up SFTP server on Linux

In this tutorial, we will walk you through setting up the SFTP on your Ubuntu machine. This guide is divided into the following sections:

  1. Create an SFTP Group and User.
  2. Install SSH Daemon.
  3. Configure SSH Daemon.
  4. Login To SFTP using Command-Line or Graphical User Interface.

However, before starting, you need to make sure that your machine is updated using the following commands. The below commands are for updating Ubuntu and derivatives. If you are on other Linux distribution, please update your system before proceeding further.

sudo apt update
sudo apt upgrade

1. Creating an SFTP Group and User

First, let’s create a new group and user that you can use to login with SFTP.

Step 1. Create a new group named sftp_fosslinux as following:

sudo addgroup sftp_fosslinux

Add New SFTP Group
Add New SFTP Group

Step 2. Create a new user named “sftpfossuser” and add it to the previously created group.

sudo useradd -m sftpfossuser -g sftp_fosslinux

Add New SFTP User
Add New SFTP User

Step 3. Add a password to the new SFTP user.

sudo passwd sftpfossuser

Set Password For New SFTP User
Set Password For New SFTP User

Step 4. Now, grant the new SFTP user complete access to their new home directory as follows:

sudo chmod 700 /home/sftpfossuser/

Grant Full Access to New SFTP User On their Home Directory
Grant Full Access to New SFTP User On their Home Directory

Now you are ready to install SSH and configure it.

2. Installing SSH Daemon

For the SFTP to work correctly, you can install SSH or OpenSSH server. If none of them is already installed on your machine, then use the following command to install the SSH server:

sudo apt install ssh

Install SSH Package
Install SSH Package

3. Configuring SSH Daemon

After the SSH installation is complete, open the SSHD configuration file to edit some configurations.

Step 1. Open the SSHD file using your favorite editor.

sudo vi /etc/ssh/sshd_config

Open SSHD Configuration File
Open SSHD Configuration File

Step 2. Now scroll down to the end of the configuration file and add the next few lines:

Match group sftp_fosslinux 
ChrootDirectory /home 
X11Forwarding no 
AllowTcpForwarding no 
ForceCommand internal-sftp

Save and close the SSHD configuration file.

Edit SSHD Configuration File
Edit SSHD Configuration File

The previous configurations mean to allow users in the sftp_fosslinux group to access and use their home directories via the SFTP. Even more, it will prevent any other normal SSH access to those files.

Step 3. Now let’s restart the SSH service to apply previous changes.

sudo systemctl restart ssh

Restart SSH Service
Restart SSH Service

4. Log in to SFTP

Using Command-Line Method

You can use the command line terminal to test your login to the SFTP locally.

Step 1. From the terminal, log in using the command:

sftp sftpfossuser@127.0.0.1

Login Using SFTP
Login Using SFTP

Step 2. Next, your SFTP username and password will be needed.

SFTP Connected Successfully
SFTP Connected Successfully

Step 3. Move to the SFTP user home directory and try to create a new directory as following:

cd sftpfossuser
ls

Move to SFTP User Home Directory
Move to SFTP User Home Directory

mkdir sftpdir
ls

Create New Directroy Usign SFTP
Create New Directory Using SFTP

To exit the SFTP connection just type:

 exit

Exit SFTP Connection
Exit SFTP Connection

Using Graphical User Interface Method

In case you need to log in with SFTP using a graphical application, then you can use the default Nautilus Ubuntu file manager.

Step 1. From the “Activities” menu, browse and select the Nautilus file manager.

Open Default Nautilus File Manager
Open Default Nautilus File Manager

Step 2. In the Nautilus file manager, from the left panel, choose “Other Locations.”

Select Open Locations
Select Open Locations

Step 3. In the bottom bar, connect to local SFTP using the command below:

sftp://127.0.0.1

Connect To Server
Connect To Server

Step 4. Enter the SFTP username and password.

Login With SFTP Created User
Login With SFTP Created User

Step 5. After successful login, you will be able to see your SFTP user home directory.

Select Your SFTP User Home Directory
Select Your SFTP User Home Directory

Step 6. As you can notice, you will see the previously created directory.

Welcome To SFTP User Home Directory
Welcome To SFTP User Home Directory

Conclusion

If you have come this far, congratulations! you have installed SFTP and made a successful login! I hope you enjoyed this tutorial. SFTP is excellent when you need a secure file transfer because the files are encrypted during the transfer.

Hend Adel
Hi! I'm Hend Adel, a freelancer technical geek with successful experience in Database, Linux and many other IT fields. I help to build solutions to suit business needs and creating streamlined processes. I love Linux and I'm here to share my skills via FOSS Linux! Thanks for reading my article.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

STAY CONNECTED

23,648FansLike
360FollowersFollow
16SubscribersSubscribe

LATEST ARTICLES

How to install CMake on Ubuntu

CMake is a cross-platform free and open-source software tool designed to build, test, and package the software. CMake uses a simple platform and compiler-independent configuration files to control the software compilation process.

How to install Lightworks on Ubuntu

Even though Linux may not get a native installer of video editing software like Adobe Premiere or Final Cut Pro, that doesn't mean there are no industry standards tools available. Lightworks is non-linear editing (NLE) video mastering app for Windows, Linux, and macOS. Installing it on Ubuntu is simple due to deb package availability.

How to install DaVinci Resolve on Fedora

Davinci Resolve is a professional application used for color correction, video editing, visual effects, and motion graphics. It is one of the extensively used software by movie industries located in Hollywood.

The 10 Best Programming Languages for Hacking

One of the significant entities we have in Cyber Security is Ethical Hacking (ETH). It is the process of detecting and finding flaws or vulnerabilities in a system that a hacker would exploit.

5 Ways to Open a Terminal in Ubuntu

Even though Ubuntu supports many applications with amazing Graphical User Interfaces (GUI), there are always reasons why users prefer using the Terminal to perform different tasks.

How to install Wine on Fedora Workstation

Linux distributions are becoming more and more popular every day, and Fedora Workstation is not left behind. This popularity brings forth the need to run Windows applications on Linux distros like Fedora. Windows has quite some excellent Software that is not available for Linux.

MUST READ

Linux is growing faster than ever. As per the latest report, there is a drop in the Windows 10 market share for the first time, and Linux's market share has improved to 2.87% this month. Most of the features in the list were rolled out in the Pop OS 20.04. Let's a detailed look into the new features, how to upgrade, and a ride through video.
Elementary OS 5.1 Hera has received a point release with a handful of new features and bug fixes, and we will be reviewing the significant changes in this article. For those new to elementary OS, this Ubuntu-based Linux distribution uses their inhouse built Pantheon desktop environment and AppCenter.

Beaker Browser: A P2P web browser you must try

I think we can all agree on the fact that the web browser is an integral part of our Linux systems, or any computer system, for that matter. We have had several fulfilling options for browsing the web, like Firefox, Brave, Vivaldi, Tor, etc. and they have worked pretty well, but also pretty much in the same way, except for Tor, which is much better for anonymity.

Scrcpy – Control Android devices from a Linux desktop

Scrcpy is a desktop program that can be used to access your Android phone's system and interface through your computer. The app is quite convenient, and some of its best features are highlighted below.

6 Essential Command-Line Utilities Every Linux User Should Know

Last week, we shared with you several "cool and fun" commands to get comfortable and confident with the Linux command-line. In our quest to further aid Linux users with mastery of the command line, or CLI, we present you with a variety of command-line utilities essential for all Linux users, regardless of proficiency level.

5 Best Notepad++ Alternatives for Linux

Notepad++ has been the de facto standard for source code editors for nearly 16 years, almost since its creation in 2003.  For Windows users, that is.  For years, Linux users had no source code editor that compared to Notepad++ with all its bells and whistles, such as code folding, scripting, markup languages, syntax highlighting, auto-completion for programming (limited).