Setup SFTP Server on linux

Setup SFTP Server on linux

CentOS 7 or any Linux server distribution is a very powerful server that performs above and beyond what your business might need. Whatever task you throw at the server, it will be ready. And, if it isn’t ready out of the box, you can make it so.

A complete and simple SFTP solution

For any company looking for SFTP server, this is a simple solution and is secure in the sense of uploading and downloading files.

This is a not only a great solution but also very budget friendly one.

Get your SFTP server up and running with zero cost and zero headache.

Here is the step to set up SFTP server.

Step 1 – SFTP Directory

The first thing we must do is create a directory that will house our FTP data. Open up a terminal window, su to the root user (type su and then, when prompted, type the root user password), and then issue the following two commands:

mkdir -p /data/sftp
chmod 701 /data

 

Step 2 – Create the SFTP group and user

Now we’re going to create a special group for SFTP users. This is done with the following command:

groupadd sftp_users

Now we’re going to create a special user that doesn’t have regular login privileges, but does belong to our newly created sftp_users group. What you call that user is up to you. The command for this is:

useradd -g sftp_users -d /upload -s /sbin/nologin USERNAME

Where USERNAME is the name of the user.

Next, give the new user a password. This password will be the password the new users use to log in with the sftp command. To set up the password, issue the command:

passwd USERNAME

Where USERNAME is the name of the user created above.

Step 3 – Create the new user SFTP directory

Now we’re going to create an upload directory, specific to the new user, and then give the directory the proper permissions. This is handled with the following commands:

mkdir -p /data/USERNAME/upload
chown -R root:sftpusers /data/USERNAME
chown -R USERNAME:sftpusers /data/USERNAME/upload

Where USERNAME is the name of the new user you created above.

Step 4 – Configure sshd

Open up the SSH daemon configuration file with the command:

nano /etc/ssh/sshd_config

At the bottom of that file, add the following:

Match Group sftpusers
ChrootDirectory /data/%u
ForceCommand internal-sftp

Save and close that file. Restart SSH with the command:

systemctl restart sshd

Step 5 – Logging in and Test

You’re all set to log in. From another machine on your network that has SSH installed, open up a terminal window and issue the command:

sftp USERNAME@SERVER_IP

Where USERNAME is the name of our new user and SERVER_IP is the IP address of our SFTP server. You will be prompted for USERNAME’s password. Once you successfully authenticate, you will be greeted with the sftp prompt. Type pwd to check the working path and you should see /upload