Knowledgebase

  1. Portal Home
  2. Knowledgebase
  3. Operating Systems
  4. Ubuntu
  5. Setup SFTP User Accounts on Ubuntu 20.04

  Categories

23
Accounts
 16
App Platform
 8
Backups
 7
Billing
 4
Connectivity Troubleshooting
 148
Data Management
 1
Ddos
 197
Development
 13
DNS
 41
Game Servers
 5
Hosting Packages
 97
Infrastructure
 6
IPv6
 48
Kubernetes
 11
Load Balancers
 34
Machine Learning
 10
MongoDB
 1
Monitoring
 21
MySQL
 14
Networking
 1039
Operating Systems
 21
PostgreSQL
 1
Private Internet Guardian (VPN)
 1
Products
 7
Redis
 100
Reference Guides
 4
Resellers
 6
Reserved IPs
 86
Server
 322
Server Apps
 7
Site Management Tools
 1
SnapShooter
 16
Snapshots
 3
Spaces
 4
SSH Troubleshooting
 5
SSL
 2
Streaming and Broadcasting
 23
Support Plans FAQ
 2
Teams
 6
Third-Party Applications
 5
Volumes
 1
VPC
 2
Windows Security

  Categories

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket

Setup SFTP User Accounts on Ubuntu 20.04 Print

  • 0

Secure file transfer protocol (SFTP) is a secure way of transferring files between a local and remote computer using an encrypted SSH session. It is an improved version of the traditional file transfer protocol (FTP), which adds a layer of security during the file transfer and connection establishment processes.

In this guide, you will set up SFTP User accounts on Ubuntu 20.04, and allow the user to strictly access files within the home directory.

Prerequisites

Setup SFTP

Create a new SFTP Users Group. Replace sftpcorner with your desired group name.

$ sudo addgroup sftpcorner

Create a new user account. Replace exampleuser with your desired user name.

$ sudo adduser exampleuser

Enter the user’s full name, password to continue.

Then, add the user to the SFTP group.

$ sudo usermod -G sftpcorner exampleuser

Restrict the user from accessing files outside the home directory.

$ sudo chown root:root /home/exampleuser

Now, create new subdirectories within the user home directory. These are used for file transfer.

$ sudo mkdir /home/exampleuser/uploads

Grant the user ownership rights to the subdirectories.

$ sudo chown -R exampleuser:exampleuser /home/exampleuser/uploads

Then, allow read and write permissions to all files within the home directory.

$ sudo chmod -R 755 /home/exampleuser/

Configure SFTP

With the sftp group and user accounts created, enable SFTP in the main SSH configuration file.

Using an editor of your choice, open the file /etc/ssh/sshd_config.

$ sudo vim /etc/ssh/sshd_config

Add the following lines to the end of the file. Replace sftpcorner with your actual sftp group.

Match Group sftpcorner
ChrootDirectory %h
PasswordAuthentication yes
AllowTcpForwarding no
X11Forwarding no
ForceCommand internal-sftp

Save and close the file.

Below are the functions for each of the above configuration lines:

  • Match Group sftpcorner: Match the user group sftpcorner.
  • ChrootDirectory %h: Restrict access to directories within the user's home directory.
  • PasswordAuthentication yes: Enable password authentication.
  • AllowTcpForwarding no: Disable TCP forwarding.
  • X11Forwarding no: Don't permit Graphical displays.
  • ForceCommand internal-sftp: Enable SFTP only with no shell access.

Also, confirm if SFTP is enabled (it is by default). The line below should be uncommented in /etc/ssh/sshd_config:

# override default of no subsystems
Subsystem sftp  /usr/lib/openssh/sftp-server

Restart the SSH server for changes to take effect.

$ sudo systemctl restart sshd

Login to SFTP

Open a new terminal window and log in with sftp using a valid user account and password.

$ sftp exampleuser@SERVER-IP

OR

$ sftp exampleuser@127.0.01 (If running within the same server SSH session)

List files within the directory. Your output should be similar to the one below:

exampleuser@127.0.0.1's password: 
Connected to 127.0.0.1.
sftp> ls
uploads  
sftp>

Also, try creating a new directory within the subdirectory to test user permissions.

sftp> cd uploads
sftp> mkdir files

Confirm creation of the new directory:

sftp> ls
files  
sftp>

FileZilla and Cyberduck are the most popular SFTP clients available for Windows, Mac, and Linux desktop to test connectivity using a desktop client.

Conclusion

In this guide, you successfully set up SFTP on a Ubuntu 20.04 server, then tested connectivity through a terminal session and FileZilla. You can create multiple users with different directories to securely upload and download files on your server.

Secure file transfer protocol (SFTP) is a secure way of transferring files between a local and remote computer using an encrypted SSH session. It is an improved version of the traditional file transfer protocol (FTP), which adds a layer of security during the file transfer and connection establishment processes. In this guide, you will set up SFTP User accounts on Ubuntu 20.04, and allow the user to strictly access files within the home directory. Prerequisites An active Ubuntu 20.04 Rcs Server SSH and Login to access the server Setup SFTP Create a new SFTP Users Group. Replace sftpcorner with your desired group name. $ sudo addgroup sftpcorner Create a new user account. Replace exampleuser with your desired user name. $ sudo adduser exampleuser Enter the user’s full name, password to continue. Then, add the user to the SFTP group. $ sudo usermod -G sftpcorner exampleuser Restrict the user from accessing files outside the home directory. $ sudo chown root:root /home/exampleuser Now, create new subdirectories within the user home directory. These are used for file transfer. $ sudo mkdir /home/exampleuser/uploads Grant the user ownership rights to the subdirectories. $ sudo chown -R exampleuser:exampleuser /home/exampleuser/uploads Then, allow read and write permissions to all files within the home directory. $ sudo chmod -R 755 /home/exampleuser/ Configure SFTP With the sftp group and user accounts created, enable SFTP in the main SSH configuration file. Using an editor of your choice, open the file /etc/ssh/sshd_config. $ sudo vim /etc/ssh/sshd_config Add the following lines to the end of the file. Replace sftpcorner with your actual sftp group. Match Group sftpcorner ChrootDirectory %h PasswordAuthentication yes AllowTcpForwarding no X11Forwarding no ForceCommand internal-sftp Save and close the file. Below are the functions for each of the above configuration lines: Match Group sftpcorner: Match the user group sftpcorner. ChrootDirectory %h: Restrict access to directories within the user's home directory. PasswordAuthentication yes: Enable password authentication. AllowTcpForwarding no: Disable TCP forwarding. X11Forwarding no: Don't permit Graphical displays. ForceCommand internal-sftp: Enable SFTP only with no shell access. Also, confirm if SFTP is enabled (it is by default). The line below should be uncommented in /etc/ssh/sshd_config: # override default of no subsystems Subsystem sftp /usr/lib/openssh/sftp-server Restart the SSH server for changes to take effect. $ sudo systemctl restart sshd Login to SFTP Open a new terminal window and log in with sftp using a valid user account and password. $ sftp exampleuser@SERVER-IP OR $ sftp exampleuser@127.0.01 (If running within the same server SSH session) List files within the directory. Your output should be similar to the one below: exampleuser@127.0.0.1's password: Connected to 127.0.0.1. sftp> ls uploads sftp> Also, try creating a new directory within the subdirectory to test user permissions. sftp> cd uploads sftp> mkdir files Confirm creation of the new directory: sftp> ls files sftp> FileZilla and Cyberduck are the most popular SFTP clients available for Windows, Mac, and Linux desktop to test connectivity using a desktop client. Conclusion In this guide, you successfully set up SFTP on a Ubuntu 20.04 server, then tested connectivity through a terminal session and FileZilla. You can create multiple users with different directories to securely upload and download files on your server.
Was this answer helpful?

Related Articles

How to Deploy a Multi-Node Apache Cassandra Database Cluster on Ubuntu 22.04 Introduction A multi-node Apache Cassandra database cluster contains two or more database... How to Install and Secure the Apache Cassandra Database Server On Ubuntu 22.04 Introduction Apache Cassandra is a free open-source NoSQL database server commonly used with... How to Deploy Apache Airflow on Ubuntu 20.04 Introduction Apache Airflow is an open-source data platform to author, schedule, and monitor... How to Configure a New Ubuntu Server with Ansible .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;... Install Redmine on Ubuntu 20.04 .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;...
Back

Powered by WHMCompleteSolution

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket