How to Set Up SFTP User on Linux

by admin 0 Comments

Linux
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

To create an SFTP user in Linux, you can follow a systematic approach that ensures the user has restricted access while being able to transfer files securely.

This guide will provide detailed steps to set up an SFTP-only user on a Linux system, focusing on Ubuntu as a primary example, but the principles apply broadly to other Linux distributions as well.

Overview of SFTP

SFTP (SSH File Transfer Protocol) is a secure version of the File Transfer Protocol (FTP) that uses SSH (Secure Shell) to encrypt the data transferred over the network, which is commonly used for securely transferring files between a client and a server.

Creating a New SFTP User

First, you need to create a new sftp user account, which will be used to log in and transfer files using SFTP.

sudo adduser sftpuser
Create sFTP User in Ubuntu
Create sFTP User in Ubuntu

Creating a Directory for SFTP

Next, you need to create a directory where the SFTP user can upload and download files, this directory will be their home directory for SFTP purposes.

sudo mkdir -p /home/sftpuser/uploads

To ensure security, set the correct permissions for the directories. The user should only have access to their own directory and not be able to navigate to other parts of the system.

sudo chown root:root /home/sftpuser
sudo chmod 755 /home/sftpuser

Then, change the ownership of the uploads directory:

sudo chown sftpuser:sftpuser /home/sftpuser/uploads
Create sFTP User Directory
Create sFTP User Directory

Configure SSH for SFTP

You need to edit the SSH server configuration file to configure SSH to allow SFTP for the new user.

sudo nano /etc/ssh/sshd_config

Add the following lines at the end of the file to configure SFTP access:

Match User sftpuser
    ChrootDirectory /home/sftpuser
    ForceCommand internal-sftp
    AllowTcpForwarding no
    X11Forwarding no
Configure SSH for SFTP
Configure SSH for SFTP

Here’s what each line does:

  • Match User sftpuser applies these settings only to the sftpuser.
  • ChrootDirectory /home/sftpuser restricts the user’s access to /home/sftpuser.
  • ForceCommand internal-sftp forces the user to use SFTP only, disallowing SSH shell access.
  • AllowTcpForwarding no and X11Forwarding no are additional security measures to prevent the user from using other SSH features.

After saving your changes, restart the SSH service to apply the changes.

sudo systemctl restart ssh

Testing the SFTP User

You can now test the connection to the SFTP server using an SFTP client or command line to connect to your server.

sftp sftpuser@your_server_ip

Once connected, you can use SFTP commands to navigate and manage files in the uploads directory.

For example, use the ls command to list files and put to upload files.

sftp> ls
sftp> cd uploads
sftp> get remotefile.txt
sftp> put lists.txt
sFTP File Upload
sFTP File Upload
Conclusion

Creating an SFTP user in Linux is a straightforward process that enhances security and file management capabilities. By following these steps, you can set up a dedicated user for SFTP access, ensuring that your file transfers are secure and restricted to the appropriate directories.

This article was originally published by Tecmint.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

Google Announces Five New Features for Android and Wear OS Device
Amazon Electronics Festive Sale: Mobile Offers, Discounts on Laptops and Other Products
Samsung Galaxy M05 Official Support Page Goes Live in India; May Launch Soon
Samsung Galaxy S24 FE Colour Options Surface Online Again; Key Features Tipped
Motorola Razr 50s Reportedly Spotted on Certification Website; Could Be an Affordable Version of Moto Razr 50

Leave a Reply

Your email address will not be published. Required fields are marked *