How to Install and Set Up SFTP Server in Ubuntu 22.04?

Secure File Transfer Protocol, known as SFTP, is a protocol service that transfers files from one machine to another. It works similarly to the FTP (File Transfer Protocol), but the major difference is the “S,” which means Secure. The SFTP usually sends data in encrypted form using SSH so no one can access it until it reaches the desired machine.

This write-up explores the installation and setting up of a method of the SFTP server in Ubuntu 22.04.

Let’s get into the installation first.

How to Install and Setup SFTP Server on Ubuntu 22.04?

This section comprises various steps required to set up SFTP on Ubuntu 22.04. Let’s get into them:

Install and Configure SSH on Ubuntu

The SFTP relies on SSH as the secure file transfer is carried out using the SSH connection. Thus SSH is the main component to be installed and configured before using SFTP.

Step 1: Install SSH

The SSH server should be installed by running the command:

$ sudo apt install ssh -y

Step 2: Manage SSH Service

After installing the SSH, enable (so that the SSH is usable on every restart) the service by running the command:

$ sudo systemctl enable ssh

When the SSH is enabled, start the service using the systemctl command:

$ sudo systemctl start ssh

To confirm the SSH running status, use the command:

$ sudo systemctl status ssh

The SSH is running and in active status.

Configure the SFTP User Account

To configure the user account in SFTP, follow the steps mentioned below:

Step 1: Create the SFTP Group

In this step, first, make a group for the SFTP to grant some mutual permissions to a group of users. For example, the “sftp” named group is made using the command:

$ sudo addgroup sftp

Step 2: Create the User

Then, we need to create the user; for example, John is added, who will have the same privileges as the group:

$ sudo useradd John

To confirm the creation of the user “John”, use the command:

$ less /etc/passwd | grep John

Step 3: Secure the User Account

After verification of the user John, set the password for the user John so unauthorized users cannot access the group:

$ sudo passwd John

Step 4: Add the User to the sftp Group

Add the user “John” to the SFTP group (which was created in the step1) with the command:

$ sudo usermod -a -G sftp John

To confirm the above command’s execution, verify the sftp’s group details via the command below:

$ grep sftp /etc/group

The user John is successfully added to the group SFTP.

Configure a Directory to Transfer Files of SFTP

To transfer the files; there should be a directory that the users can access instead of accessing the entire machine. To create a directory of “Document” in a parent directory named “/var/sftp/Documents”, run the command:

$ sudo mkdir -p /var/sftp/Document

Set the ownership of the above-stated directory to the root user:

$ sudo chown root:root /var/sftp

Change the access permissions of the directory:

$ sudo chmod 755 /var/sftp

In the above command, we allowed the other users with only read permissions using the 755 number. Also, allow access of the “Documents” directory to the user John (would be changed in your case) by running the command:

$ sudo chown John:John /var/sftp/Document

Open the SSH configuration file with the nano text editor:

$ sudo nano /etc/ssh/sshd_config

Copy and paste the script below in the opened file:

Match User John ChrootDirectory /var/sftp X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp

In the above lines:

  • “Match User” tells the SSH to which user we are supposed to make these changes
  • We restricted the user to the “/var/sftp directory” only.
  • “X11Forwarding” and “AllowTcpForwarding” are the protocols used for tunneling and are disabled in our case
  • “ForceCommand” ensures the connection of SSH will be established after the login only

Save the file using the shortcut of CTRL+S and exit it with a shortcut key of CTRL+X, then restart the ssh service:

$ sudo systemctl restart ssh

Now, its time to log in the SFTP user account.

Step 4: Log in to the SFTP user account on Ubuntu

First, connect to the user John using the SSH service only for the testing purpose:

$ ssh John@localhost

It will ask for the password John, provide it to Log in:

The connection is closed to localhost:

Now, connect the sftp John with the IP address of the machine where it exists:

List down the directories of SFTP:

$ ls

The SFTP is set up.

How to Delete SFTP Support from Ubuntu 22.04?

It can be removed from Ubuntu by deleting the SSH with all its associated files with the execution of the command:

$ sudo apt purge ssh -y

The package of SFTP is removed with all its data.

That’s how you can install and set up the sftp server on Ubuntu 22.04.

Conclusion

To install SFTP on Ubuntu, the users need to install SSH using the “sudo apt install ssh -y” command and configure it. After that, the user account/group and the directory for SFTP transfers are created to start using SFTP. Once done, you can now connect to the other machine via SSH and then log in to the SFTP shell to transfer files.