Any Linux server distribution is a very powerful server that delivers beyond what your business needs. Whatever task you throw at the server, it will be ready. And if it’s not ready out of the box, you can do it.
If you’re not sure about SFTP, it’s the FTP service built into Secure Shell (SSH) that allows users to securely push and pull files to and from the server using SSH.
I will walk you through the process of setting up an SFTP server. I will demonstrate by creating a single user that is limited to SFTP login only. Once you know how to do this, you can create as many users as you need. This process will work on any Linux distribution.
Let’s make it work.
SEE: Troubleshooting Linux: An Administrator’s Guide (TechRepublic Premium)
What you need
You must have access to an account with administrator rights. Once you’ve got that access, it’s time to put this to work.
SFTP directory
The first thing we need to do is create a folder that will hold our FTP data. Open a terminal window, su for the root user (type su and then, when prompted, type the root user password), and then issue the following two commands:
mkdir -p /datachmod 701 /data
SEE: How to add an SSH fingerprint to your known_hosts file in Linux (TechRepublic)
Create the SFTP group and user
Now we need to create a special group for SFTP users. This is done with the following command:
groupadd sftp_users
Now we want to create a special user that does not have regular login rights, but belongs to our newly created sftp_users group. What you call that user is up to you. The command for this is:
useradd -g sftp_users -d /upload -s /sbin/nologin USERNAME
Where USERNAME is the name of the user.
Then give the new user a password. This password will be the password the new users use to log in with the sftp command. To configure the password, issue the command:
passwd USERNAME
Where USERNAME is the name of the user created above.
SEE: How to Start, Stop, and Restart Services in Linux (TechRepublic)
Create the new user SFTP directory
Now we need to create an uploads folder specific to the new user and then give the folder the right permissions. This is handled with the following commands:
mkdir -p /data/USERNAME/uploadchown -R root:sftp_users /data/USERNAMEchown -R USERNAME:sftp_users /data/USERNAME/upload
Where USERNAME is the name of the new user you created above.
Configure sshd
Open the SSH daemon configuration file with the command:
nano /etc/ssh/sshd_config
At the bottom of the file, add the following:
Match Group sftp_usersChrootDirectory /data/%uForceCommand internal-sftp
Save and close the file. Restart SSH with the command:
systemctl restart sshd
SEE: 5 Best Linux CentOS Replacements and Alternatives (TechRepublic)
Log in
You are ready to log in. From another machine on your network that has SSH installed, open a terminal window and issue the command:
sftp USERNAME@SERVER_IP
Where USERNAME is the name of our new user and SERVER_IP is the IP address of our SFTP server. You will be prompted for USERNAME’s password. Once you have approved the authentication, you will be greeted with the sftp prompt. Type pwd to check the working path and you should see /upload as depicted in the image below.
A simple solution
That’s all there is to setting up an SFTP server on Linux. For any business looking to offer staff and customers a simple, secure way to upload and download files, this is not only a great solution, but also very budget friendly. Get your SFTP server up and running at no cost and no headache.
This article was originally published in September 2019. It was updated by Antony Peyton in January 2025.