Setup SFTP in Linux

Steps to Configure SFTP in Linux

• Configure env vars for Setup

export SFTP_HOME_PATH=/srv/sftpuser
export SFTP_USER_GROUP=sftpgroup

• Update the apt

sudo apt-get update
sudo apt-get upgrade -y

• Install OpenSSH

sudo apt install ssh -y

• Configure sftp

sudo nano /etc/ssh/sshd_config

• Add the below content at the end of the file (replace vars)

Match Group <SFTP_USER_GROUP>
ChrootDirectory <SFTP_HOME_PATH>
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
PasswordAuthentication yes
PermitRootLogin no

• Add new group

sudo groupadd $SFTP_USER_GROUP

• Add user to group and restrict interactive login

sudo useradd -G $SFTP_USER_GROUP -d $SFTP_HOME_PATH -s /sbin/nologin sftpuser

• Set password for sftp user

sudo passwd sftpuser

• Create directory for sftpuser

sudo mkdir -p $SFTP_HOME_PATH

• Set root as own for sftpuser directory

sudo chown root $SFTP_HOME_PATH

• Allow group read and execution perms

sudo chmod g+rx $SFTP_HOME_PATH

• Create Sub Directory for storing data of sftp

sudo mkdir -p $SFTP_HOME_PATH/data

• set sftpuser as owner for Data Directory

sudo chown sftpuser:sftpuser $SFTP_HOME_PATH/data

• Connect to sftp

sftp sftpuser@<IP_ADDRESS>

Enter the password you've configured in above steps

Handling Downtime

• Logging the Failures in SQL Database.

• Add a timer trigger to retry these failed cases and notify if not worked.

• Retry for 5 times, and then ignore by logging error.