How to install an Ubuntu SFTP server
Ubuntu is a secure and reliable platform for setting up an SFTP server. This Linux distribution has integrated tools and packages which you can use for SFTP. In our step by step guide we will explain how you can install and configure an Ubuntu SFTP server to securely send data.
Ubuntu SFTP server system requirements
When comparing FTP vs. SFTP the SFTP is a much better choice. Based on FTP, SFTP uses cryptographic processes to encrypt the data. This also means that you need additional components such as Secure Shell (SSH) to install it. To install an SFTP server on the current Ubuntu version 22.04 your system should meet the following minimum requirements:
- Processor (CPU): 2 GHz (Dual core)
- Memory (RAM): 4 GB
- Hard disk drive: depends on data size
- Operating system: Ubuntu, users with root rights
- Software package: OpenSSH
- Internet connection to download packages and connect to the SFTP server
With a secure FTP server from IONOS you will have access to secure file hosting including regular backups and 24/7 support.
Step by step guide to installing an Ubuntu SFTP server
To set up an FTP server which supports SFTP you should first check whether OpenSSH is installed. The packages are usually included as standard on Ubuntu. If this isn’t the case then you can pull the packages from the official repository.
Open the terminal on your Ubuntu system and run the following commands listed here:
Step 1: Check the OpenSSH package
Use the following to view all installed packages and filter for ssh:
$ dpkg -l | grep ssh
In our example this will give the following result:
If you see ii it means that the package is installed.
Step 2: Install SSH
If OpenSSH is available, you can install it using APT:
$ sudo apt install ssh
Step 3: Change the SSHD configuration
Once installed you can edit the SSH daemon configuration file. You can open it using the Nano editor, for example:
$ sudo nano /etc/ssh/sshd_config
Then enter the following:
Match Group sftpgroup
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
This will allow the SFTP group users to access your home directory via SFTP.
Dedicated Server from IONOS
Hardware meets cloud: dedicated server with cloud integration and per-minute billing, including a personal assistant!
Step 4: Restart the SSH service
Once you’ve made the changes to the configuration file you need to restart the SSH service:
$ sudo systemctl restart sshd
Step 5: Create SFTP users and groups
The next step is to create a new group sftpgroup and a new user sftpuser, who for security reasons can only access the Ubuntu SFTP server and not the SSH service.
$ sudo groupadd sftpgroup
The new user is added to the SFTP group with the option -G. -d sets the home directory and-s sets the shell access rules.
$ sudo useradd -G sftpgroup -d /srv/sftpuser -s /sbin/nologin sftpuser
Step 6: Create SFTP user password
Enter a secure password for the SFTPuser with the command passwd:
$ passwd sftpuser
Step 7: Set up Chroot
By creating the Chroot directory you create a sandbox for currently running processes. First of all you need to set up a new folder:
$ mkdir -p /srv/sftpuser
You then set ownership using chown on the root user:
$ sudo chown root /srv/sftpuser
Add read and execute group rights:
$ sudo chmod g+rx /srv/sftpuser
You can then set a subdirectory and set certain sftpuser as owners:
$ mkdir -p /srv/sftpuser/data
$ chown sftpuser:sftpuser /srv/sftpuser/data
By doing so SFTP users can upload files to the subdirectory ‘data’, however, they will only have limited rights in the sftpuser directory. There they only have reading rights but for security reasons they don’t have writing rights.
Step 8: Connect to the Ubuntu SFTP server
You can create a connection to the SFTP server either via the SFTP command bar or through an FTP client with GUI. Enter the command sftp, followed by the user and host name or the IP address of the SFTP server.
$ sftp sftpuser@SERVER-IP
If you’re using a user-defined port, you can specify it as follows:
$ sftp -P PORT ftpuser@SERVER-IP
You will then be asked to enter the SFTP user’s password.
Step 9: Upload files to the SFTP server
You can upload files to the SFTP server with the command put.
Try to transfer a file to the folder /:
put /path/to/file/on/local /
The command will fail because the SFTP user doesn’t have writing rights in this chroot directory.
Now try it with the folder data:
put /path/to/file1/on/local1 /data/
Step 10: View the files on the Ubuntu SFTP server
You can list the files on the Ubuntu SFTP server with the command ls:
ls /data/
From here you can see which files are on the SFTP server:
Read our guide on how to set up a Windows SFTP server.
Related articles
How to use FileZilla
FileZilla is considered to be the standard in software for transferring data between locally connected computers and online servers. The network protocol is able to transfer via FTP and its encrypted variants, SFTP and FTPS. We’ve created an overview of the client program’s features and break down the details of this program from installation to data transfer.
What is an FTP port?
FTP ports facilitate communication and data exchange between servers and clients. But how do FTP ports work? And what’s the difference between active and passive mode? In this article, we’ll explain everything you need to know about FTP ports, FTP port numbers and FTP passive mode. Read on to find out more about port 21 and if FTP ports are secure.
How to install Apache on Ubuntu
The Apache web server is a popular choice for web hosting thanks to its powerful modules and its open-source code. In this step by step guide we explain how to install and set up Apache on Ubuntu. You will also find out what packages you need and how to change your settings as appropriate. Simply read on to find out more.
