install ssh sowtware on Ubuntu

How To Install And Set up sftp Server in Ubuntu 22.04

In this short tutorial, we will learn how to install and set up SFTP server on Ubuntu 22.04 LTS operating system. SFTP is widely used in enterprise environments, web hosting, and other situations where secure file transfer is required.

Introduction

SFTP (Secure File Transfer Protocol) is a protocol for transferring files over a secure channel between two remote computers. It is a more secure alternative to FTP (File Transfer Protocol), which transmits data in plain text, making it susceptible to eavesdropping and data tampering. SFTP uses the SSH (Secure Shell) protocol for authentication and encryption, which provides strong security and data protection. It encrypts both the data and the authentication information, preventing unauthorized access to the transferred data.

SFTP operates over a client-server architecture, where the SFTP server runs on a remote host, and the client connects to it to upload or download files. Users can use SFTP client software to transfer files to and from the server. SFTP supports a range of operations, including file and directory creation, renaming, deletion, and permissions management. It also supports compression and resuming interrupted transfers.

Setting Up SFTP Server On Ubuntu 22.04

To set up an SFTP server on Ubuntu, we can use the OpenSSH server, which includes the SFTP subsystem. Here are the general steps for installing and configuring an SFTP server:

  1. Install ssh Software in Ubuntu 22.04
  2. Create SFTP group and user
  3. Configure the SSH service
  4. Testing to connect to the sftp server

1. Install ssh Software in Ubuntu 22.04

Before starting to install ssh software, we have to update the system first , this task is to make sure if we are accessing the latest packages versions. To update our packages software we will use command line :

$ sudo apt update
$ sudo apt upgrade

To install ssh software, we will submit the following command line :

$ sudo apt install ssh

Output :

ramans@dev01:~$ sudo apt install ssh
[sudo] password for ramans: 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following package was automatically installed and is no longer required:
libllvm13
Use 'sudo apt autoremove' to remove it.
The following additional packages will be installed:
ncurses-term openssh-server openssh-sftp-server ssh-import-id
Suggested packages:
molly-guard monkeysphere ssh-askpass
The following NEW packages will be installed:
ncurses-term openssh-server openssh-sftp-server ssh ssh-import-id
0 upgraded, 5 newly installed, 0 to remove and 49 not upgraded.
Need to get 755 kB of archives.
After this operation, 6.179 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://id.archive.ubuntu.com/ubuntu jammy-updates/main amd64 openssh-sftp-server amd64 1:8.9p1-3ubuntu0.1 [38,7 kB]
Get:2 http://id.archive.ubuntu.com/ubuntu jammy-updates/main amd64 openssh-server amd64 1:8.9p1-3ubuntu0.1 [434 kB]
Get:3 http://id.archive.ubuntu.com/ubuntu jammy-updates/main amd64 ssh all 1:8.9p1-3ubuntu0.1 [4.850 B]
Get:4 http://id.archive.ubuntu.com/ubuntu jammy/main amd64 ncurses-term all 6.3-2 [267 kB]
Get:5 http://id.archive.ubuntu.com/ubuntu jammy/main amd64 ssh-import-id all 5.11-0ubuntu1 [10,1 kB]
Fetched 755 kB in 1s (1.365 kB/s) 
Preconfiguring packages ...
Selecting previously unselected package openssh-sftp-server.
(Reading database ... 283629 files and directories currently installed.)
Preparing to unpack .../openssh-sftp-server_1%3a8.9p1-3ubuntu0.1_amd64.deb ...
Unpacking openssh-sftp-server (1:8.9p1-3ubuntu0.1) ...
Selecting previously unselected package openssh-server.
Preparing to unpack .../openssh-server_1%3a8.9p1-3ubuntu0.1_amd64.deb ...
Unpacking openssh-server (1:8.9p1-3ubuntu0.1) ...
Selecting previously unselected package ssh.
Preparing to unpack .../ssh_1%3a8.9p1-3ubuntu0.1_all.deb ...
Unpacking ssh (1:8.9p1-3ubuntu0.1) ...
Selecting previously unselected package ncurses-term.
Preparing to unpack .../ncurses-term_6.3-2_all.deb ...
Unpacking ncurses-term (6.3-2) ...
Selecting previously unselected package ssh-import-id.
Preparing to unpack .../ssh-import-id_5.11-0ubuntu1_all.deb ...
Unpacking ssh-import-id (5.11-0ubuntu1) ...
Setting up openssh-sftp-server (1:8.9p1-3ubuntu0.1) ...
Setting up openssh-server (1:8.9p1-3ubuntu0.1) ...

Creating config file /etc/ssh/sshd_config with new version
Creating SSH2 RSA key; this may take some time ...
3072 SHA256:LuA+Z3qEjxo4t7irBiebYT9PUK0Ew6Cpnthtee3ZI2Y root@dev01.bckinfo.com (RSA)
Creating SSH2 ECDSA key; this may take some time ...
256 SHA256:GFUwcyA8bwrb6JcSJ+aoqQACZmr4cNd+tkgH6WaaH58 root@dev01.bckinfo.com (ECDSA)
Creating SSH2 ED25519 key; this may take some time ...
256 SHA256:iZLZ7okesV19laFemiNzqd3pvWEsbiss9xeQphDez2Q root@dev01.bckinfo.com (ED25519)
Created symlink /etc/systemd/system/sshd.service → /lib/systemd/system/ssh.service.
Created symlink /etc/systemd/system/multi-user.target.wants/ssh.service → /lib/systemd/system/ssh.service.
rescue-ssh.target is a disabled or a static unit, not starting it.
ssh.socket is a disabled or a static unit, not starting it.
Setting up ssh-import-id (5.11-0ubuntu1) ...
Setting up ncurses-term (6.3-2) ...
Setting up ssh (1:8.9p1-3ubuntu0.1) ...
Processing triggers for man-db (2.10.2-1) ...
Processing triggers for ufw (0.36.1-4build1) ...
Rules updated for profile 'Apache'
Rules updated for profile 'Nginx Full'
Firewall reloaded

install ssh sowtware on Ubuntu

Until this point we have installed ssh software on the system successfully.

2. Create SFTP group and user

In this step, we will create new group and user that will be used to access the SFTP server.

1. Create a group with the name we select. For this task, we will use addgroup command line.

ramans@dev01:~$ sudo addgroup sftpgrp01
Adding group `sftpgrp01' (GID 1001) ...
Done.

2. Create new  user with the name we choose and adding it to the group we created. In this example, we will use sftpuser01 for the user.

ramans@dev01:~$ sudo useradd -m sftpuser01 -g sftpgrp01

3. Add a password to the new SFTP usersudo passwd sftpuser1

ramans@dev01:~$ sudo passwd sftpuser01
New password: 
Retype new password: 
passwd: password updated successfully

4. Set the permision new SFTP user to access to their new home directory

ramans@dev01:~$ sudo chmod 700 /home/sftpuser01/

3. Configure the SSH service

At this step, we will configure the ssh service on the system. The main configuration will be locate at /etc/ssh/sshd_config file. We will configure this file to allow sftp user accepting sftp connection. For this purpose we will appedn these line at /etc/ssh/sshd_config file.

ramans@dev01:~$ sudo vi /etc/ssh/sshd_config

Match group sftpgrp01
ChrootDirectory /home
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

The configuration has the meaning if the member of sftpgrp01 having access and use their home directories via the SFTP while preventing any other normal SSH access to those files.  after the configuration is done and saved, then we will restart the sftp service by submitting command line below.

$ sudo systemctl restart ssh
$ sudo systemctl status ssh

Output :

ramans@dev01:~$ sudo systemctl restart ssh
ramans@dev01:~$ sudo systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2023-03-03 22:11:00 WIB; 12s ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 27202 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
Main PID: 27203 (sshd)
Tasks: 1 (limit: 9406)
Memory: 1.7M
CPU: 22ms
CGroup: /system.slice/ssh.service
└─27203 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"

Mar 03 22:11:00 dev01.bckinfo.com systemd[1]: Starting OpenBSD Secure Shell server...
Mar 03 22:11:00 dev01.bckinfo.com sshd[27203]: Server listening on 0.0.0.0 port 22.
Mar 03 22:11:00 dev01.bckinfo.com sshd[27203]: Server listening on :: port 22.
Mar 03 22:11:00 dev01.bckinfo.com systemd[1]: Started OpenBSD Secure Shell server.

4. Testing Connection To The sftp Server

At this step, we will test the connection to sftp server, to make sure whether our sftp server settings are running well or not. For this purpose, we will use the command line:

$ sftp sftpuser01@dev01

Output :

ramans@dev01:~$ sftp sftpuser01@dev01
The authenticity of host 'dev01 (127.0.1.1)' can't be established.
ED25519 key fingerprint is SHA256:iZLZ7okesV19laFemiNzqd3pvWEsbiss9xeQphDez2Q.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'dev01' (ED25519) to the list of known hosts.
sftpuser01@dev01's password: 
Connected to dev01.
sftp>

By using this command line, we have logged in the server, where the default directory is the /home as specified in the ChrootDirectory /home directive in the ssh server configs.

Conclusion

This article explains how we setup an sftp server on Ubuntu 22.04 LTS. We have done the practice directly on the operating system that we have.

 

 

 

(Visited 142 times, 1 visits today)

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *