How to set up an SFTP server
Transfer files with your server using an encrypted protocol.
Table of Contents
SFTP is based on SSH, so you need to have SSH server installed (Creating an SSH server). For the same reason, you need to open port 22 on your server network (or the SSH port you want to use, in that case remember to edit ‘sshd’ config on
You need an SFTP client, like Filezilla or SFTP command line tool (check my post).
Create an SFTP-only user
By default, any user who can login through SSH, can login through SFTP. But if you want a user that cannot use SSH, but only SFTP, you can follow these steps (as root or using sudo):
- Create a new user (in this case “juan”).
useradd -m juan
-mcreates a home folder for the user. This is optional, but we will use this folder for SFTP.
- You can run
adduser juaninstead. In this case, you can skip to step 3.
- Set a password for “juan”.
/etc/ssh/sshd_configand add this at the end:
Match User juan ForceCommand internal-sftp
- With this option, the user won’t be able to connect with SSH, but they may use SFTP (and SCP).
# you can reload instead of restart systemctl restart ssh
By default, SFTP starts at the user’s home directory.
If you have any suggestion, feel free to contact me via social media or email.