Installing and Configuring a SFTP Server on CentOS

Samuel Ajisafe - Sep 4 - - Dev Community

Secure File Transfer Protocol (SFTP) is a popular method for securely transferring files over a network. Installing and configuring an SFTP server on CentOS 9 can be a straightforward process if the right steps are followed. This article provides a comprehensive guide for software developers looking to set up an SFTP server on their CentOS 9 systems.

Step 1: Installing OpenSSH
CentOS 9 comes with OpenSSH, which provides the SFTP server functionality. To ensure it is installed, run the following command:

sudo dnf install openssh-server
Enter fullscreen mode Exit fullscreen mode

After installation, start and enable the sshd service to run on boot:

sudo systemctl start sshd.service
sudo systemctl enable sshd.service
Enter fullscreen mode Exit fullscreen mode

Step 2: Configuring OpenSSH for SFTP
To configure OpenSSH for SFTP, you need to edit the /etc/ssh/sshd_config file:

sudo nano /etc/ssh/sshd_config
Enter fullscreen mode Exit fullscreen mode

Add the following configuration at the end of the file to create an SFTP group and specify the SFTP directory:

Match Group sftpusers
    ChrootDirectory /var/sftp
    ForceCommand internal-sftp
    AllowTcpForwarding no
    X11Forwarding no
Enter fullscreen mode Exit fullscreen mode

Save the file and restart the sshd service:

sudo systemctl restart sshd.service
Enter fullscreen mode Exit fullscreen mode

Step 3: Creating SFTP User and Group
Create a group for SFTP users:

sudo groupadd sftpusers
Enter fullscreen mode Exit fullscreen mode

Next, create a user and add them to the SFTP group:

sudo adduser sftpuser -g sftpusers -s /sbin/nologin
sudo passwd sftpuser
Enter fullscreen mode Exit fullscreen mode

Set the home directory for the SFTP user and adjust permissions:

sudo mkdir -p /var/sftp/sftpuser
cd /home/sftp
sudo chown root:root /var/sftp
sudo chmod 755 /home/sftp
sudo chown sftpuser:sftpusers /var/sftp/sftpuser
Enter fullscreen mode Exit fullscreen mode

Step 4: Testing SFTP Connection
With the user created and the server configured, test the SFTP connection using the following command:

sftp sftpuser@<localhost>
Enter fullscreen mode Exit fullscreen mode

You'll be prompted for the password you set for sftpuser. After successful login, you should be in the sftpuser's home directory.

You can use any SFTP client to test your connectivity also, using the connection string:

Host: "sftp-server-ip-address"
Port: 22
Username: sftpuser
Password: "The password created when ran this command: sudo passwd sftpuser"

DevOps #SysAdmin #SystemAdministrator #SystemEngineer #FTP #SFTP #SSH

. . . . . . . . . . . . . . . .