SFTP MySecureShell

Setting up SFTP on a server.

Introduction

SFTP (Secure File Transfer Protocol) is typically implemented over SSH, port 22. This tool, MySecureShell, makes setting that up really easy. This tutorial will go over its installation and the basic configuration I use with it.

What This Tutorial Covers

Installing and using MySecureShell for SFTP.

What You Need For Just The Tutorial

Ubuntu


Install MySecureShell

Installing is as simple as running a single apt-get command.

copy
apt-get install -y mysecureshell

Configuring MySecureShell

All configuration is done in a single file: /etc/ssh/sftp_config. The file explains all the configuration options you can use. The one thing I typically change is the directory users see when they use SFTP. I change that directory from "/home/$USER" to "$HOME". That way, I can set a user's home to something outside the home directory. You can use the following sed command to make that change automatically. Then, reload the sshd daemon so the changes take effect.

copy
sed -i 's/\/home\/$USER/$HOME/g' /etc/ssh/sftp_config
service sshd reload

Creating Users

In order to enable a user to use SFTP, you just have to set their default shell to mysecureshell. So create users using the following commands.

copy
useradd -s /usr/bin/mysecureshell -d @@HOME-DIRECTORY@@ -g @@GROUP@@ @@USER@@
password @@USER@@

Final Checks

You can view which users have their shell set to mysecureshell using this command:

copy
sftp-user list

Make sure your server allows ssh logins with password by setting the PasswordAuthentication option to "yes" in the file: /etc/ssh/sshd_config


Using SFTP

Now you just need to install an FTP client like Cyberduck or Filezilla on the computer you want to use to connect to your server. All you need to know when configuring the client is the info below. It's pretty typical except for the port. FTP doesn't usually use port 22, so you'll probably have to specify that somewhere as well as the fact that you want to use SFTP.

copy
REMOTE-URL: the IP address or domain name or your server
USERNAME: @@USER@@
PASSWORD: @@PASSWORD@@
PROTOCOL: SFTP
PORT: 22

Done!

That's it. This program makes install SFTP way easier than it used to be.