In the example below, we’ll use two Linux machines, one of which acts as an SFTP server and the other as an SFTP client. Then we’ll set up the SFTP server and download files from the server to the client.
First, set up an SFTP server. To download files from the SFTP server, you need a user that has access to communicate with the server via SFTP. So, create a user and add this user to a group. In this example, we’ll create a group called sftp_group and a user called sftp_user.
sudo addgroup sftp_group
sudo useradd -m sftp_user -g sftp_group
Now add a password for this user and provide permissions to access a directory.
sudo passwd sftp_user
sudo chmod 700 /home/sftp_user/
Now the user is ready, and the next step is to install the SSH daemon. To do this, open the terminal and run the command below:
sudo apt install ssh
For SFTP to work, you must change some configurations on the SFTP server.
Open the /etc/ssh/sshd_config file using your favorite text editor and append the following lines to it:
Match group sftp_group
ChrootDirectory /home
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
This configuration lets users in the sftp_group access their home directories using the SFTP protocol. For the updated configuration to take effect, you need to restart the SSH service.
sudo systemctl restart ssh
You previously learned 22 is the default SFTP port as SFTP uses SSH, so check to see if this port is open:
cat /etc/services | less
Since we want to download a file using SFTP, switch to sftp_user and create a file.
su – sftp_user
You can use the whoami command to confirm the user switch has happened and then the ls command after creating a file to verify the file creation.
Log out as this user by running “exit” on the terminal and use SFTP to download the file. First, you need to log in:
sftp [email protected]
As you’re accessing from the same machine, use 127.0.0.1. Now you’ve successfully logged in and can download the file.
ls
cd sftp_user/
get sftp_file.txt
Once the above command executes, you can run “exit” to close the SFTP connection and check if the file was downloaded. This is how you can use SFTP to transfer files. We used the command line in this example, but the majority of users use FTP servers with a GUI for administrators, which allows comfortable and efficient management and configuration of the file transfer system.