# Enable SFTP on LINUX server {% hint style="success" %} This tutorial was successful tested with\ **System:** Ubuntu 20.04.03 LTS\ **Shell:** bash {% endhint %} {% hint style="danger" %} Create several tabs with open ssh connection, in case something went wrong and the ssh pipe gets broken and you need to reset ssh settings! {% endhint %} Let´s check if ssh is already running. ```bash sudo systemctl status ssh # OUTPUT should be similar to: ● ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2022-01-21 12:43:25 UTC; 1s ago Docs: man:sshd(8) man:sshd_config(5) Process: 47402 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS) Main PID: 47413 (sshd) Tasks: 1 (limit: 462) Memory: 1.1M CGroup: /system.slice/ssh.service └─47413 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startupsbash ``` On your linux server you need to create a new user "sftpuser" as well as a group "sftp". we will specify this group as sftp user group. {% hint style="danger" %} **Attention:** if you add a user to the sftp group because the user will NOT be allowed to use SSH! In worst case you are logged out of your server. Do NOT add a sudo user that you are using to connect to your server to the sftp group! {% endhint %} On your linux server you need to create a new user "sftpuser" as well as a group "sftp". we will specify this group as sftp user group. ```bash addgroup sftp useradd -m sftpuser -g sftp passwd sftpuser chmod 755 /home/sftpuser ``` Now we need to modify the ssh configuration file and enable sftp. Add the following lines to the end of `sshd_config` file. ``` cp /etc/ssh/sshd_config /etc/ssh/sshd_config_bck sudo nano /etc/ssh/sshd_config ``` Add these 5 lines to the end of `sshd_config` ``` Match group sftp ChrootDirectory /home X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp ``` To verify that the `sshd_config` file is correct pls run \ `sudo sshd -t` \ if it retuns nothing everything is fine and we can restart the `sshd.service` {% hint style="danger" %} If you get some feedback / output / error from `sudo sshd -t` \ Do not go on with the next step. In worst case ssh does not work properly and you are locked out of your server. {% endhint %} ``` systemctl restart ssh ``` {% hint style="info" %} If you are using private and public key access (RSA) on ssh you propably need to copy `authorized_keys`*,* `known_hosts` into the sftpuser home folder `/home/sftpuser/.ssh` {% endhint %} {% hint style="success" %} **Congratulations.** Now you can try to connect over sftp from your local host via [FileZiller](https://filezilla-project.org). {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://geldtiger.gitbook.io/geti-explainer/enable-sftp-on-linux-server.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.