How To Set up SFTP Server on Centos 7

In this guide, we want to teach you to Set up SFTP Server on Centos 7.

Secure Shell (SSH) File Transfer Protocol, better known as SFTP, is one of the most reliable ways to send and access files online. Unlike other file transfer methods that let users access information with only their user ID and password, SFTP gives administrators the option to set up SSH keys unique to each user as well. This additional layer of protection makes for a more secure process that can save you time and dollars down the road. SFTP as a tool is helpful in moving files between servers.

Steps To Set up SFTP Server on Centos 7

To complete this guide, log in to your server as a non-root user with sudo privileges. To do this, you can follow our guide on Initial Server Setup with Centos 7.

Install SSH on Centos 7

You should have SSH installed on your server to set up the SFTP server. First, update your local package index with the command below:

sudo yum update -y

Then, use the following command to install SSH:

sudo yum install openssh-server -y

Start and Enable SSH Service

When your installation is completed, use the commands below to start and enable the SSH service to start on boot:

# sudo systemctl start sshd
# sudo systemctl enable sshd

Verify your SSH service is active and running on Centos 7:

sudo systemctl status sshd
Output
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2023-03-15 07:23:46 EDT; 2min 10s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 18293 (sshd)
   CGroup: /system.slice/sshd.service
           └─18293 /usr/sbin/sshd -D
....

Configure SFTP User Account on Centos 7

At this point, you need to create a group for the SFTP to grant some mutual permissions to a group of users.

First, create a group named “sftp” by using the command below: You can choose your desired name.

sudo groupadd sftp

Then, create a user who will have the same privileges as the group. To do this, run the command below: You can choose your desired name.

sudo useradd orca

Verify that your user has been created by using the command below:

less /etc/passwd | grep orca
Output
orca:x:1000:1001::/home/orca:/bin/bash

Then, create a password for your user by using the following command:

sudo passwd orca
Output
Changing password for user orca.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

Now you need to add your user to the SFTP group on Centos 7:

sudo usermod -a -G sftp orca

At this point, verify the SFTP’s group details by using the command below:

grep sftp /etc/group
Output
sftp:x:1000:orca

As you can see from the output, user orca is added successfully to the SFTP group.

Configure a Transfer File for SFTP on Centos 7

At this point, you need to have a directory that the users can access instead of accessing the entire machine. 

To create the directory under /var/sftp/ run the command below:

sudo mkdir -p /var/sftp/Document

Set the ownership of the above directory to the root user by using the following command:

sudo chown root:root /var/sftp

Also, set the correct permissions for it:

sudo chmod 755 /var/sftp

At this point, you need to allow access to the “Documents” directory to the SFTP user (orca):

sudo chown orca:orca /var/sftp/Document

Now you need to edit the SSH configuration file. Open the file with your favorite text editor, here we use the vi editor:

sudo vi /etc/ssh/sshd_config

Find the Subsystem sftp /usr/lib/openssh/sftp-server line and the following content under it:

Subsystem sftp  /usr/libexec/openssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding no
#       AllowTcpForwarding no
#       PermitTTY no
#       ForceCommand cvs server
Match User orca
ChrootDirectory /var/sftp
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

When you are done, save and close the file.

Restart SSH, to apply the changes:

sudo systemctl restart sshd

Login to SFTP Server on Centos 7

First, connect to the user orca using the SSH service only for the testing purpose:

ssh orca@localhost
Output
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
orca@localhost's password:
This service allows sftp connections only.
Connection to localhost closed.

To test from the same system as the one you just configured SFTP on, connecting to the loopback address 127.0.0.1 will work just fine.

sftp orca@127.0.0.1
Output
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '127.0.0.1' (ECDSA) to the list of known hosts.
orca@127.0.0.1's password:
Connected to 127.0.0.1.
sftp> 

At this point, list down the directories of SFTP by using the command below:

sftp> ls
Document

To exit from SFTP Server, just run the exit command.

sftp> exit

Uninstall SFTP From Centos 7

At this point, if you want to remove the SFTP from your server, you can easily delete the SSH with all its associated files:

sudo yum remove openssh-server -y

This command will remove SFTP and all of its data.

Conclusion

At this point, you have learned to Set up SFTP Server on Centos 7.

Hope you enjoy it. Also, you may be interested in these articles on the Orcacore website:

Install Google Chrome Web Browser on Centos 7

Set Up Time Synchronization on Centos 7

Newsletter Updates

Enter your email address below and subscribe to our newsletter

Leave a Reply

Stay informed and not overwhelmed, subscribe now!