The objective is to configure SFPT server over SSH protocol using VSFTPD ftp daemon. This tutorial acts as a Part 2, FTP over Secure SSH protocol. From this reason please make sure that you have already configured your FTP server using our How to setup FTP server on Ubuntu 18.04 Bionic Beaver guide before continuing.
This is a companion discussion topic for the original entry at https://linuxconfig.org/how-to-setup-sftp-server-on-ubuntu-18-04-bionic-beaver-with-vsftpd
NOTE: SOME OF THE POSTS BELOW ARE TRANSFERRED FROM LINUXCONFIG DISQUS COMMENTS.
Hola, me sale bien por la consola, poniendo el nombre del equipo, al conectarme con la ip no me deja acceder.
al conectarme con nathaluis tampoco me deja ingresar con la ip, y al conectarme con el nombre del equipo, me lleva a ver muchas carpetas, … claro no puedo modificarlas peros si tengo acceso a ellas, solo quisiera que al conectarme vea el directorio y nada mas. que se conecte con la ip.
I put the route / var / www and it connects perfectly but when trying to upload something I get permission error. How do I grant permissions to that user to modify this directory?
However, this path looks like a webserver’s document root (or part of it). If this is the case, the best way would be to find the user running the webserver, create a subdirectory that is owned by this user and group (within the real document root directory), then add your user that should upload to this group. Otherwise you may break the webserver.
It is extremely misleading that you are referring to vsftpd
I dont know what were you trying to achieve and if you could post a diagram it would be much nicer.
SSHD has a SFTP subsystem function itself. vsftpd can be configured to have TLS encryption
what is the need of having vsftpd running on port 20 locally just to tunnel SSH port 22 to the instance. I attempted to follow the tutorial 1 and 2 and none of the SFTP clients worked since there was an EC2 instance with .PEM authentication.
Here is my sshd_config file to make an SFTP work on random port 35777 and SSH through default port 22. Also it allows authentication with .pem files.
create sftp group
add ubuntu user to sftp group
sudo mkdir -p /home/sftpdir
make sure the .ssh dir has 700 permissions. Make sure you deal with the authorized_keys file. make sure permissions dont bring up the awful broken pipe error message
Debug with a client and enable verbosity: sftp -v --P 35777 -i "aws-key.pem" useru@host
SSHD config for SFTP on different port
# $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
Port 35777
Port 22
PasswordAuthentication no
ChallengeResponseAuthentication no
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
X11Forwarding yes
PrintMotd no
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*
# override default of no subsystems
Subsystem sftp internal-sftp
Match group sftp
Match LocalPort 38250
ChrootDirectory /home/sftpdir
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp