dotlinux blog

How to Set Up SFTP User on Linux

Secure File Transfer Protocol (SFTP) is a secure way to transfer files over a network. It provides encryption and authentication, making it a popular choice for transferring sensitive data. In this blog post, we will guide you through the process of setting up an SFTP user on a Linux system. This will allow you to securely transfer files between your local machine and the Linux server.

2026-03

Table of Contents#

Prerequisites#

Before we begin, make sure you have the following:

  • A Linux server (e.g., Ubuntu, CentOS) with SSH access.
  • Root or sudo privileges on the server.

Create a New User#

First, we need to create a new user account that will be used for SFTP. Open a terminal on your Linux server and run the following command:

sudo adduser sftpuser

Replace sftpuser with the desired username. You will be prompted to enter a password and other user information. Follow the prompts to complete the user creation process.

Configure SSH for SFTP#

Next, we need to configure the SSH server to allow SFTP connections. Open the SSH configuration file:

sudo nano /etc/ssh/sshd_config

Scroll down to the bottom of the file and add the following lines:

Match User sftpuser
    ForceCommand internal-sftp
    PasswordAuthentication yes
    ChrootDirectory /home/sftpuser
    PermitTunnel no
    AllowAgentForwarding no
    AllowTcpForwarding no
    X11Forwarding no

Replace sftpuser with the username you created in the previous step. The ChrootDirectory option specifies the directory that the SFTP user will be restricted to. Make sure the directory exists and has the correct permissions.

Save and close the file. Then, restart the SSH service:

sudo systemctl restart sshd

Restrict the SFTP User's Directory#

Now, we need to set the correct permissions on the SFTP user's directory. Run the following commands:

sudo chown root:root /home/sftpuser
sudo chmod 755 /home/sftpuser
sudo mkdir /home/sftpuser/upload
sudo chown sftpuser:sftpuser /home/sftpuser/upload
sudo chmod 755 /home/sftpuser/upload

These commands change the owner and permissions of the sftpuser directory and create an upload subdirectory for the user to upload files.

Test the SFTP Connection#

Finally, we can test the SFTP connection. Open a terminal on your local machine and run the following command:

sftp sftpuser@your_server_ip

Replace sftpuser with the username you created and your_server_ip with the IP address of your Linux server. You will be prompted to enter the password for the sftpuser account. If the connection is successful, you should see an sftp> prompt.

You can now use SFTP commands to transfer files. For example, to list the files in the remote directory, run:

sftp> ls

To upload a file from your local machine to the remote server, run:

sftp> put /path/to/local/file /path/to/remote/file

To download a file from the remote server to your local machine, run:

sftp> get /path/to/remote/file /path/to/local/file

Conclusion#

In this blog post, we have shown you how to set up an SFTP user on a Linux system. By following these steps, you can securely transfer files between your local machine and the Linux server. Remember to always use strong passwords and keep your system up to date with the latest security patches.

References#