network share Archives - Format Swap

How to Setup an SFTP Server on Ubuntu 22.04 using OpenSSH

Posted on January 26, 2023February 4, 2023 by admin

In this article you will learn how to enable and connect to the SFTP server in OpenSSH. With SFTP (Secure File Transfer Protocol) you can easily transfer files over the internet using SSH. We will be using Ubuntu 22.04 for our server, however any version of Linux should work.

This guide will use password authentication with IP firewall restriction. This will prevent anyone besides those who you want accessing the box via SSH or SFTP. If you want the highest level of security possible you will want to enable keys in OpenSSH before following this guide. Learn how to enable keys with our How to Setup OpenSSH with Keys on Ubuntu 22.04 tutorial.

SFTP vs FTP

It is important to mention that SFTP is not the same as FTP. One of the main differences is while they both transfer files, only SFTP encrypts the data during transit. Another difference is FTP is unable to benefit from public key files for authentication. Using public keys with SFTP increases security by encrypting the transfer data stream. If your aim is security then it is highly recommended you use SFTP versus FTP. Now that I have described the differences lets move on to configuring and connecting to an SFTP server in OpenSSH.

Update and Upgrade Ubuntu

The first thing you need to do is update and upgrade your Ubuntu installation. Open a terminal and type the following command. Afterwards press “Y” to confirm.

sudo apt update && sudo apt upgrade

Install OpenSSH

After your system has finished updating you will need to install the OpenSSH server software. OpenSSH provides encrypted file transfer for file transfers and remote logins. Install the software using the apt command.

sudo apt install openssh-server

View SSH Status

Next you need to verify that OpenSSH is installed on your system and actively running. Use the below command and confirm that you see “active (running)” on the third line.

sudo systemctl status ssh

If SSH does not show as active and running it may be disabled. Run the following command to enable and start the OpenSSH server.

sudo systemctl enable ssh && sudo systemctl start ssh

Create New User

Now you will need to create a new user for logging into the SFTP server. Run the adduser command then type a password. You can skip the other fields if you wish. Finally press “Y” to confirm.

sudo adduser sftpuser

Create New Group

Afterwards we will create a new group for our sftpuser. We will configure SSH to give SFTP access to any user in this group. Run the addgroup command to proceed.

sudo addgroup sftpusers

Add User to Group

Next we need to add the user to the new group. Run the usermod command to add the sftpuser to the sftpusers group.

sudo usermod -a -G sftpusers sftpuser

Change User’s Home Permissions

Then we will set new permissions on the sftpuser’s home directory. This will allow the SFTP server to access these files. First execute the chown command followed by the chmod command. The sftpuser’s home will be the folder you access when you connect to the SFTP server.

sudo chown root: /home/sftpuser

sudo chmod 777 /home/sftpuser

Edit the SSH Config File

Next we need to edit the sshd_config file and edit a few lines. Open the configuration file using the nano text editor as shown below.

sudo nano /etc/ssh/sshd_config

Locate the Subsytem Line

After you open the file scroll down and look for the Subsystem line. Once you locate the line comment it out using the “#” symbol as shown below.

#Subsystem      sftp    /usr/lib/openssh/sftp-server

Add New Lines

Now that you have commented out the Subsystem line you need to add a few additional lines. Paste the following underneath the line you commented out. Your sshd_config file should match the screenshot above. After the lines have been added save and close the file using “Ctrl+X”.

Subsystem sftp internal-sftp

Match Group sftpgroup
     ChrootDirectory %h
     X11Forwarding no
     AllowTCPForwarding no

Restart SSH

To apply our changes we will restart ssh. Use the following service command.

sudo service ssh restart

Configure the Firewall

The next step is to configure the firewall using UFW to control access to our SFTP server. Start by denying all incoming traffic, and allowing all outgoing.

sudo ufw default deny incoming
sudo ufw default allow outgoing

Allow SSH (All IP’s)

You have two options when allowing SSH through the firewall. You can either allow any IP to access port 22 (not recommended). Or you can only allow specific IP(s) through the firewall. I recommend the section option as it offers higher security. If you want to allow any IP run the following command.

sudo ufw allow ssh

Allow SSH (Specific IP’s)

If you want to only allow specific IP’s to access the server run the following command for each IP you want to have access. You need to replace “IP-ADDRESS” with your own IP. This is highly recommended as it offers the highest level of security.

sudo ufw allow from IP-ADDRESS to any port ssh

Enable UFW

After you have allow the IP’s (or everyone) who you want to have access you will need to enable UFW. Run the following command.

sudo ufw enable

Check Firewall Status

The last step is to check the firewall status and verify your configuration. Check it using the ufw status command. If you allowed access to only specific IP’s you will see them in the “From” column.

sudo ufw status

Connecting to the SFTP Server

Finally we can test our connection to the SFTP server. The first thing you will need is a FTP client. I recommend downloading FileZilla. This is the software we will use in this tutorial. You can install it using the following apt command.

sudo apt install filezilla

Edit Site List

Open Filezilla and click on the site manager button in the upper left hand corner.

Add a New Site

Type Connection Information

Confirm Host Key Prompt

Verify Connection

Questions?

If you have any questions or comments feel free to leave them below.

Related Resources

View our 5 Reasons to Switch from Windows 10 to Linux .

Learn How to Install Ubuntu Server 22.04 [Step by Step].

Check out How to Setup OpenSSH with Keys on Ubuntu 22.04.

View our How to Mount an SMB (Samba) Share in Linux with cifs-utils tutorial.

Learn How to Use the Alias Command in Linux.

View all of our available online tools and converters at Formatswap.com.

How to Mount an SMB (Samba) Share in Linux with cifs-utils

Posted on October 11, 2022October 11, 2022 by admin

In this tutorial you will learn how to use the CIFS-UTILS program to mount network shares. You will also learn how mount the file shares at boot. This allows you to avoid typing your credentials, as well as avoiding the use of the mount command when you turn on the system. With CIFS-UTILS you will be able to easily access files from a SMB share on your network. I will be using Ubuntu 22.04 LTS throughout this tutorial. However it is fine if you have a different version, as this guide will work on any Ubuntu based Linux distribution.

Update and Upgrade Ubuntu

The first thing you will need to do is update and upgrade your Ubuntu installation. Type in the following command and press Enter.

sudo apt update && sudo apt upgrade

Now you will see a window asking you if you want to continue. Press “Y” and then Enter.

Install CIFS-UTILS

Afterwards you will need to install cifs-utils. This is a program that allows you to easily mount different file shares on Linux. Type in the following command to install it.

sudo apt install cifs-utils

Create a Mount Directory

Next you need to create a folder to mount the SMB share. You can create a folder in either /mnt/ or /media/.

sudo mkdir /media/Share
or
sudo mkdir /mnt/Share

Navigate to the Home Folder

Now navigate to your home folder.

cd ~/

Create the Credentials File

Once you are in the home folder you need to create a credentials file. A credentials file is vastly more secured versus providing the password and username in plain text.

nano .creds

Now type your username and password in the format above. Once you have typed your credentials, press “Ctrl+X” then “Y” to save and quit the text editor.

Apply Permissions

Next we will apply the permissions to the credentials file. For security reasons you only want root to be able to read and write the file. Enter the command below to apply the changes.

sudo chown root: .creds && sudo chmod 600 .creds

Mount the SMB Share

Finally you will mount the SMB network share. Enter the below cifs mount command replacing the credential directory, IP address, mount location, and share name with your own.

sudo mount -t cifs -o credentials=/home/USERNAME/.creds,dir_mode=0755,file_mode=0755 //IPADDRESS/ShareName /mnt/Share

After you run the command you can navigate to the mount folder to view the network share that you have added. You have now successfully mounted a SMB network share using cifs-utils.

Auto Mounting

If you only use the mount command, your network share will no longer be mounted when you reboot. We will edit the fstab file and add a few entries. This is the file that defines what file systems are mounted at boot. Continue reading below to make the share persistent.

Edit the fstab File

First we need to open the fstab file. Type in the following command to edit it.

sudo nano /etc/fstab

Add fstab Entries

Now you will want to add a new line for mounting your cifs share. Use the code below as an example of what to type, replacing the credentials, IP, and share name with your own.

//IPADDRESS/ShareName  /mnt/Share  cifs  credentials=/home/USERNAME/.creds,file_mode=0755,dir_mode=0755 0  0

Reboot PC

The last step will be to reboot your PC. After rebooting you will see the network share mounted at /mnt/ShareName or /media/ShareName depending on where you created the folder. Thank you for reading the tutorial. If you are interested in similar technology tutorials check out some of our articles below.

Questions?

If you have any questions or comments feel free to leave them below.

Related Resources

View our How to Permanently Disable Windows Defender article.

Learn How to Install Ubuntu Server 22.04 [Step by Step].

Click here to learn How to install and configure Nginx – Ubuntu 20.04.

View our Programming Articles and Tutorials.

Learn more cool things in Linux with our Linux Tutorials.

View all of our available online tools and converters at Formatswap.com.

How to Add a Network Location in Windows 10

Posted on September 25, 2022February 4, 2023 by admin

In this tutorial you will learn how to add a network location to Windows 10. This will allow you to access a file share remotely by connecting computers on the network. The main benefit to adding a network location is that it will be permanently saved in file explorer. This allows you to avoid typing the network address of the location each time. As well as easy management of multiple network shares. When you are finished you should have a new location added to the Windows Explorer Network Locations list.

Open File Explorer

You can open File Explorer by clicking on the folder icon in the taskbar or by pressing “Win+E” on your keyboard.

Navigate to This PC

Now you will need to click on “This PC” (the computer icon on the left) in your File Explorer.

Open Add Network Location Dialog

After navigating to the “This PC” window you have to right click then click on “Add a network location”.

Click Next

welcome to the add network location wizard

Now that the Add Network Location window is open press the “Next” button.

Set Network Location to Custom

Afterwards click on “Choose a custom network location”. Then click “Next” to continue.

Enter Network Address

Now you will need to enter the IP address and the name of the share, then press “Next”.

Confirm Credentials

A window will open asking you to enter the shares credentials. Enter the credentials and press “Next” to continue.

Enter a Share Name

You will then be asked to type a name for the network share. I will be using “My share”. Then you will click on the “Next” button.

Network Location Added

The Network Location has been successfully added. Click on the “Finish” button to open the share folder.

View in My PC

You can find the Network Share you just added by navigating to “This PC” in the left column of File Explorer. You will see the share listed under “Network locations”. You have now completed the tutorial. If you would like to learn how to create a network share continue reading below.