How to Setup SFTP Server 2016/2019 in Azure/AWS/GCP

The easiest way to setup an SFTP server in any of the cloud environments – Azure , AWS  or GCP is to use our publicly available image solution in the marketplace.  Fast deployment with secure access with our SFTP server solution using SFTP / SSH server software. 

Getting Started

RDP to New SFTP Server


Once you’ve deployed our SFTP server solution, the next step is to login via RDP. Refer to one our guides below depending on which cloud solution you are using:


After logging into your VM via RDP the first step is to configure the SFTP application and give your users access:


Step 1 – Generate SFTP Host Keys


On the desktop right click on FreeFTPd and Run as administrator


sftp azure


This will then launch a task bar icon. In future to control the settings right click on the icon and select “configure


aws sftp server


The GUI will launch and we now need to select “SFTP / Hostkey


As per the screenshot you will need to generate new keys and save them in the following directory:


“C:\Program Files (x86)\freeFTPd\”


Select “1024 bits” 


Then hit “Apply & Save


setup sftp server azure


Next, Click on SFTP and select “Start SFTP


You can add optional greeting message and goodbye message.  The default SFTP root directory where the users folders will be located are:


“C:\Program Files (x86)\freeFTPd\sftproot”


install SFTP server azure


On the status tab you should now see the SFTP status as running:


install SFTP aws



Step 2 – Adding Users


All connections are secure via port 22 (SFTP / SSH)


There are 3 options


  1. Authenticate local Users with username / password
  2. Authenticate Active Directory Users
  3. Authenticate users with Private/Public ssh keys


Adding Local Users


To authenticate local users on the server, add users via computer management as shown in following screenshot:


In this example i’ve added 4 users (ftp1,ftp2,ftp3,ftp4)


sftp solution aws


Next, open up the freFTPd gui and under the users tab we will add these local users we just created. Click on Add user and enter the username of the local user and select NT Authentication. Leave the home directory as the default and uncheck FTP and make sure SFTP is selected and press apply, as shown below:


sftp solution azure


Adding Active Directory Users


To authenticate with Active Directory, open up the users tab within the freeFTPd gui and click add user.  Add the username(SAMAccount) of the user, select NT Authentication and enter the domain name of your AD, as shown in this example. Make sure FTP is unselected and SFTP is selected.


ftp azure


Authenticate with Private/Public keys via SSH


You have the added option to allow users to connect to the server using a private key that communicates with a public key on the SFTP server.


Open up freeFTPd gui and under users add a new user or select an existing user and change their authentication to password stored as SHA1 hash (make a note of this password as it will have to match the passphrase on the private key you’re about to generate)




On the desktop open the PuTTYgen application


You will need to create a public key and private key for each user.


First make sure under parameters / type of key to generate that RSA is selected. Then press Generate.


Next you will need to move your mouse around the screen in the blank space, as show with the red random lines, this type of movement generates the key. Keep doing this until the green bar finishes loading and the key is generated.




Once the key is generated, enter a key passphrase, this needs to match the SHA1 password hash on the user account, otherwise login will fail.




Save the public key in the following directory “C:\Program Files (x86)\freeFTPd“. Making sure to save with no file Extension, as shown in this screenshot. The file name needs to match the username of the account your creating this public key for:





Next is to save the private key and give this to the user who will be connecting. This file name you can name it anything you like:




Step 3 – SFTP User Folders


The first time a user connects their home folder will be created in the following location:


C:\Program Files (x86)\freeFTPd\sftproot


If you experience a user can’t upload due to permission issue, change the NTFS permission on their homefolder with their account and give write permission




Client SFTP Software


To allow clients to connect, users can use any SFTP client.  You can use WinSCP client, free download


SFTP Firewall Ports


The SFTP server solution comes pre configured with the required firewall ports. If however you are using a third party firewall or need to manually setup the firewall ports, these are what you need:


  • SFTP – Port 22 TCP
  • FTP – Port 21 TCP
  • FTPS – Port 990 TCP




Any questions about the setup of the VM in Azure or AWS, leave your comments below




Question: I get the error “The specified address is already in use”


Answer: This means there is an instance of freeFTPd running in the background. Open up task manager and cancel any other instances of freeFTPd and reopen. Another option is to stop the freeFTPService and restart it.


Want some help (hire us)?


If you would like us to implement the SFTP server into your environment and fully configure it and get it up and running, get in contact with us and we will get you up and running asap

Andrew Fitzgerald

Cloud Solution Architect. Helping customers transform their business to the cloud. 20 years experience working in complex infrastructure environments and a Microsoft Certified Solutions Expert on everything Cloud

  • Elnaz T
    Posted at 3:21 pm, 23rd January 2019

    Thanks for the document . Which one do you recommend ? SFTP in windows 2016 image or on linux server?

      • Elnaz T
        Posted at 6:41 pm, 23rd January 2019

        Thanks Andrew,
        I just created a SFTP server based on your image and documentation . How can I change the home directory ? When I chose another directory I get this :
        Error: Failed to parse returned path.
        Error: Failed to retrieve directory listing

        We may want to attach a big storage and change all home directories to that .


        • Elnaz T
          Posted at 8:41 pm, 23rd January 2019

          I just figured out how to change root directory 🙂

          • ramakrishna
            Posted at 3:31 pm, 4th June 2019

            Hi Could you please post how to change the root directory, in my case i have share single folder to two different user’s. this would be helpful

  • shabnamR
    Posted at 8:44 pm, 25th February 2019

    How can we change the SFTP port from 22 to another port ?

  • Alex
    Posted at 6:09 pm, 3rd June 2019

    I followed the instructions exactly as they were written and I’m getting this error with FileZilla

    Error: Authentication Failed
    Error: Critical error: Could not connect to server

    I created the user through local account

  • Fadi Grutel
    Posted at 10:01 am, 19th December 2019

    I am interested in using your solution on our Azure, may I ask you what is the encryption method for this servie?

      • Fadi Grutel
        Posted at 4:28 pm, 19th December 2019

        Thanks, Andrew,
        I am sorry to not mention that we just want to use the SFTP service, not FTp, for this what is exactly encryption method? How can I see the configuration?

          • Fadi Grutel
            Posted at 9:00 pm, 19th December 2019

            Sorry for many questions,
            But my company needs to make sure before implementing the solution in our environment.
            1- As I understand SSH is a method for secure access to the server . I mean it secures username and passwords.
            2- My question is, are my files on SFTP server encrypted? I see this “Transfer data securely over SSH layer using AES, DES, and BLOWFISH encryption” but which AES? AES-128, AES-192, and AES-256?


  • K.S.
    Posted at 7:12 pm, 30th January 2020

    Are the files that are stored on the server Encyrpted themselves??

  • Fadi Grutel
    Posted at 4:02 pm, 28th April 2020

    Is 2019 version similar to 2016 ? I am using 2016 deployment.

Post a Comment