The easiest way to setup an SFTP server in any of the cloud environments – Azure , AWS or GCP is to use our publicly available image solution in the marketplace. Fast deployment with secure access with our SFTP server solution using SFTP / SSH server software.
After logging into your VM via RDP the first step is to configure the SFTP application and give your users access:
Step 1 – Generate SFTP Host Keys
On the desktop right click on FreeFTPd and Run as administrator
This will then launch a task bar icon. In future to control the settings right click on the icon and select “configure“
The GUI will launch and we now need to select “SFTP / Hostkey“
As per the screenshot you will need to generate new keys and save them in the following directory:
“C:\Program Files (x86)\freeFTPd\”
Select “1024 bits”
Then hit “Apply & Save“
Next, Click on SFTP and select “Start SFTP“
You can add optional greeting message and goodbye message. The default SFTP root directory where the users folders will be located are:
“C:\Program Files (x86)\freeFTPd\sftproot”
On the status tab you should now see the SFTP status as running:
Step 2 – Adding Users
All connections are secure via port 22 (SFTP / SSH)
There are 3 options
- Authenticate local Users with username / password
- Authenticate Active Directory Users
- Authenticate users with Private/Public ssh keys
Adding Local Users
To authenticate local users on the server, add users via computer management as shown in following screenshot:
In this example i’ve added 4 users (ftp1,ftp2,ftp3,ftp4)
Next, open up the freFTPd gui and under the users tab we will add these local users we just created. Click on Add user and enter the username of the local user and select NT Authentication. Leave the home directory as the default and uncheck FTP and make sure SFTP is selected and press apply, as shown below:
Adding Active Directory Users
To authenticate with Active Directory, open up the users tab within the freeFTPd gui and click add user. Add the username(SAMAccount) of the user, select NT Authentication and enter the domain name of your AD, as shown in this example. Make sure FTP is unselected and SFTP is selected.
Authenticate with Private/Public keys via SSH
You have the added option to allow users to connect to the server using a private key that communicates with a public key on the SFTP server.
Open up freeFTPd gui and under users add a new user or select an existing user and change their authentication to password stored as SHA1 hash (make a note of this password as it will have to match the passphrase on the private key you’re about to generate)
On the desktop open the PuTTYgen application
You will need to create a public key and private key for each user.
First make sure under parameters / type of key to generate that RSA is selected. Then press Generate.
Next you will need to move your mouse around the screen in the blank space, as show with the red random lines, this type of movement generates the key. Keep doing this until the green bar finishes loading and the key is generated.
Once the key is generated, enter a key passphrase, this needs to match the SHA1 password hash on the user account, otherwise login will fail.
Save the public key in the following directory “C:\Program Files (x86)\freeFTPd“. Making sure to save with no file Extension, as shown in this screenshot. The file name needs to match the username of the account your creating this public key for:
Next is to save the private key and give this to the user who will be connecting. This file name you can name it anything you like:
Step 3 – SFTP User Folders
The first time a user connects their home folder will be created in the following location:
“C:\Program Files (x86)\freeFTPd\sftproot“
If you experience a user can’t upload due to permission issue, change the NTFS permission on their homefolder with their account and give write permission
Client SFTP Software
To allow clients to connect, users can use any SFTP client. You can use WinSCP client, free download
SFTP Firewall Ports
The SFTP server solution comes pre configured with the required firewall ports. If however you are using a third party firewall or need to manually setup the firewall ports, these are what you need:
- SFTP – Port 22 TCP
- FTP – Port 21 TCP
- FTPS – Port 990 TCP
Any questions about the setup of the VM in Azure or AWS, leave your comments below
Question: I get the error “The specified address is already in use”
Answer: This means there is an instance of freeFTPd running in the background. Open up task manager and cancel any other instances of freeFTPd and reopen. Another option is to stop the freeFTPService and restart it.
Want some help (hire us)?
If you would like us to implement the SFTP server into your environment and fully configure it and get it up and running, get in contact with us and we will get you up and running asap