How to Setup SFTP Server 2016 in Azure

How to Setup SFTP Server 2016 in Azure

To setup an SFTP server in Azure download our marketplace VM solution that comes pre-configured as an SFTP server allowing you to securely transfer files.

 

 

 

SFTP-Architecture

 

After logging into your VM via RDP the first step is to configure the SFTP application and give your users access:

 

Step 1 – Generate SFTP Host Keys

 

On the desktop click on FreeFTPd

 

FreeFTPd

 

This will then launch a task bar icon, right click on the icon and select “configure

 

sftp-running-in-taskbar

 

The GUI will launch and we now need to select “SFTP / Hostkey

 

As per the screenshot you will need to generate new keys and save them in the following directory:

 

“C:\Program Files (x86)\freeFTPd\”

 

Select “1024 bits” 

 

Then hit “Apply & Save

 

generate-host-keys

 

Next, Click on SFTP and select “Start SFTP

 

You can add optional greeting message and goodbye message.  The default SFTP root directory where the users folders will be located are:

 

“C:\Program Files (x86)\freeFTPd\sftproot”

 

start-SFTP-Server

 

On the status tab you should now see the SFTP status as running:

 

sftp-server-status

 

Step 2 – Adding Users

 

All connections are secure via port 22 (SFTP / SSH)

 

There are 3 options

 

  1. Authenticate local Users with username / password
  2. Authenticate Active Directory Users
  3. Authenticate users with Private/Public ssh keys

 

Adding Local Users

 

To authenticate local users on the server, add users via computer management as shown in following screenshot:

 

In this example i’ve added 4 users (ftp1,ftp2,ftp3,ftp4)

 

create-local-users

 

Next, open up the freFTPd gui and under the users tab we will add these local users we just created. Click on Add user and enter the username of the local user and select NT Authentication. Leave the home directory as the default and uncheck FTP and make sure SFTP is selected and press apply, as shown below:

 

add-sftp-users

 

Adding Active Directory Users

 

To authenticate with Active Directory, open up the users tab within the freeFTPd gui and click add user.  Add the username(SAMAccount) of the user, select NT Authentication and enter the domain name of your AD, as shown in this example. Make sure FTP is unselected and SFTP is selected.

 

active-directory-authentication

 

Authenticate with Private/Public keys via SSH

 

You have the added option to allow users to connect to the server using a private key that communicates with a public key on the SFTP server.

 

Open up freeFTPd gui and under users add a new user or select an existing user and change their authentication to password stored as SHA1 hash (make a note of this password as it will have to match the passphrase on the private key you’re about to generate)

 

 

password-hash

 

 

 

On the desktop open the PuTTYgen application

 

You will need to create a public key and private key for each user.

 

First make sure under parameters / type of key to generate that RSA is selected. Then press Generate.

 

Next you will need to move your mouse around the screen in the blank space, as show with the red random lines, this type of movement generates the key. Keep doing this until the green bar finishes loading and the key is generated.

 

generate-ssh-key

 

Once the key is generated, enter a key passphrase, this needs to match the SHA1 password hash on the user account, otherwise login will fail.

 

create-public-rsa-key

Save the public key in the following directory “C:\Program Files (x86)\freeFTPd“. Making sure to save with no file Extension, as shown in this screenshot. The file name needs to match the username of the account your creating this public key for:

file-types

 

Next is to save the private key and give this to the user who will be connecting. This file name you can name it anything you like:

create-private-rsa-key

 

 

Step 3 – SFTP User Folders

 

The first time a user connects their home folder will be created in the following location:

 

C:\Program Files (x86)\freeFTPd\sftproot

 

If you experience a user can’t upload due to permission issue, change the NTFS permission on their homefolder with their account and give write permission

 

sftp-homepaths

 

Client SFTP Software

 

To allow clients to connect, users can use any SFTP client.  You can use FileZillas FTP Client

 

Support

 

Any questions about the setup of the VM in Azure, leave your comments below

 

FAQ

 

Question: I get the error “The specified address is already in use”

 

Answer: This means there is an instance of freeFTPd running in the background. Open up task manager and cancel any other instances of freeFTPd and reopen. Another option is to stop the freeFTPService and restart it.

 

Want some help (hire us)?

 

If you would like us to implement the SFTP server into your environment and fully configure it and get it up and running, get in contact with us and we will get you up and running asap

 

 

 

Andrew Fitzgerald

Cloud Solution Architect. Helping customers transform their business to the cloud. 20 years experience working in complex infrastructure environments and a Microsoft Certified Solutions Expert on everything Cloud

No Comments

Post a Comment

Comment
Name
Email
Website