Eric Guo's

Hoping writing JS, Ruby & Rails and Go article, but fallback to DevOps note

Setup a SFTP Service in Ubuntu 20.04 Server


Creating a New User

sudo adduser sammyfiles # using the default

Restricting Access to the home directory only

Match User sammyfiles
ForceCommand internal-sftp
PasswordAuthentication yes
PermitTunnel no
AllowAgentForwarding no
AllowTcpForwarding no
X11Forwarding no

Verifying the Configuration

systemctl restart sshd
ssh sammyfiles@your_server_ip # should failed
sftp sammyfiles@your_server_ip # should success

More detail see this link

Setting up Nginx to do stream proxy

Because the SFTP server is in the internal network, only port 1027 is available on the Internet.

yum install nginx-mod-stream
firewall-cmd --list-all
firewall-cmd --add-port=1027/tcp --permanent
firewall-cmd --reload
firewall-cmd --list-all
systemctl restart filewalld

The stream block should be located with the http block side by side.

stream {
upstream jtyhlinkthape_proxy {
server {
listen 1027;
proxy_timeout 30s;
proxy_pass jtyhlinkthape_proxy;