Setting up SFTP on AWS EC2
I've recently setup a new instance of AWS EC2(Ubuntu 18.04) to host WordPress sites using Docker. To make transferring of files a lot easier from my development environment to my ec2 instance, I set up an SFTP server.
If anyone else is trying to do something similar, here is how you can do the same.
-
Install vsftpd
sudo apt-get install vsftpd -
Update the vsftpd.conf file (/etc/vsftpd.conf)
-
I created a copy of the original file and just created a new one
mv /etc/vsftpd.conf /etc/vsftpd.conf_orig touch /etc/vsftpd.confThe new one should have the following config
listen=NO listen_ipv6=YES anonymous_enable=NO local_enable=YES write_enable=YES local_unask=022 dimessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES chroot_local_user=YES secure_chroot_dir=/var/run/vsftpd/empty pam_service_name=vsftpd rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key ssl_enable=YES pasv_enable=YES pasv_min_port=12000 pasv_max_port-12048 allow_writeable_chroot=YESRestart the vsftpd server once you save the config file.
sudo service vsftpd restart
-
-
Open up ports
- Go to the EC2 Management Console
- Go to Security Groups under the left navigation
- Select the group that is assigned to the EC2 instance or create a new one and assign it to the instance
- Add a rule to allow ports 21 and 12000-12048 (or whatever port range you used in the vsftpd.conf, pasvminport - pasvmaxport)
-
Create group and add user. This is the user that you will use to access sftp.
sudo addgroup sftp sudo useradd -m sftpuser -g sftp -
Install SSH
sudo apt-get install ssh -
Update the SSH config (/etc/ssh/sshd_config) with the following
Match group sftp ChrootDirectory /home X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp PasswordAuthentication yes -
Restart ssh
sudo service ssh restart
This is a pretty simple setup, hopefully this helps you get started.
Comments powered by Talkyard.