SFTPGo
Full featured and highly configurable SFTP server software
A full-featured and highly configurable SFTP server software
This is the author's introduction to this software on Github, which is also true in practice and meets my needs. However, because the installation guide on the official website is ambiguous, I will record the process of my own exploration.
The following operations are based on a fresh installation of Ubuntu 18.04.2 LTS (Bionic Beaver) operating system, which should also be applicable to Debian.
Since I only want to configure a standalone SFTP server and use SFTPGo to assist in managing accounts, I did not use databases like MySQL / PostreSQL, but chose SQLite 3.x.
Version: 0.9.0
Version: 0.9.4-dev
Installation#
System environment required by SFTPGo#
- Requires Go version 1.12 or above
- Requires a database (MySQL / PostreSQL / SQLite)
- If you need to run the cli test script, you also need a Python environment and the Request library.
- Git command
$ sudo add-apt-repository ppa:longsleep/golang-backports
$ sudo apt update
$ sudo apt install golang-go sqlite3 python3 python3-pip git
SFTPGo installation#
It's very simple, just execute the following command:
$ go get -u github.com/drakkan/sftpgo
Then find the sftpgo command in your $GOPATH/bin/ directory. If you don't know your $GOPATH directory, execute go env to view your environment variables.
That's it for the installation, but you still need to do a simple configuration to use it.
PS: If you are in China, you may encounter network connectivity issues. My solution is to find an external machine, complete the installation, and then package the ~/go directory and bring it back to replace the existing one.
SFTPGo service configuration#
Configuration file#
Create a symbolic link or move $GOPATH/bin/sftpgo to the /usr/bin/ directory so that the system can find the sftpgo command. Here is an example of creating a symbolic link:
$ sudo ln -s $GOPATH/bin/sftpgo /usr/bin/sftpgo
Next, create the configuration folder and add the SFTPGo configuration:
$ sudo mkdir -p /etc/sftpgo && cd /etc/sftpgo
$ sudo wget https://raw.githubusercontent.com/drakkan/sftpgo/master/sftpgo.conf
Attached: sftpgo.conf file configuration content
{
"sftpd": {
"bind_port": 2022,
"bind_address": "",
"idle_timeout": 15,
"max_auth_tries": 0,
"umask": "0022",
"banner": "",
"upload_mode": 0,
"actions": {
"execute_on": [],
"command": "",
"http_notification_url": ""
},
"keys": [],
"enable_scp": false,
"kex_algorithms": [],
"ciphers": [],
"macs": [],
"login_banner_file": "",
"setstat_mode": 0,
"enabled_ssh_commands": ["md5sum", "sha1sum", "cd", "pwd"]
},
"data_provider": {
"driver": "sqlite",
// Your SQLite database path
"name": "/etc/sftpgo/sftpgo.db",
"host": "",
"port": 5432,
"username": "",
"password": "",
"sslmode": 0,
"connection_string": "",
"users_table": "users",
"manage_users": 1,
"track_quota": 2,
"pool_size": 0,
"users_base_dir": "",
"actions": {
"execute_on": [],
"command": "",
"http_notification_url": ""
},
"external_auth_program": "",
"external_auth_scope": 0
},
"httpd": {
"bind_port": 8080,
"bind_address": "127.0.0.1",
// The following three configurations are new in version 0.9.4, providing a web control panel
"templates_path": "/var/www/sftpgo/templates",
"static_files_path": "/var/www/sftpgo/static",
"backups_path": "/var/www/sftpgo/backups"
}
}
Web control panel configuration#
cd ~
git clone git@github.com:drakkan/sftpgo.git
mkdir -p /var/www/sftpgo
cp ~/sftpgo/templates /var/www/sftpgo/
cp ~/sftpgo/static /var/www/sftpgo/
cp ~/sftpgo/backups /var/www/sftpgo/
Database#
Add the database file, it can be placed anywhere. For convenience, I put it in the /etc/sftpgo directory.
$ cd /etc/sftpgo
$ sudo wget https://raw.githubusercontent.com/drakkan/sftpgo/master/sql/sqlite/20190706.sql
$ sudo wget https://raw.githubusercontent.com/drakkan/sftpgo/master/sql/sqlite/20190728.sql
$ sudo wget https://raw.githubusercontent.com/drakkan/sftpgo/master/sql/sqlite/20191230.sql
$ sudo sqlite3 sftpgo.db < 20190706.sql
sqlite> .exit
$ sudo sqlite3 sftpgo.db < 20190728.sql
sqlite> .exit
$ sudo sqlite3 sftpgo.db < 20191230.sql
sqlite> .exit
If it is a fresh installation, just execute the following operations:
$ cd /etc/sftpgo
$ sudo rm sftpgo.db
$ sudo sqlite3 sftpgo.db
sqlite> CREATE TABLE "users" ("id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "filters" text NULL, "username" varchar(255) NOT NULL UNIQUE, "password" varchar(255) NULL, "public_keys" text NULL, "home_dir" varchar(255) NOT NULL, "uid" integer NOT NULL, "gid" integer NOT NULL, "max_sessions" integer NOT NULL, "quota_size" bigint NOT NULL, "quota_files" integer NOT NULL, "permissions" text NOT NULL, "used_quota_size" bigint NOT NULL, "used_quota_files" integer NOT NULL, "last_quota_update" bigint NOT NULL, "upload_bandwidth" integer NOT NULL, "download_bandwidth" integer NOT NULL, "expiration_date" bigint NOT NULL, "last_login" bigint NOT NULL, "status" integer NOT NULL);
sqlite> .table
users
sqlite>
That's it for the database. Note: For instructions on SQLite operations, please refer to: SQLite Tutorial | Runoob
Configure SFTPGo's Systemd service#
$ cd /etc/systemd/system
$ sudo wget https://raw.githubusercontent.com/drakkan/sftpgo/master/init/sftpgo.service
$ sudo systemctl daemon-reload
$ sudo systemctl enable sftpgo.service
$ sudo systemctl start sftpgo.service
$ sudo systemctl status sftpgo.service
You can now see the running status of sftpgo.service.
Attached sftpgo.service content:
[Unit]
Description=SFTPGo sftp server
After=network.target
[Service]
User=root
Group=root
Type=simple
WorkingDirectory=/etc/sftpgo
Environment=SFTPGO_CONFIG_DIR=/etc/sftpgo/
Environment=SFTPGO_LOG_FILE_PATH=
EnvironmentFile=-/etc/sftpgo/sftpgo.env
ExecStart=/usr/bin/sftpgo serve
KillMode=mixed
Restart=always
RestartSec=10s
[Install]
WantedBy=multi-user.target
At this point, our SFTPGo software is already running and has opened a service at 127.0.0.1:8080. We can use the REST API provided by it to manage SFTP users.
Note: For security reasons, this service only allows internal network access. If you want to open it to the external network, please set up a proxy tool like Nginx / Caddy by yourself.
SFTPGo REST API#
The official website does not provide an operation panel, only a simple Python-based Cli tool, you can see the relevant instructions here: sftpgo_api_cli
Here is a simple demonstration:
$ cd ~
$ sudo mkdir -p /data/sftp/
$ wget https://github.com/drakkan/sftpgo/raw/master/scripts/sftpgo_api_cli.py
$ pip3 install requests
$ python3 sftpgo_api_cli.py add_user test_username --password "test_pwd" --home_dir="/data/sftp/test_username" --uid 33 --gid 1000 --max_sessions 2 --quota_size 0 --quota_files 0 --permissions * --upload_bandwidth 100 --download_bandwidth 60
$ python3 sftpgo_api_cli.py get_users
This will simply create a test_username and restrict the directory to /data/sftp/test_username.
In the new version, the official website has provided a simple operation panel:
Access it directly on the local machine: http://127.0.0.1:8080, you can perform user creation, deletion, status viewing, and other operations in the web interface.
You can use the SFTP client FileZilla to test whether it can connect and upload normally.
—EOF—
Other documents and related configuration instructions: