If you are an administrator and you create an SFTP user, you will get a username and a password. The user can access the SFTP server with those credentials. However, creating an SFTP user with SSH key can enhance security and reduce the risk of unauthorized access or data breaches. In this article, I will show you how to create a new SFTP user with a new SSH key in Ubuntu.
Key Takeaways
- Creating a User.
- Setting up an SFTP server.
- Generating SSH keys in the server and copying the private key to the client.
- Generating SSH keys in the client and copying the public key to the server.
- Accessing a server with SSH key pairs.
- Enabling Public Key authentication.
Requirements
- A server computer (Ubuntu installed in VMWare Workstation).
- A client computer (Ubuntu installed in Windows Subsystem for Linux).
- Internet Connection.
Process flow chart to create a new SFTP user in Ubuntu with a new SSH Key:
Distro Used Throughout the Tutorial: Ubuntu 22.04.1 LTS
Watch to Create a New SFTP User in Ubuntu with a New SSH Key
3 Steps of How to Create a New SFTP User with A New SSH Key in Ubuntu
Here I will show you how to create a new SFTP user with new SSH keys in Ubuntu with 3 simple steps.
Step 01: Create a User in Ubuntu
In the beginning, I will create a user by the name of “sftp_user” in the server. I will use the adduser command here. Moreover, to know more about creating users, follow this article.
Steps to Follow >
➊ First launch a Ubuntu Terminal in the server.
❷ Now insert the following command to create a user:
sudo adduser sftp_user
- sudo: Grants root privileges.
- adduser: Creates a new user.
- sftp_user: Name of the user.
❸ Give your password.
❹ Then set a password for the user.
❺ Retype the password.
❻ Provide additional information or keep pressing ENTER to skip.
❼ Finally, write “Y” to complete the process.At the end of this step, you will have a user named “sftp_user” on the server.
Step 02: Setup SFTP Server in Ubuntu
Now I will create an SFTP server. I will install the “OpenSSH” package for that purpose. However, there are other packages available as well.
Steps to Follow >
➊ Copy the following command on the terminal to update Ubuntu:
sudo apt-get update
- sudo: Grants root privileges.
- apt-get update: Updates the local repository.
sudo apt-get install openssh-server
- sudo: Grants root privileges.
- apt-get install: Install a given package.
- openssh-server: Allows to set up an SSH server.
sudo ufw allow ssh
- sudo: Grants root privileges.
- ufw: Firewall of Ubuntu.
- allow: Allows incoming traffic on a given port.
- ssh: Denotes port 22.
sudo systemctl restart ssh
sudo systemctl status ssh
- sudo: Grants root privileges.
- systemctl: Is used to control system services.
- restart: Restarts a service.
- status: Shows status of a service.
- ssh: Name of the ssh service.
❺ At last, insert the command below and press ENTER to find the IP address of the server:
ifconfig
- ifconfig: Displays network interface parameters including IP address.
Note: If your system doesn’t contain “ifconfig”, use the command below to install it:
sudo apt-get install net-tools
- How to Create a Jenkins User on Ubuntu? [2 Methods]
- How to Create MySQL User in Ubuntu? [2 Cases]
- Create User Without Home Directory in Ubuntu in Just 3 Steps
- How to Create a User in Docker Container Without Docker File?
Step 03: Generate SSH Key in Ubuntu
SSH key pairs are used to authenticate a client to a server. And, it consists of two keys- a public key and a private key. In general, the public key stays on the server, and the private key is on the client computer. In addition, to know more about SSH keys, follow the example of this article.
A. Generate SSH keys in the Server
In this method, I will create keys in the server and then transfer the private key to the client.
Steps to Follow >
❶ At first, switch user by the following command:
su - sftp_user
- su: Switches user.
- sftp_user: Name of the user.
ssh-keygen -b 4096
- ssh-keygen: Generates SSH key pairs.
- -b: Specifies the number of bits.
- 4096: The number of bits. It provides a high level of security.
Note: You can provide the filename and path or press ENTER skip. Remember, the path should be the absolute path. Moreover, you can set a passphrase or press ENTER skip.
❸ (Optional) To view the SSH key pairs, use the command below:
ls .ssh
- ls: Lists the content of a directory.
- .ssh: A hidden folder in the home directory that stores keys and configuration files by default.
- id_rsa: Private key.
- id_rsa.pub: Public key.
❹ Then copy the following command to append the public key to the “authorized_keys” file:
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
- cat: Shows the content of a file.
- ~/.ssh/id_rsa.pub: Path of the public key.
- >>: Appends the content of the “pub” file at the end of the “authroized_keys” file.
- ~/.ssh/authorized_keys: Path of the “authorized_keys” file.
chmod 700 ~/.ssh
- chmod: Changes permissions.
- 700: Reading, writing and executing permissions for only the User.
- ~/.ssh: Path of the .ssh folder where the SSH keys and “authorized_keys” file is stored by default.
mkdir .ssh
- mkdir: Creates a directory.
- .ssh: Path of the .ssh directory.
Note: There might already be a .ssh directory. In that case, no need to create a new one.
sudo chmod 700 ~/.ssh
- sudo: Grants root privileges.
- chmod: Changes permissions.
- 700: Reading, writing and executing permissions for only the User.
- ~/.ssh: Path of the .ssh folder where the SSH keys and “authorized_keys” file is stored by default.
Note: You may need to provide the password.
Syntax > scp [OPTION]... USERNAME@IP_ADDRESS:SOURCE DESTINATION
scp [email protected]:~/.ssh/id_rsa ~/.ssh
- scp: Securely transfers between two computers.
- sftp_user: Name of the user.
- 168.0.52: IP address of the server.
- ~/.ssh/id_rsa: Location of the private key in the server.
- ~/.ssh: Destination of the private key in the client.
Note: Give the password associated with the user.
❾ Finally, delete the private key from the server by the command below:
rm ~/.ssh/id_rsa
You should be able to access the server with public-private key pairs now, go to this section to know how.
B. Generate SSH Keys in the Client Computer in Linux
In this method, I will create keys in the client and then transfer the public key to the server.
Steps to Follow >
❶ Open an Ubuntu Terminal on the client computer.
❷ Now write the following command to generate keys:
ssh-keygen -b 4096
- ssh-keygen: Generates SSH key pairs.
- -b: Specifies the number of bits.
- 4096: The number of bits. It provides a high level of security.
❸ Give key name and absolute path or press ENTER to skip.
❹ Set a passphrase or hit ENTER to skip. If you don’t give a key name, the keys will go like id_rsa(private key) and id_rsa.pub (public key) and they will be saved in the default (/home/walid/.ssh/) directory.
❺ (Optional) Copy the command below to view the keys:
ls ~/.ssh
- ls: List contents of a directory.
- ~/.ssh: Path of the .ssh folder.
ssh-copy-id [email protected]
- ssh-copy-id: Installs SSH key on a remote server as an authorized key.
- sftp_user: Name of the user.
- 168.0.52: IP address of the server.
❼ Type “Yes” to confirm.
❽ Then provide the password associated with the user.❾ Now delete the public key from the client by using the command below:
rm ~/.ssh/id_rsa.pub
- rm: Removes files and directories.
- ~/.ssh/id_rsa.pub: Path of the public key in the client computer.
- How to Create an FTP User in Ubuntu? [Step-by-Step]
- How to Create a Root User in Ubuntu [Step-by-Step]
- How to Create Group and Add User in Ubuntu? [2 Cases]
- Create FTP User for Specific Directory in Ubuntu [4 Steps]
Comparative Analysis of Methods to Create a New SFTP User in Ubuntu with a New SSH Key
Here I have listed the pros and cons of the two methods – generate the SSH key in the server and generate the SSH key in the client.
Methods | Pros | Cons |
---|---|---|
Creating Keys in Server |
|
|
Creating Keys in Client |
|
|
How to Use SSH Key in SFTP?
In the main process, I have shown you how to create a new SFTP user with a new ssh key in Ubuntu. Now I will access the SFTP server with them.
Steps to follow >
➊ Launch an Ubuntu Terminal in the client computer first.
➋ Now write the following command to connect to the server:
sftp [email protected]
- sftp: Transfers files securely using SSH protocol.
- sftp_user: Name of the user.
- 192.168.0.52: IP address of the server.
❸ provide the passphrase (if any).
❹ Finally, press the ENTER key from the keyboard. If you have done everything according to this article, you should see something like “Connected to 192.168.0.52” and “sftp>”.
- How to Create Multiple Users in Linux? [2 Methods]
- Create a User in Ubuntu as Read-Only Access to Log Folder
- How to Create User Account in Ubuntu with Public Key
- Create A User in Ubuntu that Runs a Script and Logs Out [4 Steps]
Enable SFTP Authentication With Public Key in Linux
Public key authentication enables a user to log into a server without a password. However, you may need to edit the “sshd_config” file for that purpose. Do the following to configure the server for pubic key authentication:
❶ First press CTRL+ALT+T to open an Ubuntu Terminal in your server.
❷ Then insert the command below to open the sshd_config file:
sudo nano /etc/ssh/sshd_config
- sudo: Grants root privileges.
- nano: Opens a file in the Nano text editor.
- /etc/ssh/sshd_config: Path of the “sshd_config” file.
PubkeyAuthentication yes
- PubkeyAuthentication: Is used to enable and disable public key authentication.
❹ Now press CTRL+O and ENTER to save; CTRL+X to exit.❺ Finally, copy the following command to restart the server:
sudo systemctl restart ssh
- sudo: Grants root privileges.
- systemctl: Manages system services.
- restart: Restarts a service.
- ssh: SSH service.
Conclusion
In this article, I have tried to show you how to create a new SFTP user in Ubuntu with a new SSH key in the best way possible. I have also added multiple methods if necessary. I hope this article was helpful to you.
People Also Ask
Relaed Articles
- How to Create User and Add to Sudo in Ubuntu? [2 Methods]
- 2 Ways to Create a User With Access to a Drive in Ubuntu
- How to Create a New User in Ubuntu by GUI? [Step-by-Step]
- 2 Ways to Create User Account in Ubuntu Using Terminal
- How to Create Home Directory for Existing User in Ubuntu
- Create User with UID and GID in Ubuntu? [3 Scenarios]
- How to Create a Sudo User in Ubuntu? [Step-by-Step]
FUNDAMENTALS A Complete Guide for Beginners