Recently, I posted a tutorial on deploying SFTPGo. During my work with this platform, I discovered that if you decide to venture beyond the realm of the default virtual folders, things get a bit complicated and you have to not only add users and groups to SFTPGo but also to the Linux system. This doubles the amount of work you have to do, and if you’re dealing with a lot of users, this can get problematic.
I you opt to keep your users within their virtual folders, this isn’t a problem. But for my purposes, I need to be able to share folders outside of /srv/sftpgo.
If you don’t want to have to jump through the same hoops I did, I have a quick fix for you. Let me show you how it’s done.
SEE: 40+ open source and Linux terms you need to know (TechRepublic Premium)
What you’ll need
To make this change, you’ll need a running instance of SFTPGo and SSH access to the hosting service using an account with sudo privileges. That’s it: Let’s make some magic.
How to make this change
By default, SFTPGo runs as a dedicated user. This is done for added security so the service can only write to locations to which the controlling user has access.
If we circumvent this default configuration, are we opening ourselves up to problems? Of course. So if you don’t trust your network, you might think twice about doing this. But if you need simplicity and have a reliable security team that has worked hard to lock down your network, this change will make your life a bit easier.
To make this change, what we’re going to do is reconfigure the SFTPGo systemd service to run as the root user instead of the sftpgo user. To make this change, we’re going to use the systemctl edit tool to edit the file. For that, log into your hosting server via SSH and issue the command:
sudo systemctl edit sftpgo.service
In that file, add the following lines:
[Service]
User=root
Group=root
Save and close the file.
Restart the SFTPGo service with the command:
sudo systemctl restart sftpgo
At this point, SFTPGo is running as the root user and you should no longer have to jump through all of the hoops I did to get it working otherwise.
One thing to keep in mind when connecting to your SFTPGo server from either your file manager (such as Nautilus) or an application like FileZilla: SFTPGo uses port 2022, so when you connect, you’ll want to make sure to use that port and not the standard port 22. I’ve tested this in both the GNOME File Manager app and FileZilla, and it works like a champ. Make sure, however, when attempting to connect with FileZilla that your host is in the form sftp://SERVER, where SERVER is the IP address of the SFTPGo server.
The lesson here is the best way to use SFTPGo is the suggested method and have your users work within the SFTPGo web UI. If you go that route, you’ll find SFTPGo to be a great little SFTP server for your company.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.