Configure FTP on AWS

The instructions vary a little depending on which distro you are using (Ubuntu, Amazon Linux, Centos, Redhat, etc.)

These are the steps I followed to set up the SFTP service on an Ubuntu 14.04 system a few weeks ago.

Create a group to limit access to FTP:

sudo addgroup ftpaccess

Ubuntu 14.04 already comes with openssh-server installed, if your system does not come, use: sudo apt-get install openssh-server.

Edit the file /etc/ssh/sshd_config. Look for this line:

#Subsystem sftp

And "strip it down", deleting the #. Look for this other line:

PasswordAuthentication no

And change it to:

PasswordAuthentication yes

Add the following to the end of the file:

Subsystem sftp internal-sftp
Match group ftpaccess
  ChrootDirectory /var/www
  X11Forwarding no
  AllowTcpForwarding no
  ForceCommand internal-sftp

Save the file. And restart Openssh with sudo service ssh restart.

Creating user with FTP access:

# criando usuario que não pode fazer login no sistema
sudo useradd -m myftpuser -g ftpaccess -s /usr/sbin/nologin
# escolhendo a senha desse usuário (o comando vai pedir para vc digitar a senha)
sudo passwd myftpuser
sudo chown myftpuser:ftpaccess /var/www

How we change the directory owner and group /var/www, we need to ensure that the web server also continues to have access. If you are using Apache, this should be enough:

sudo adduser www-data ftpaccess

With this setting, it should be easy to connect via SFTP using Filezilla or any other program. Example:

• User: myftpuser
• Password: the one you typed when you created the user
• Host: IP of your server
• Protocol: SFTP (important, different from simple FTP)
• Port: 22 (this is the default for SFTP)