Running an SFTP (Secure File Transfer Protocol) server can be tricky, especially if you’re not familiar with server administration (like me). But Docker makes it incredibly simple to get an SFTP server up and running in just a few steps.
For the past few months I have been working on fintech services interacting with bank API’s, which led me to using SFTP for a task.
After I went through some articles on internet on how to setup sftp server locally, I felt really overwhelmed.
The next idea that came to my mind was is it possible to setup a sftp server through docker and I ended up on this github repository atmoz
Let’s start from the start!
SFTP stands for Secure File Transfer Protocol. It is a safe way to transfer files over a network.
SFTP is based on the Secure Shell (SSH) protocol, which encrypts the data being transferred. This means when you transfer files using SFTP, they remain secure and cannot be seen by anyone trying to snoop on them.
Docker allows you to package an application and its dependencies into a container, which can run consistently across different environments.
This means you don’t have to worry about installing and configuring the SFTP server software yourself – Docker takes care of it all for you.
version: '3.7'
services: sftp: image: atmoz/sftp volumes: - ./files:/home/files/upload - ./ssh/ssh_host_ed25519_key.pub :/home/files/.ssh/keys/ssh_host_ed25519_key.pub :ro - ./ssh/ssh_host_rsa_key.pub :/home/files/.ssh/keys/ssh_host_rsa_key.pub :ro ports: - "2222:22" command: files:kiaev6:1001 networks: - sftp
networks: sftp:Here’s a breakdown of the configuration:
atmoz/sftp) that will be used to run the SFTP server.<host-dir>/upload directory on the host machine to /home/foo/upload directory inside the container. This means that files placed in <host-dir>/upload on the host will be accessible in /home/foo/upload within the container.2222 on the host to port 22 inside the container. It means you can connect to the SFTP server on port 2222 from your host machine.1001) for the SFTP user within the container.
foo: This is the username (foo) for the SFTP user.pass: This would typically be the password associated with the user (foo), although in practice, it's recommended to use more secure authentication methods like SSH keys.1001: This is the UID (User ID) assigned to the user (foo) within the container. User IDs in Docker containers are often mapped to specific numeric values for file permissions and user management purposes.files and ssh directories:mkdir -p files sshssh directory:ssh-keygen -t ed25519 -f ./ssh/ssh_host_ed25519_keyssh-keygen -t rsa -b 4096 -f ./ssh/ssh_host_rsa_keyTwo key got me wondering why we need two different SSH host keys (ed25519 and RSA). This is to ensure compatibility with different SSH clients and implementations.
Some older clients may only support the RSA algorithm, while modern clients support the more secure ed25519 algorithm.
Having both keys allows the SFTP server to negotiate the most secure algorithm supported by both the client and server during the SSH handshake process. It also facilitates key rotation and algorithm agility for better security.
docker-compose upYou can connect to the SFTP server using an SFTP client like FileZilla or the command-line sftp utility. Using the command:
sftp -P 2222 files@localhostenter the password when prompted.
Once connected change the directory to where your file is and use the get command to download the file:
get data.csvreplace data.csv with the file that you want to download.
With Docker, setting up an SFTP server is as simple as writing a few lines of configuration and running a couple of commands. No more manual server configuration or complex setups – just a hassle-free way to spin up an SFTP server whenever you need it.
Thank you for reading this blog.