Jack Wallen walks you through the steps of managing groups and users with the SFTPGo secure FTP server.
After deploying a platform for the storing and sharing of files and directories, one of the first things you’ll want to do is start adding and managing groups. With groups, you can better control who has access to what without having to take care of it on a user-by-user basis. By employing groups, you can add users who will inherit the permissions found within the group so it’s more efficient.
But not every platform is the same and some do require a bit of extra attention to get right. One such platform is SFTPGo. Although on the surface, it looks as though it should be very simple to manage users and groups, you do have to go the extra mile to make sure it all works.
Let me show you what I mean by walking you through the process of adding a group and then adding a user to that group.
SEE: 40+ open source and Linux terms you need to know (TechRepublic Premium)
What you’ll need
To make this work, you’ll first need a running instance of SFTPGo, which I detailed in How to install the SFTPGo STFP server on Ubuntu 22.04. You’ll also need SSH access to the server SFTPGo was installed on and a user with sudo privileges.
How to add a group and user in Linux
One of the caveats to using SFTPGo is that you can’t simply add users and groups in the admin GUI and expect them to apply to the system. Yes, you can add groups and users within the SFTPGo GUI, but I’ve found when you only create the users and groups within the SFTPGo, they won’t actually exist on the hosting system, so they won’t work as expected.
In other words, in order for a user/group to function in SFTPGo, you must also create them on the Linux host. Here’s how.
How to add a group to Linux
SSH into your SFTPGo host as a user with sudo privileges, and add the new group like so:
sudo addgroup GROUPNAME
Where GROUPNAME is the name of the group to be added.
Once you’ve added the new group, you can then add a user to it. Before you can do that, you must add the user to the system with the command:
sudo adduser USERNAME
Where USERNAME is the name of the user.
Next, you can then add a user to the group with the command:
sudo usermod -aG GROUP USERNAME
Where GROUP is the group name and USERNAME is the user name.
How to create a directory and add a group to it
The next caveat is that a directory must actually exist on the host system before it can be used. You can create the directory — either as a virtual directory or a user’s home directory — in SFTPGo, but if that directory isn’t on the host system with the proper ownership, it won’t be of any use to SFTPGo.
So, let’s create a directory and then change the group ownership. Say, for instance, you’ve created a group named dev1 and you want to then create a directory named /developers and add the dev1 group as an owner. Here’s how:
- Create the directory with
sudo mkdir /developers.
- Change the group ownership with
sudo chown -R .dev1 /developers.
Outstanding. Now, as long as a user is a member of the dev1 group, they’ll have access to the /developers directory.
Now, we can head over to SFTPGo and add these new users and groups.
How to add a group in SFTPGo
Before we add a user, let’s first add a group. To do that, log into the SFTPGo admin panel as an admin user and go to Groups. In this window, click + to create a new group. In the new group creation window (Figure A), fill out the necessary information using the name of the group and the group’s home directory that we created earlier from the command line.
After filling out the necessary information, click Submit to save the group.
How to add a user in SFTPGo
Next, go to View and Manage Users. In that window (Figure B) click + to add the new user.
In the resulting window (Figure C), fill out all of the details for the new user.
Let’s say you want the new user’s home directory to be the /developers directory you added. For that, you’ll want to first assign the user to the new group you created — in this case, dev1 — and then enter /developers as the new user’s home directory.
Once you’ve filled out the necessary information, scroll down and click Submit to save the user.
At this point, any of your new users can log into SFTPGo via the web interface, their desktop file manager or the command line and work with the folders they have permission to access.
This isn’t exactly the simplest FTP server on the planet, but once you get the basics set up for users and groups, things should become considerably easier for you. Maybe, in figure releases, the developers will make it such that users, groups and folders created within the web UI will actually be reflected in the host system to simplify the process. In the meantime, you now know how to get around this minor shortcoming.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.