SFTPGO can run SFTP, FTP, and WebDAV, and you can easily configure virtual chrooted users via a web browser.
In this post, I set up SFTPGO SFTP on Ubuntu 20.10 on a Hetzner auction server with 14 TB of SFTP storage. This tutorial also works for other Ubuntu 20.10 installations, just skip the part about installing Ubuntu 20.10 on a Hetzner server.
Activate the rescue system on the Hetzner Robot web page and install Ubuntu 20.10
You will now have a root password. When you reset the server with Reset – Send CTRL-ALT-DEL to the server you can log in and run installimage
Log in to the server running the rescue system
I use terminal on mac or Ubuntu on Windows
Choose “install ubuntu 20.10”. Since it is not an LTS release you can easily add the SFTPGO PPA repository later.
The default settings for this 4 x 6 TB HDD server is RAID level 6 where two hard drives are redundant. 2 TB for / and almost all of the rest for /home is the default. I changed to RAID level 5 so only one hard drive is redundant and set 1080G for / and 1080G for /home and the rest in /srv (14TB) for sftpgo to use.
Install Ubuntu by exiting the editor with F10 and finish the installer
Reboot the server
Log in to the server running
Check storage with df -h
Add a sudoer user
It is recommended to use a normal user that is part of the sudo group instead of using root.
sudo adduser newuser usermod -aG sudo newuser
Login in with the new sudo user
When you need to do something as root use sudo. Or su.
sudo apt update
sudo apt upgrade
Disable root ssh login and change ssh port (optional)
For security reasons it is common to change the default ssh port and disable root ssh login. If you leave the default port open you can install a brute force blocker like sshguard.
sudo apt install nano sudo nano /etc/ssh/sshd_config
Comment # PermitRootLogin to disable root login.
Change the port to 2222
Restart the sshd service
sudo systemctl restart sshd.service
Log in with the new port number
ssh firstname.lastname@example.org -p 2222
Change the firewall on the Hetzner server admin web site to use the alternative SSH port, SFTPGO SFTP port and web admin UI port
I edited the webserver firewall template to also accept ssh/sftp on port 2222, 2022 and http on 8080. You can remove access to the web interface in the firewall when it is not in use.
The easiest way to install SFTPGO is to add the SFTPGO PPA repository to Ubuntu 20.10. In 20.04 LTS it is not allowed by default to add PPA repositories.
sudo apt install software-properties-common
sudo add-apt-repository ppa:sftpgo/sftpgo
sudo apt install sftpgo
sudo systemctl status sftpgo
Open the SFTPGO web admin UI to the internet
Change the “httpd” “address”: “”127.0.0.1” to “httpd” “address”: “” in the sftpgo.json configuration file so you can access the web admin UI from the internet. You can also enable the built-in brute force defender if you change “defender” to “enabled”. It is also possible to enable HTTPS SSL/TLS encryption using certbot as I wrote about in this post.
sudo nano /etc/sftpgo/sftpgo.json
sudo systemctl restart sftpgo
Change the default admin password
Login to the web admin interface with a web browser with the username “admin” and the password “password”. Use the IP address of the server and port 8080. Like http://220.127.116.11:8080/
Change the default admin password.
Add a SFTPGO SFTP user
The minimum settings for a user are username, password and permissions like all * or download only. If the user is called user1 the default directory is /srv/sftpgo/data/user1. The user can only upload and download to this directory. User1 is not an actual user on the system and needs a home directory that the sftpgo user has access to like /srv. You can also choose to enable max connections, disk storage quota, max bandwidth, and more.
You can now connect to the SFTP server with Cyberduck or similar SFTP clients. I recommend using Cyberduck because it uses segmented downloads.
Connect to the SFTPGO SFTP server
Choose SFTP and port 2022 and username and password.
Try uploading and downloading. I get 22 MB/ sec downloading on a 200 mbit connection.
You can see which users are connecting and downloading when clicking on connections in the SFTPGO web admin UI.
Check CPU and memory usage on the server with htop
sudo apt install htop
SFTPGO uses a litte more CPU than the Openssh SFTP server. The server seems to handle it well.