To upgrade existing packages, run the following command. This does not install any new packages.

sudo apt update

Next install openssl-server. It is not installed by default on ubuntu desktop edition.

sudo apt install openssh-server

Create a shared FTP directory

sudo mkdir /path/to/sftp_shared

Set the permission to this folder

sudo chown root:sftp_users /path/to/sftp_shared

n

sudo chmod 770 /path/to/sftp_shared

Add a new user

sudo adduser --shell /usr/bin/nologin --ingroup sftp_users --home /path/to/sftp_shared/ --disabled-password 

OR

sudo adduser --shell /bin/false sftpuser

OR

sudo adduser 

Create a new group

addgroup sftp_users

Add users to a this group

sudo usermod -aG sftp_users 

Modify the SSH config. Open the ssd_config file in nano text editor

sudo nano /etc/ssh/sshd_config

Add the following lines to the bottom of the file

# Enable SFTP subsystemnSubsystem sftp internal-sftpnn# Match block for SFTP usersnMatch Group sftp_usersn    ChrootDirectory /path/to/sftp_sharedn    ForceCommand internal-sftpn    X11Forwarding non    AllowTcpForwarding no

Now restart the ssh service for changes to take effect

sudo service ssh restart

Troubleshooting

sudo tail -f /var/log/auth.log | grep sftp

nn

Tip: ChrootDirectory

n

Specifies the pathname of a directory to chroot(2) to after authentication. All components of the pathname must be root-owned directories that are not writable by any other user or group. After the chroot, sshd(8) changes the working directory to the user’s home directory.