This page shows how to install a SFTP server on a CentOS 6 64-bit machine so that you can connect to it using a SFTP client like FileZilla.

Notice that this is not the same as FTPS (which uses SSL) and it is not FTP (plain old FTP). SFTP is FTP running over an SSH connection. Since CentOS 6.4 already has SSH server installed, all we have to do is configure the SSHD process to allow FTP over SSH.

You must have a CentOS machine already set up in accordance with the the “Install CentOS 6” guide.

Assuming that the root ftp directory that will have all the ftp targets in it. In this example, we will setup a user called testuser.

groupadd sftpusers
groupadd sftp
useradd -d /home/sftp -g sftp sftp
echo "sftp:new_password" | chpasswd

Add test account.

NEW_USERNAME=testuser
mkdir -p /opt/ftpdata/$NEW_USERNAME/$NEW_USERNAME
useradd -d /opt/ftpdata/$NEW_USERNAME/ -s /bin/false -g sftpusers -G sftp $NEW_USERNAME
echo "$NEW_USERNAME:new_password" | chpasswd
passwd 
chown $NEW_USERNAME:sftp /opt/ftpdata/$NEW_USERNAME/$NEW_USERNAME
chown root:sftp /opt/ftpdata/$NEW_USERNAME/
chmod g+w /opt/ftpdata/$NEW_USERNAME/$NEW_USERNAME

Open up /etc/ssh/sshd_config

Comment out the following line in

#  Subsystem sftp /usr/lib/openssh/sftp-server

Replace it with this line:

Subsystem sftp internal-sftp

Then add the following set of lines to the very bottom of the file:

cat << EOF >> /etc/ssh/sshd_config
Match Group sftpusers
PermitRootLogin no
ChrootDirectory /opt/ftpdata/%u
X11Forwarding no
AllowTCPForwarding no
ForceCommand internal-sftp
EOF

su -
service sshd restart

chcon -Rv --type=httpd_sys_content_t /opt/ftpdata

Then reboot the server.