How to add and manage groups in SFTPGo
Jack Wallen walks you through the steps of managing groups and users with the secure FTP server SFTPGo.
After deploying a platform for storing and sharing files and directories, one of the first things you’ll want to do is start adding and managing groups. With groups, you can better control who has access to what without having to deal with it on a user-by-user basis. By using groups, you can add users who will inherit the permissions found in the group to make it more efficient.
But not all platforms are the same, and some require a little extra attention to work well. One such platform is SFTPGo. Although at first glance it looks like it should be very simple to manage users and groups, you have to put in the extra effort to make sure everything works.
Let me show you what I mean by walking you through the process of adding a group and then adding a user to that group.
SEE: 40+ open source and Linux terms you need to know (TechRepublic Premium)
What you will need
For this to work, you will first need a running instance of SFTPGo, which I detailed in How To Install SFTPGo STFP Server on Ubuntu 22.04. You will also need SSH access to the server where SFTPGo was installed and a user with sudo privileges.
How to Add Group and User in Linux
One of the caveats of using SFTPGo is that you can’t just add users and groups in the admin GUI and expect them to apply to the system. Yes, you can add groups and users in the SFTPGo GUI, but I’ve found that when you only create the users and groups in SFTPGo, they won’t actually exist on the hosting system, they will not work as expected.
In other words, for a user/group to work in SFTPGo, you need to create them on the Linux host as well. Here’s how.
How to Add a Group to Linux
SSH into your SFTPGo host as a user with sudo privileges, and add the new group as follows:
sudo addgroup GROUPNAME
Where GROUPNAME is the name of the group to add.
Once you have added the new group, you can then add a user to it. Before you can do that, you need to add the user to the system with the command:
sudo adduser USERNAME
Where USERNAME is the username.
Then you can then add a user to the group with the command:
sudo usermod -aG GROUP USERNAME
Where GROUP is the group name and USERNAME is the user name.
How to create a directory and add a group to it
The next caveat is that a directory must actually exist on the host system before it can be used. You can create the directory – either as a virtual directory or as a user’s home directory – in SFTPGo, but if that directory isn’t on the host system with the proper owner, it won’t do any good. utility for SFTPGo.
So let’s create a directory and then change ownership of the group. For example, suppose you have created a group named dev1 and then you want to create a directory named /developers and add the group dev1 as the owner. Here’s how:
- Create the directory with
sudo mkdir /developers.
- Change group ownership with
sudo chown -R .dev1 /developers.
Exceptional. Now, as long as a user is a member of the dev1 group, they will have access to the /developers directory.
Now we can head to SFTPGo and add these new users and groups.
How to add a group in SFTPGo
Before adding a user, let’s first add a group. To do this, log in to the SFTPGo admin panel as an admin user and navigate to Groups. In this window, click + to create a new group. In the new group creation window (Figure A), fill in the necessary information using the name of the group and the home directory of the group that we created earlier from the command line.
After filling in the necessary information, click Submit to save the group.
How to add a user in SFTPGo
Then go to View and manage users. In this window (Figure B) click + to add the new user.
In the resulting window (Figure C), fill in all the details of the new user.
Suppose you want the new user’s home directory to be the /developers directory you added. For this, you’ll want to first assign the user to the new group you’ve created – in this case, dev1 – then enter /developers as the new user’s home directory.
Once you have filled in the necessary information, scroll down and click submit to register the user.
At this point, any of your new users can log into SFTPGo through the web interface, their desktop file manager, or the command line and work with the folders they have permission to access.
It’s not exactly the easiest FTP server on the planet, but once you’ve set up the basics for users and groups, things should get considerably easier for you. Maybe in the builds of the numbers, the developers will make the users, groups, and folders created in the web UI actually mirrored in the host system to simplify the process. In the meantime, you now know how to get around this little flaw.
Subscribe to TechRepublic How to make technology work on YouTube for all the latest tech tips for professionals from Jack Wallen.