Note:

Simplify Secure File Transfer with SFTPGo and Oracle Cloud Infrastructure Object Storage

Introduction

In an increasingly interconnected world, the need for secure and efficient file transfer solutions has become paramount. Whether it’s sharing sensitive data, collaborating on projects, or automating workflows, a reliable Secure File Transfer Protocol (SFTP) server can streamline these processes while ensuring data integrity and confidentiality. When it comes to leveraging the power of the cloud for such tasks, Oracle Cloud Infrastructure (OCI) stands out as a robust platform.

SFTPGo, an open-source SFTP server, provides a flexible foundation for managing file transfers, while Oracle Cloud Infrastructure Object Storage offers an efficient and scalable solution for storing and retrieving data.

Objectives

Prerequisites

Task 1: Enable S3 compatible API

Make sure you have S3 compatibility API enabled in your tenancy. For more information, see Object Storage Amazon S3 Compatibility API.

Task 2: Generate secret keys

Follow this documentation for generating secret keys. Keep the generated secret and access keys safe. We will require them in a later step.

Task 3: Create a Bucket

Create a bucket in the S3 compatible compartment you selected in Task 1.

Task 4: Set up SFTPGo on an OCI Instance

SFTPGo is fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. Supported storage backends: local filesystem, encrypted local filesystem, Object Storage and is open source SFTPGo.

Create a new Virtual Machine and install and set up SFTPGo on this machine.

Note: You can choose to setup SFTPGo either on a Linux or on a Windows machine.

Once installed, you must log in to the admin portal and configure the Admin user account. Then you can log in using admin credentials and start setting up user accounts.

Admin Login

Task 5: Add Users in SFTPGo

  1. Select Users from the navigation menu and click Plus button.

    Manage Users

  2. Configure the username and password for the user.

    Add User

Task 6: Configure Oracle Object Storage for the User

  1. On the Add user page, select Storage as S3 Compatible.

    S3 Compatible

  2. Leave the Home Dir field blank.

  3. In the Bucket field, provide the Bucket Name.

  4. In the Region field, provide the Region you want to use.

  5. In the Access Key field, paste the Access key generated in Task 2.

  6. In the Secret Key field, paste the Secret key generated in Task 2.

  7. In the Endpoint field, paste the OCI S3 compatible url: https://{namespace}.compat.objectstorage.{region}.oraclecloud.com

    Note: Replace your namespace and region in the above mentioned url.

    You can also assign a folder in a bucket to a single user using the key_prefix option. Only the bucket assigned to the user is accessible to the user.

    Bucket Config

  8. Enable Use path-style addressing, i.e., endpoint/BUCKET/KEY at the bottom of the section.

    Bucket Config

  9. Submit and save.

Task 7: Log in with the created user details and Verify

Log in as the user you just created, and verify that you homepage lists the content of the bucket.

List Bucket

Task 8: Verify using SFTP protocol

  1. Log in using SFTP protocol by running the below sftp command. Replace the username, instance_ip and sftp port.

    sftp -P {sftp_port} {username}@{instance_ip}

  2. Run the ls command and you should see the contents of your assigned bucket.

    sftp

Note: Ensure the sftp port is open for ingress in Oracle Cloud virtual network security list.

Acknowledgments

Author - Mayank Kakani (OCI Cloud Architect)

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.