Azure Storage: How To Deploy SFTP (Preview)
| SFTP (Secure File Transfer Protocol) is a network protocol through which we can transfer files in a secure manner. The usual port is 22 but, we can use change it and assign another if you want. |
In this post, we can read how to deploy an SFTP using an Azure Storage service. At the moment is in public preview and is not available in all regions but only on these.
Prerequisites
- A valid Azure subscription
- Register SFTP feature to your Azure Subscription
How to register the SFTP feature to the Azure subscription
There are several tools we can use in order to register the SFTP feature:
- Azure CLI
- Azure PowerShell
- Azure Cloud Shell
- Azure Portal
For demo purposes, we register SFTP via the Azure Cloud Shell (Bash).
$subscription = "########-####-####-####-############"
az account set --subscription $subscription
az feature show --namespace Microsoft.Storage --name AllowSFTP
az feature register --namespace Microsoft.Storage --name AllowSFTP
Create Azure Storage Account
Basics tab
On the first tab [Basics], select a Subscription, type a name, select a region that supports the SFTP on the Azure storage account, select Premium (Performance), Block Blobs (Premium Account Type), Local Redundancy (Redundancy) and click Next: Advanced >
**
**
Advanced Tab Select Enable hierarchical namespace, Enable SFTP and finally click Review + Create.
Note
For demo purposes, we will NOT make any other changes. The goal of this post is to learn the basic scenario, how to deploy and test the SFTP in the Azure Storage service.
SFTP Settings
The steps below are for the SFTP Settings.
Note
When we open SFTP at first, we MUST create a local user.
Add a local user
From the left-hand side blade, select Settings - SFTP
On the right side, click + Add local user.
Username + Authentication
Type a Username and select the Authentication method, currently, we selected the SSH Password, but we can also choose SSH Public Key.
Configure Container Permissions
In the Container permissions, select the container and then select the access permissions for the user.
After we have finished with the local user configuration, we click Add to finish and add the user to the list. A new window will display with the local user password. As the screenshot below shows, we can view or copy the password.
Connect to the SFTP
We can use several SFTP 3rd party clients to connect to the SFTP Azure storage account service, e.g. Bitvise SFTP, Putty, OpenSSH, WinSCP etc. For demo purposes, we have used Bitvise SFTP, as the screenshot below shows. For the Bitvise SFTP client, we type the Host name (sftpstorageaccountdemo.blob.core.windows.net), Username (sftpstorageaccountdemo.sftpuser), choose as Initial method "password", and paste the password we copied in the previous step.
On the left-hand side menu, click on New SFTP windows. The example below shows how to upload a file from the local drive to the SFTP Azure storage account
container.
The last screenshot shows how the storage account looks after uploading the TestFile.
See Also
- SSH File Transfer Protocol (SFTP) support for Azure Blob Storage (preview)
- Known issues and limitations
- How-To create an on-demand SFTP Server with a new Azure Files persistent storage
- How-To create an on-demand SFTP Server with an existing Azure Files persistent storage
- Connect to Azure Blob Storage by using the SSH File Transfer Protocol (SFTP) (preview)
- Register the feature (Azure Portal)