As an IT professional looking for SFTP Sever that helps transfer files securely can be frustrating, when you key the word “Free” this also leads to software that can be used for personal purposes only. This means that you cannot use the software itself for any business purposes even for a short amount of time. If you encountered the former, then you came to the right place because this blog will show how you can (your team) start building your own SFTP Server using the best Opensource library.
Apache Mina SSHD
Apache MINA SSHD is an open-source library for Java that supports the SSH version 2 protocol. This library supports both the client and server side for file transfer. Besides that, this is under Apache License 2.0 which is good for business usage as it is less restrictive and does not require you to open-source your project (if you want to stay closed-source).
Maven
<dependency>
<groupId>org.apache.mina</groupId>
<artifactId>mina-core</artifactId>
<version>2.0.23</version>
</dependency>
<dependency>
<groupId>org.apache.sshd</groupId>
<artifactId>sshd-core</artifactId>
<version>2.13.0-SNAPSHOT</version>
</dependency>Imports
import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.subsystem.sftp.SftpSubsystemFactory;Main code
var sshd = SshServer.setUpDefaultServer();
sshd.setHost("127.0.0.1");
sshd.setPort(22) // if linux try 2222;
sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider());
sshd.setPasswordAuthenticator((username, password, session) -> {
// can also set the based home dir
// fileSystemFactory.setDefaultHomeDir("C:/SFTPUsers");
if (username.equals("john") && password.equals("passwordSecret"))
{
VirtualFileSystemFactory fileSystemFactory = new VirtualFileSystemFactory();
// sample of mapping each user to desired root dir
fileSystemFactory.setUserHomeDir(username.toLowerCase(), "JohnRootDir");
sshd.setFileSystemFactory(fileSystemFactory)
return true;
}
});
sshd.start();Note. This is adapted from https://github.com/apache/mina-sshd/blob/master/docs/server-setup.md
Fun fact, Porta SFTP Server Free/Pro Edition is created in Java and uses the pure Java Apache Mina library..
AsyncSSH
AsyncSSH supports asynchronous client and server implementation of the SSH version 2 protocol and adapted the Python 3.6+ asyncio framework.
Sample Code
import asyncio, asyncssh, sys from typing import Optional
# user credentials collections
credentials = {'TestUser1': 'credentialsecret'}
def client_handler(process: asyncssh.SSHServerProcess) -> None:
process.stdout.write('Welcome to AsyncSSH server,' + process.get_extra_info('username') + '\n')
process.exit(0)
class SSHDServer(asyncssh.SSHServer):
def connection_made(self, con: asyncssh.SSHServerConnection) -> None:
# see the received information and its client address
print('Connection received from' + con.get_extra_info('peername')[0])
def password_auth_supported(self) -> bool:
return True #feel free to adjust
def begin_auth(self, username: str) -> bool:
return credentials.get(username) != ''
def connection_lost(self, exc: Optional[Exception]) -> None:
if exc:
print('Connection exception/error: ' + str(exc), file=sys.stderr)
else:
print('Connection closed.')
def validate_password(self, username: str, password: str) -> bool:
userPassword = credentials.get(username, '*')
return password == userPassword # check if match, feel free to use cryptography
async def start_server() -> None:
await asyncssh.create_server(SSHDServer, '', 22,
server_host_keys=['your_host_key'],
process_factory=client_handler)
proc = asyncio.get_event_loop()
try:
proc.run_until_complete(start_server())
except (OSError, asyncssh.Error) as exception:
sys.exit('Error occured when starting the server: ' + str(exception))
proc.run_forever()Note. Code adapted from https://asyncssh.readthedocs.io/en/latest/#simple-server
Another alternative for AsyncSSH is the Paramiko which only supports a single threaded processing by default. However, the two are very similar as both are made in Python programming language. An example of using SFTP Server with Paramiko can be located on its GitHub repo at https://github.com/paramiko/paramiko/blob/main/demos/demo_server.py.
SFTPGo
Probably one of the best today is the SFTPGo Server, which is good for business use. This open-source product has web-based administration by default and supports notable functionalities such as allowing you to make API calls for automation etc.
- Multiple protocols: SFTP, FTPS, HTTPS, WebDAV.
- Multiple storage backends: local filesystem, encrypted local filesystem, S3, Google Cloud Storage, Azure Blob Storage, and SFTP.
- Custom workflows based on server events or schedules.
- Multi-factor and multi-step authentication.
- Public key and password authentication. Multiple public keys per user are supported.
Note. To learn more about the SFTPGo go to https://github.com/drakkan/sftpgo.
Conclusion
So, this blog tackles one of the best Opens Source SFTP Server libraries and Software on the internet today. However, choosing the right product is still your (company’s) decision that aligns with the reason/s to have such an SFTP Server for file transfer or data exchange. That said, if your company is okay using such as Free and Opensource software (that may have limited support) then go for it, if not then look for other solutions that align with business compliance and its purpose in the long run.
