SFTP (Secure File Transfer Protocol) is a network protocol through which we can transfer files in a secure manner. The usual port is 22 but, we can use change it and assign another if you want.

In this post, we can read how to deploy an SFTP using an Azure Storage service. At the moment is in public preview and is not available in all regions but only on these.

Prerequisites

• A valid Azure subscription
• Register SFTP feature to your Azure Subscription

How to register the SFTP feature to the Azure subscription

There are several tools we can use in order to register the SFTP feature:

• Azure CLI
• Azure PowerShell
• Azure Cloud Shell
• Azure Portal

For demo purposes, we register SFTP via the Azure Cloud Shell (Bash).

$subscription = “########-####-####-####-############” az account set –subscription $subscription az feature show –namespace Microsoft.Storage –name AllowSFTP az feature register –namespace Microsoft.Storage –name AllowSFTP

Create Azure Storage Account

Basics tab

On the first tab [Basics], select a Subscription, type a name, select a region that supports the SFTP on the Azure storage account, select Premium (Performance), Block Blobs (Premium Account Type), Local Redundancy (Redundancy) and click Next: Advanced >

Advanced Tab

Select Enable hierarchical namespace, Enable SFTP and finally click Review + Create.

For demo purposes, we will NOT make any other changes. The goal of the post is to learn the basic scenario, how to deploy and test the SFTP feature.

SFTP Settings

The steps below are for the SFTP Settings.

When we first open SFTP, we MUST create a local user.

Add a local user

From the left-hand side blade, select Settings – SFTP

On the right side, click + Add local user.

Username + Authentication

Type a Username and select the Authentication method, currently, we selected the SSH Password, but we can also choose SSH Public Key.

Configure Container Permissions

In the Container permissions, select the container and then select the access permissions for the user.

After we have finished with the local user configuration, we click Add to finish and add the user to the list.

A new window will display with the local user password. As the screenshot below shows, we can view or copy the password.

Connect to the SFTP

We can use several SFTP 3rd party clients to connect to the SFTP Azure storage account service, e.g. Bitvise SFTP, Putty, OpenSSH, WinSCP etc. For demo purposes, we have used Bitvise SFTP, as the screenshot below shows.

For the Bitvise SFTP client, we type the Host name (sftpstorageaccountdemo.blob.core.windows.net), Username (sftpstorageaccountdemo.sftpuser), choose as Initial method “password”, and paste the password we copied in the previous step.

On the left-hand side menu, click on New SFTP windows. The example below shows how to upload a file from the local drive to the SFTP Azure storage account container.

The last screenshot shows how the storage account looks after uploading the TestFile.

 

See Also

• SSH File Transfer Protocol (SFTP) support for Azure Blob Storage (preview)
• Known issues and limitations
• How-To create an on-demand SFTP Server with a new Azure Files persistent storage
• How-To create an on-demand SFTP Server with an existing Azure Files persistent storage
• Connect to Azure Blob Storage by using the SSH File Transfer Protocol (SFTP) (preview)
• Register the feature (Azure Portal)