SFTP: Setting up SFTP on Google Cloud Platform (GCP)

Claire Lee
3 min readFeb 7, 2023

Creating a Virtual Machine Instance on Google Cloud Platform (GCP), adding users, and verifying SFTP connections through SSH or password access to the VM.

Set Up SFTP Server

1. Create a VM instance

GCP Compute Engine > VM Instance > CREATE INSTANCE
1

2. Set up instance name, region, zone and machine type(CentOS)

2

3. SSH into the VM instance

3

Login the VM Instance Remotely

<claire@sftp-server ~>: terminal on vm instance

<claire@local>: terminal on local workstation

Username and SSH key

  1. Create a new user
<claire@sftp-server ~> sudo adduser <USERNAME>

example:
<claire@sftp-server ~> sudo adduser test

2. Add ssh keys to instance metadata

  • create and open a new text file on your workstation
<claire@local> touch <KEY_FILE>

example:
<claire@local> touch sftp-server.txt
  • save key in following format
<USERNAME>:<KEY_VALUE>

KEY_VALUE: content in ~/.ssh/<USERNAME>.pub

  • add the ssh key to instance metadata
<claire@local> gcloud compute instances add-metadata <VM_NAME> 
--metadata-from-file ssh-keys=<KEY_FILE>


example:
<claire@local> gcloud compute instances add-metadata sftp-server
--metadata-from-file ssh-keys=sftp-server.txt

3. Access the sftp server from your terminal

<claire@local> sftp -i <PUBLIC_KEY> <USERNAME>@<VM_EXTERNAL_IP>

example:
<claire@local> sftp -i ~/.ssh/test.pub test@<VM_EXTERNAL_IP>

PUBLIC_KEY: ~/.ssh/<USERNAME>.pub

4. Confirm a successful SFTP server connection with the sftp> prompt in your terminal.

sftp>

Username and Password

  1. Create a new user and password
<claire@sftp-server ~> sudo adduser <USERNAME>
<claire@sftp-server ~> sudo passwd <USERNAME>

eneter and verify the password

2. Enable password authentication

Edit sshd_config file.

<claire@sftp-server ~> sudo vi /etc/ssh/sshd_config

Uncomment PasswordAuthentication yes and comment out PasswordAuthentication no.

original:
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication no

after:
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords no
#PasswordAuthentication no

3. Restart SSH service

<claire@sftp-server ~> sudo systemctl restart sshd

4. Connect to the sftp server from your terminal

<claire@local> sftp <USERNAME>@<VM_EXTERNAL_IP>

enter password

5. Confirm a successful SFTP server connection with the sftp> prompt in your terminal.

sftp>

Reference:

--

--