Note: starting from 80.40, SFTP access is enabled by default

For all versions below, follow these steps to enable SFTP access for any user who does not use Clish cli.sh as the default shell:

1. Log in to Expert mode: HostName> expert

2. Backup the current SSHD configuration file:

   [Expert@HostName]# cp /etc/ssh/sshd_config /etc/ssh/sshd_config_ORIGINAL
   
   

3. Edit the current SSHD configuration file in Vi editor:

   [Expert@HostName]# vi /etc/ssh/sshd_config
   
   

4. Modify the current configuration using one of these two options:

   Note: For details, refer to "sshd_config" manual page - refer to "Subsystem" section.

   • Either modify in this way:

     from

     #Subsystem      sftp    /usr/libexec/openssh/sftp-server
     

     to

     Subsystem      sftp    /usr/libexec/openssh/sftp-server
     

   • Or modify in this way:

     from

     #Subsystem      sftp    /usr/libexec/openssh/sftp-server
     

     to

     Subsystem      sftp    internal-sftp
     

5. Save the changes and exit from Vi editor.
   
   

6. Restart the SSHD service:

   [Expert@HostName]# /etc/init.d/sshd restart

 

Notes:

• In addition to running the above procedure, you must also change the default shell of the selected user to /bin/bash by running "set user <username> shell /bin/bash" from CLISH. To make the change permanent, run "save config" from CLISH.
• To change the default shell back to CLISH, run "set user <username> shell /etc/cli.sh" from CLISH and make the change permanent by running "save config" from CLISH.
• Make sure to configure an explicit security rule for SSH access (to this Gaia machine) on the involved Security Gateway / Cluster. SFTP operates using SSH.

Related solutions:
sk52763 - Enabling SCP connectivity on SMB and Branch Office Appliances