Support Center > Search Results > SecureKnowledge Details
How to enable SFTP access on Gaia OS Technical Level
Solution

In release R80.40 and higher, SFTP access is enabled by default.

For release R80.30 and lower, do the following to enable SFTP access for each user who does not use Clish cli.sh as the default shell:

  1. Log in to Expert mode:

    HostName> expert

  2. Make a backup of the SSHD configuration file:

    [Expert@HostName]# cp /etc/ssh/sshd_config /etc/ssh/sshd_config_ORIGINAL

  3. Edit the SSHD configuration file in the Vi editor:

    [Expert@HostName]# vi /etc/ssh/sshd_config

  4. Modify the configuration using one of these two options:

    Note: For details, refer to the "sshd_config" manual page, in the "Subsystem" section.

    • Either modify in this way:

      from
      #Subsystem      sftp    /usr/libexec/openssh/sftp-server
      
      to
      Subsystem      sftp    /usr/libexec/openssh/sftp-server
      
    • Or modify in this way:

      from
      #Subsystem      sftp    /usr/libexec/openssh/sftp-server
      
      to
      Subsystem      sftp    internal-sftp
      
  5. Save the changes and exit the Vi editor.
  6. Restart the SSHD service:

    [Expert@HostName]# /etc/init.d/sshd restart

  7. Change the default shell of the selected user from Clish to /bin/bash as follows:
    1. From Clish, run:

      set user <username> shell /bin/bash

    2. To make the change permanent, run:

      save config

Notes:

  • To change the default shell back to CLISH, run "set user <username> shell /etc/cli.sh" from CLISH and make the change permanent by running "save config" from CLISH.
  • You must configure an explicit security rule for SSH access to this Gaia computer on the Security Gateway or Gateway cluster. SFTP operates using SSH.


Related solutions:
sk52763 - Enabling SCP connectivity on SMB and Branch Office Appliances

Applies To:
  • This SK replaces sk98147

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment