SFTP (Secure File Transfer Protocol) is a network protocol through which we can transfer files in a secure manner. The usual port is 22 but, we can use change it and assign another if you want.


 In this post, we can read how to deploy an SFTP using an Azure Storage service. At the moment is in public preview and is not available in all regions but only on these.

Prerequisites

  • A valid Azure subscription
  • Register SFTP feature to your Azure Subscription

How to register the SFTP feature to the Azure subscription

There are several tools we can use in order to register the SFTP feature:
  • Azure CLI
  • Azure PowerShell
  • Azure Cloud Shell
  • Azure Portal
For demo purposes, we register SFTP via the Azure Cloud Shell (Bash).

$subscription = "########-####-####-####-############"
 
az account set --subscription $subscription
 
az feature show --namespace Microsoft.Storage --name AllowSFTP
 
az feature register --namespace Microsoft.Storage --name AllowSFTP



Create Azure Storage Account

Basics tab


 On the first tab [Basics], select a Subscription, type a name, select a region that supports the SFTP on the Azure storage account, select Premium (Performance), Block Blobs (Premium Account Type), Local Redundancy (Redundancy) and click Next: Advanced >




Advanced Tab Select Enable hierarchical namespace, Enable SFTP and finally click Review + Create.

  Note
For demo purposes, we will NOT make any other changes. The goal of this post is to learn the basic scenario, how to deploy and test the SFTP in the Azure Storage service.



SFTP Settings

The steps below are for the SFTP Settings.

  Important
When we open SFTP at first, we MUST create a local user.


Add a local user


 From the left-hand side blade, select Settings - SFTP



On the right side, click + Add local user.

Username + Authentication


Type a 
Username and select the Authentication method, currently, we selected the SSH Password, but we can also choose SSH Public Key.




Configure Container Permissions


 In the Container permissions, select the container and then select the access permissions for the user.



After we have finished with the local user configuration, we click Add to finish and add the user to the list. A new window will display with the local user password. As the screenshot below shows, we can view or copy the password.



Connect to the SFTP

We can use several SFTP 3rd party clients to connect to the SFTP Azure storage account service, e.g. Bitvise SFTP, Putty, OpenSSH, WinSCP etc. For demo purposes, we have used Bitvise SFTP, as the screenshot below shows. For the Bitvise SFTP client, we type the Host name (sftpstorageaccountdemo.blob.core.windows.net), Username (sftpstorageaccountdemo.sftpuser), choose as Initial method "password", and paste the password we copied in the previous step.



On the left-hand side menu, click on New SFTP windows. The example below shows how to upload a file from the local drive to the SFTP Azure storage account
container.



The last screenshot shows how the storage account looks after uploading the TestFile.


   

See Also