Fully featured and highly configurable SFTP server
listen on port 2022 (services)
HTTP listen on 9063 (0.0.0.0)
config file : /opt/SFTPgo/sftpgo.json
log file : /opt/SFTPgo/sftpgo.log
Each account is chrooted to its home directory.
SFTP accounts are virtual accounts stored in a "data provider".
SQLite, MySQL, PostgreSQL, bbolt (key/value store in pure Go) and in-memory data providers are supported.
Public key and password authentication. Multiple public keys per user are supported.
SSH user certificate authentication.
Keyboard interactive authentication. You can easily setup a customizable multi-factor authentication.
Partial authentication. You can configure multi-step authentication requiring, for example, the user password after successful public key authentication.
Per user authentication methods. You can configure the allowed authentication methods for each user.
Custom authentication via external programs/HTTP API is supported.
Dynamic user modification before login via external programs/HTTP API is supported.
Quota support: accounts can have individual quota expressed as max total size and/or max number of files.
Bandwidth throttling is supported, with distinct settings for upload and download.
Per user maximum concurrent sessions.
Per user and per directory permission management: list directory contents, upload, overwrite, download, delete, rename, create directories, create symlinks, change owner/group and mode, change access and modification times.
Per user files/folders ownership mapping: you can map all the users to the system account that runs SFTPGo (all platforms are supported) or you can run SFTPGo as root user and map each user or group of users to a different system account (*NIX only).
Per user IP filters are supported: login can be restricted to specific ranges of IP addresses or to a specific IP address.
Per user and per directory file extensions filters are supported: files can be allowed or denied based on their extensions.
Virtual folders are supported: directories outside the user home directory can be exposed as virtual folders.
Configurable custom commands and/or HTTP notifications on file upload, download, pre-delete, delete, rename, on SSH commands and on user add, update and delete.
Automatically terminating idle connections.
Atomic uploads are configurable.
Support for Git repositories over SSH.
SCP and rsync are supported.
Support for serving local filesystem, S3 Compatible Object Storage and Google Cloud Storage over SFTP/SCP.
Prometheus metrics are exposed.
Support for HAProxy PROXY protocol: you can proxy and/or load balance the SFTP/SCP service without losing the information about the client's address.
REST API for users and folders management, backup, restore and real time reports of the active connections with possibility of forcibly closing a connection.
Web based administration interface to easily manage users, folders and connections.
Easy migration from Linux system user accounts.
Portable mode: a convenient way to share a single directory on demand.
Performance analysis using built-in profiler.
Configuration format is at your choice: JSON, TOML, YAML, HCL, envfile are supported.
Log files are accurate and they are saved in the easily parsable JSON format
TIP ME !!
Your gratitude and finance will help me to continue integration of this QPKG and maintain up to date versions.