In this article we are going to discuss how to configure Azure blob storage as sftp server. Knowing the fact that Azure blob is used as a massively scalable and secure object storage for cloud-native workloads. To check more details about the Azure Blob kindly check this URL.
Following are the steps we need to follow in order to configure Azure blob storage as sftp server.
1.Create storage account:First of all you need to have the storage account. If not you can create the new storage account. To create the storage account click on the “Microsoft Azure” on the top left corner once you logged into Azure portal. Then click on the “Create a resource” (with + sign) link.
2. In the next window type “storage account” and select the Storage account option to go ahead.
3. In the next window click on the “Create” button selecting “Storage account” option as below:
4. In the next window select “Subscription” & “Resource group” as per your azure account. Then give proper name to your storage account. In my demo I have used “mylraccount” as below in the screenshot. Also select proper region as per your requirement under region option.
5. In the Advanced tab tick mark the option “Enable hierarchical namespace” and also tick mark the “Enable SFTP” and “Enable network file system v3” Option. This selection necessary to configure Azure blob storage as sftp server.
6, Keep all the other options as default and click on the review button. Once review is completed click on the Create button.
7. System will respond with deployment progress message as below if everything goes fine.
8. After deployment is completed click on the “Go to resource” button.
9. In the next step select “Containers” under Data Storage in the left pane.
10. In the window click on the “+ container” option to create the container. Here container is nothing but the directory under which you are placing the objects or another directories.
11. Now give it a name to your container , Here i gave mydata as a name & click on create button.
You will see that “mydata” container got created as a result.
12. For the next step select “SFTP” option under settings menu and click on the “Add local user” option as below:
13. In the next step give the name to user . I am using demouser and select option SSH Password and click on the next button.
Under Container permissions options select the container “mydata” which we have created in the earlier step and select required permission as per your need and click on the “Add” button.
14. In the next step system will respond with password. Copy this to your safe location.
15. In the next step copy the connection string by clicking copy option available next to string under “Connection string”
16. Now to configure security rule click on the “Networking” option available under “Security + networking“. Then under Firewall you can select “Add your client IP address” or you can add additional IP’s to open up the connection from the. internet in the “Address range” box. After all IP’s added click on the save button to save the configuration from the top.
17. Now it’s time to connect to our sftp server. To connect the sftp server you need the connection string we captured in the 15 th step:
mylraccount.<CONTAINER_NAME>.demouser@mylraccount.blob.core.windows.net
In the above string replace the “CONTAINER_NAME” with “mydata” which is our container name so our connection string will be “mylraccount.mydata.demouser@mylraccount.blob.core.windows.net”
try connect with sftp client :
(base) ➜ ~ sftp mylraccount.mydata.demouser@mylraccount.blob.core.windows.net
The authenticity of host ‘mylraccount.blob.core.windows.net (20.209.0.229)’ can’t be established.
ECDSA key fingerprint is SHA256:ixDeCdmQOB9ROqdJiVdXyFVsRqLmJJUb2M4shrWj8gI.
This host key is known by the following other names/addresses:
~/.ssh/known_hosts:22: mylrstorageacct1121.blob.core.windows.net
~/.ssh/known_hosts:23: mylrstorage.blob.core.windows.net
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ‘mylraccount.blob.core.windows.net’ (ECDSA) to the list of known hosts.
mylraccount.mydata.demouser@mylraccount.blob.core.windows.net’s password:
Connected to mylraccount.blob.core.windows.net.
sftp>
when prompted select yes for “Are you sure you want to continue connecting” and enter the password captured in the step 14. For testing i have just upload sample file named “untitled.txt“.
Connected to mylraccount.blob.core.windows.net.
sftp> put untitled.txt
Uploading untitled.txt to /untitled.txt
untitled.txt 100% 0 0.0KB/s 00:00
sftp>
You can see that uploaded “untitled.txt” in our mydata container.
So this how we can configure Azure blob storage as sftp server.