This post demonstrates how to create an SFTP Docker container from Atmoz using docker-compose.yml with the most straightforward configuration to allow for developers. Sometimes we can’t just install any FTP servers on our machines. It may be due to corporate policies, or we don’t have the permissions to do so. Also, some people don’t want their systems cluttered with seldomly used installed applications.
SFTP Docker Image
An SFTP Docker image by Atmoz is an easy-to-use SFTP (SSH File Transfer Protocol) server with OpenSSH. It runs openssh-server within the Docker container.
docker-compose.yml File For SFTP
The following is a docker-compose.yml file that uses the SFTP Docker image by Atmoz on DockerHub. It provides us the most basic configuration for our SFTP server. Therefore, we can still customize our Docker container further depending on our needs.
1 2 3 4 5 6 7 8 9 10 11 12 13 | version: "2.3" services: sftp: image: atmoz/sftp ports: - "9922:22" command: foo:pass:1001:12345:/foo-home networks: - turreta_network networks: turreta_network: driver: bridge |
To use this with Docker Compose, run the following commands in the same directory where the docker-compose.yml file is.
1 2 | docker-compose pull docker-compose up |
The following output is from the command-line window:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 | Removing karl_sftp_1 Recreating 6e42359e385a_karl_sftp_1 ... done Attaching to karl_sftp_1 sftp_1 | [/usr/local/bin/create-sftp-user] Parsing user data: "foo:pass:1001:12345:/foo" sftp_1 | [/usr/local/bin/create-sftp-user] Creating directory: /home/foo//foo sftp_1 | Generating public/private ed25519 key pair. sftp_1 | Your identification has been saved in /etc/ssh/ssh_host_ed25519_key. sftp_1 | Your public key has been saved in /etc/ssh/ssh_host_ed25519_key.pub. sftp_1 | The key fingerprint is: sftp_1 | SHA256:suMC4LVQHJWn5E2GMTG8rwM6FHn5dlnhzbMYEZ7OAUU root@3d4f69fe7008 sftp_1 | The key's randomart image is: sftp_1 | +--[ED25519 256]--+ sftp_1 | | ..+*=.oE. | sftp_1 | | o =o+oo. | sftp_1 | | o + B .+= | sftp_1 | |.+ + + .o+.+ | sftp_1 | |..= o o Soo o | sftp_1 | | o.o o * . . | sftp_1 | |. ..o = | sftp_1 | | o .+ . | sftp_1 | | . .o | sftp_1 | +----[SHA256]-----+ sftp_1 | Generating public/private rsa key pair. sftp_1 | Your identification has been saved in /etc/ssh/ssh_host_rsa_key. sftp_1 | Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub. sftp_1 | The key fingerprint is: sftp_1 | SHA256:jeyqDsr4tODr9q/QuN15ZCSvc2UkmJzzEh0fz0B2/HM root@3d4f69fe7008 sftp_1 | The key's randomart image is: sftp_1 | +---[RSA 4096]----+ sftp_1 | | .o.. | sftp_1 | | ..o.. | sftp_1 | | . = o = . | sftp_1 | | O = = o o E | sftp_1 | | B S . o | sftp_1 | | o . * o | sftp_1 | |.oo. = + | sftp_1 | |+=+o.o.+ | sftp_1 | |=B===== | sftp_1 | +----[SHA256]-----+ sftp_1 | [/entrypoint] Executing sshd sftp_1 | Server listening on 0.0.0.0 port 22. sftp_1 | Server listening on :: port 22. |
When you close the command-line window, it also terminates the SFTP server. If you don’t want that, use the -d option. For example:
1 | docker-compose up -d |
If you encounter errors that prevent you from using the initially specified port number, change to a different port.
The following shows some details about the Docker image and container.
1 2 3 4 5 6 7 | C:\Users\abc>docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3d4f69fe7008 atmoz/sftp "/entrypoint foo:pas…" 3 minutes ago Up 3 minutes 0.0.0.0:9922->22/tcp karl_sftp_1 C:\Users\abc>docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE atmoz/sftp latest 6345f82053c6 14 months ago 190MB |
Testing SFTP With FileZilla Client
For testings, you can use any FTP client that works with SFTP. This post uses the FileZilla client. As shown below, we specified the host as sftp://127.0.0.1 using the username, password, and port number specified in the docker-compose.yml and configured for the Docker Atmoz container.
Note that the root directory is read-only. You can’t create sub-directories directly under /. Also, you can’t delete the foo directory. Only the /foo, for this configuration, is writable.
This post is part of the Docker For Developers tutorial.
