Setup an Ubuntu VM as SFTP Server for NSX-T backup

animesh41

In this blog, I will be setting up an Ubuntu Virtual Machine  as a SFTP Server for NSX-T config backups.

  • Set an Ubuntu Server , I used the below release

animeshd@sftp:~$ lsb_release -a

Distributor ID: Ubuntu
Description: Ubuntu 18.04 LTS
Release: 18.04
Codename: bionic

  • Installed VMware tools on the Ubuntu machine.
  • Install latest updates to the Ubuntu Machine using : sudo apt-get update (assume internet access is there)
  • Next , Install an Openssh Server using : sudo apt install openssh-server

check the status of ssh – running

sftp1

Next, using putty ssh to the server, and take the backup of /etc/ssh/sshd_config file.

In the current example, I took a backup of the file under the tmp directory as /tmp/sshd_backup.

sftp2

As the original file is read only, use chmod 777 against the /etc/ssh/sshd_config file to edit it. Use an editor of your choice on the system, I used Nano editor to the open the file for editing.

  • Edit the ListenIPaddress and add the IP of the local machine.

sftp3

  • Then change X11Forwarding no   (change from ‘yes’), and then add the overriding settings as per the screenshot below.

sftp4

Here’s what each of those directives do:

  • Match User tells the SSH server to apply the following commands only to the user specified.
  • ForceCommand internal-sftp forces the SSH server to run the SFTP server upon login.
  • PasswordAuthentication yes allows password authentication for this user.
  • ChrootDirectory /var/nsxtsftp/ ensures that the user will not be allowed access to anything beyond the /var/nsxtsftp directory.
  • AllowAgentForwarding no, AllowTcpForwarding no. and X11Forwarding no disables port forwarding, tunneling and X11 forwarding for this user.

Restart the ssh service on the machine

  • Now, I have created these directory and user in the on the SFTP Ubuntu machine.

Create a new user

  • sudo adduser –shell /bin/false nsxtbackupuser

Create a new directory

  • sudo mkdir -p /var/nsxtsftp/backups

Change owner and  permission on the new directory

  • sudo chown root:root /var/nsxtsftp
  • sudo chown nsxtbackupuser:nsxtbackupuser /var/nsxtsftp
  • sudo chown 755 /var/nsxtsftp

Once, this is done use the NSX-T UI, under system go ahead and edit and configure backup to the backup server.

sftp5

Then, perform a backup and view the result.

sftp6

Backup files are getting created.

sftp7

 

 

 

 

 

 

 

 

 

 

 

 

3 thoughts on “Setup an Ubuntu VM as SFTP Server for NSX-T backup

  1. James August 6, 2019 / 6:09 AM

    Listen Address in SSH config should never be a remote host…this is for the addresses the local ssh server listens on…

    Also you should be able to edit that file with sudo as well. No need for copying and chmod stuff. Way too complicated.

    Like

    Reply
    • animesh41 August 7, 2019 / 8:52 AM

      Yeah, correct edited the comment.. sudo was not allowing to edit the file until the permissions were changed .. not sure about it ..
      Thanks

      Like

      Reply
  2. Tomson December 4, 2020 / 11:05 PM

    Thanks for the tutorial!
    I assume there is a small mistake regarding the permission command:
    Instead of “chown 755 /var/nsxtsftp” -> “chmod 755 /var/nsxtsftp”

    Best regards

    Like

    Reply

Leave a Reply