SFTP Gateway Overview

Overview

The SFTP Gateway is a secure, pre-configured SFTP server that saves uploaded files to an Amazon S3 bucket.

The latest version of SFTP Gateway is version 3.x, which can be found on the AWS, Azure and Google Cloud Marketplaces.

Visit our Website to see who uses SFTP Gateway and watch this short video to see what SFTP Gateway is all about!

 

The following are links to the documentation for each version of SFTP Gateway:

• Version 3 on AWS (latest)
• Version 3 on Azure (latest)
• Version 3 on Google Cloud (latest)
• Version 2 on AWS
• Version 2 on Azure

The remainder of the article pertains to Version 1 (Classic) on AWS.

---

Overview of SFTP Gateway Classic on AWS

SFTP Gateway uses a different approach than other S3-based file system products, making it more reliable for production systems. Rather than using a permanent mount or virtual file system, it monitors file descriptors as new files are written to SFTP directories. Once the file is finished writing and the file descriptor is closed, it pushes the entire file to an S3 Bucket. The SFTP Gateway is simple, lightweight, and reliable.

When coupled with S3 Events and AWS Lambda, it is the ideal entry point for automated integration between your AWS application and external or third-party systems. It also complies with corporate security policies that require key-based SFTP file transfers.

Features

• SFTP server that stores uploaded documents to an S3 Bucket. Pre-configured with standard security settings. Easily manage SFTP users independent of IAM using built-in command line scripts.
• Automated S3 bucket creation and setup. Use the CloudFormation template or setup script from the single AMI to auto-configure the server. S3 events can be used to automate file processing with AWS Lambda.
• Configurable S3 bucket and path for each SFTP user
• Server-side encryption using SSE-S3, KMS, or SSE-C (custom keys)
• Private and shared download folders for pushing files to end-users
• MD5 Hash Validation support to ensure data integrity of uploaded files

Table of Contents

• Initial setup: Provision an EC2 instance, S3 bucket, and IAM role
• Log into the EC2 instance: SSH into your instance
• Add and configure a user: Provision an SFTP user, and configure options like custom S3 locations and encryption
• Connect as an SFTP user: Connect using an SFTP client (FileZilla, WinSCP, or command-line)
• Delete an SFTP user: De-provision an SFTP user
• Security Notes

Links

• Product Website
• CloudFormation Template - No setup is necessary if you use this CloudFormation template. This template uses the proper AMI based on your region.

Support

Email support is available to Amazon Web Services Marketplace Customers at support@thorntech.com.

To help us troubleshoot, provide any of the following items that seem relevant to the issue:

• /var/log/movetos3/movetos3.log: This logs file uploads to S3
• /var/log/movetos3/s3sync.log: This logs private and shared download sync activity
• sudo incrontab -l: This outputs a list of directories that are monitored for S3 upload
• sudo df -h: This shows the remaining storage on the EC2 instance
• sudo sftpgw version: Shows the current version of SFTP Gateway
• Screenshots of the SFTP client at the time of error (looking for log output, and file names or paths)

We do not offer refunds, but you may terminate your AMI or CloudFormation Stack at any time.

Troubleshooting

For troubleshooting and frequently asked questions, refer to our Troubleshooting article

Reference

Documentation of configuration options and supported commands.