I built a blob storage mount in linux machines using blobfuse, I like to setup sftp users integration to this blob account one sftp user as Read permissions and other sftp user have R/W permissions. Kindly help me is there any possible ways?

goutham varma 40 Reputation points
2024-10-22T15:43:05.2733333+00:00

I have sftp storage account "devmiieasftpblobstgacc01", I mounted one of the container of this account to few of linux machines using blobfuse. This was done successful by connecting with access key.

Now i like to give an access to container for few sftp local users of existing storage account devmiieasftpblobstgacc01. Those users should have some privileges to access to upload and download the data from container, Also the sftp users should access the linux machines to access the container directly with in the machine. Kindly provide the steps to perform this integration, mainly i'm looking for integration in linux machines, The user should access with sftp user account directly with in linux machine to get access to container.

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,294 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
3,003 questions
Azure Disk Storage
Azure Disk Storage
A high-performance, durable block storage designed to be used with Azure Virtual Machines and Azure VMware Solution.
653 questions
{count} votes

Accepted answer
  1. Keshavulu Dasari 2,420 Reputation points Microsoft Vendor
    2024-10-22T19:38:32.88+00:00

    Hi goutham varma,
    Welcome to Microsoft Q&A Forum, thank you for posting your query here!
    To set up SFTP users with different permissions (read-only and read/write) for your Azure Blob Storage mounted on Linux machines using Blob fuse, you can follow these steps:

    1. Blobfuse installed and configured on your Linux machines.
    2. SFTP server (like OpenSSH) installed on your Linux machines.
    3. Access keys for your Azure Blob Storage account.

    Steps

    1. Create SFTP Users

    First, create the SFTP users on your Linux machine.

    2. Configure SFTP Server

    Edit the SSH configuration file to set up the SFTP server.

    3. Set Permissions

    Set the appropriate permissions for the SFTP users.

    4. Restart SSH Service

    Restart the SSH service to apply the changes.

    Testing

    1. For Read-Only User:
      • Connect using SFTP with the sftp_readonly user and verify that you can only read files.
      1. For Read/Write User:
        • Connect using SFTP with the sftp_readwrite user and verify that you can read and write files.
    • Ensure that the Blobfuse mount point (/mnt/blobfuse/container) is correctly set up and accessible.
    • Adjust the paths and permissions as needed based on your specific setup.

    This setup should allow your SFTP users to access the Azure Blob Storage container with the specified permissions directly from the Linux machine.

    Please let us know if you have any further queries. I’m happy to assist you further.


    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.


1 additional answer

Sort by: Most helpful
  1. Deepanshu katara 12,635 Reputation points
    2024-10-22T16:20:48.0266667+00:00

    Hello , Welcome to MS Q&A

    To provide SFTP access to a storage account container for local users on Linux machines, follow these steps:

    1. Create a Local User: Use the Azure CLI to create a local user. You can authenticate the user either with a password or an SSH key. For example, to create a local user with SSH key authentication, use the following command:
    2. Set Permissions: After creating the local user, grant permissions to the desired containers. You can specify which containers the user can access and what level of access they have. This can be done through the Azure portal or using the CLI.
    3. Enable ACL Authorization (if needed): If you want to authorize access at the file and directory level, enable Access Control Lists (ACLs) for the local user.

    Make sure to follow the guidelines for managing local users and permissions to ensure secure access.

    References:

    please let us know if any questions

    Kindly accept answer if it helps

    check below image for ref

    User's image

    Thanks Deepanshu


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.