{"id":7711,"library":"sftpserver","title":"sftpserver (rspivak)","description":"sftpserver is a simple, single-threaded SFTP server built upon Paramiko's SFTPServer, primarily designed for testing Python SFTP clients rather than production environments. The current version is 0.3, with its last release in April 2017, indicating a maintenance-only status with no active development or new features.","status":"maintenance","version":"0.3","language":"en","source_language":"en","source_url":"https://github.com/rspivak/sftpserver","tags":["sftp","server","paramiko","ssh","file transfer","testing"],"install":[{"cmd":"pip install sftpserver","lang":"bash","label":"Install latest version"}],"dependencies":[{"reason":"Core SSH/SFTP client library for server implementation.","package":"paramiko","optional":false}],"imports":[{"note":"The library is designed for direct execution or calling the start_server function from the main module.","symbol":"start_server","correct":"import sftpserver\nsftpserver.start_server(...)"}],"quickstart":{"code":"import os\nimport paramiko\nimport sftpserver\n\n# Generate a test private key if it doesn't exist\nkey_file = 'test_rsa.key'\nif not os.path.exists(key_file):\n    print(f\"Generating new RSA key for the server: {key_file}\")\n    key = paramiko.RSAKey.generate(2048)\n    key.write_private_key_file(key_file)\n    print(\"Key generated. DO NOT use this key for production.\")\n\n# Define SFTP server parameters\nSFTP_HOST = os.environ.get('SFTP_HOST', '127.0.0.1')\nSFTP_PORT = int(os.environ.get('SFTP_PORT', '3373'))\nSFTP_KEY_FILE = os.environ.get('SFTP_KEY_FILE', key_file)\nSFTP_LOG_LEVEL = os.environ.get('SFTP_LOG_LEVEL', 'INFO')\n\nprint(f\"Starting SFTP server on {SFTP_HOST}:{SFTP_PORT}\")\nprint(f\"Using key file: {SFTP_KEY_FILE}\")\nprint(f\"Log level: {SFTP_LOG_LEVEL}\")\nprint(\"Connect with username 'admin', password 'admin' (or any credential if no auth callback is set).\")\nprint(\"Press Ctrl+C to stop the server.\")\n\ntry:\n    sftpserver.start_server(SFTP_HOST, SFTP_PORT, SFTP_KEY_FILE, SFTP_LOG_LEVEL)\nexcept KeyboardInterrupt:\n    print(\"\\nSFTP server stopped.\")\n","lang":"python","description":"This quickstart demonstrates how to start the sftpserver programmatically, generating a temporary RSA key if one doesn't exist. It will listen on 127.0.0.1:3373 by default. Connect with a client using any username/password (e.g., 'admin'/'admin') as the default handler accepts all credentials."},"warnings":[{"fix":"For production, consider robust SFTP server solutions (e.g., OpenSSH, commercial products) or actively maintained Python libraries like `asyncssh` or `pysftpserver` which offer more features and better concurrency.","message":"The library is explicitly stated as 'simple single-threaded' and 'not for production use'. Relying on it for high-traffic or critical production environments will lead to performance bottlenecks and instability.","severity":"breaking","affected_versions":"<=0.3"},{"fix":"Generate an RSA private key using `openssl req -newkey rsa:2048 -nodes -keyout /tmp/test_rsa.key -x509 -days 365 -out /tmp/test_rsa.key.pub` or `paramiko.RSAKey.generate(2048).write_private_key_file(key_path)` and provide its path to the server.","message":"The server requires a private key file (`-k/--keyfile`) to operate, which must be specified either via command-line arguments or when calling `start_server`. Failure to provide one will result in an error.","severity":"gotcha","affected_versions":"<=0.3"},{"fix":"Avoid using this library for sensitive data. If used for testing, ensure the client explicitly allows older, weaker ciphers/algorithms if connection issues arise, or configure your client to disable strict host key checking for local testing (e.g., `StrictHostKeyChecking no` for `sftp` clients) for ephemeral test servers.","message":"Given the last update in 2017, `sftpserver` likely uses older versions of `paramiko` and may support only outdated SSH/SFTP ciphers and algorithms, which are considered insecure by modern standards.","severity":"deprecated","affected_versions":"<=0.3"}],"env_vars":null,"last_verified":"2026-04-16T00:00:00.000Z","next_check":"2026-07-15T00:00:00.000Z","problems":[{"fix":"Run the server with the `-k` or `--keyfile` option followed by the path to a private key, e.g., `sftpserver -k my_server_key.key` or `sftpserver.start_server(..., keyfile='/path/to/key')`.","cause":"The server was started without providing a path to a private SSH key file.","error":"sftpserver: error: -k/--keyfile should be specified"},{"fix":"For a trusted local test server, type `yes` and press Enter. For automated testing, configure the client to automatically add host keys or disable strict host key checking (e.g., `ssh -o StrictHostKeyChecking=no ...` or `client.set_missing_host_key_policy(paramiko.AutoAddPolicy())`).","cause":"This is a standard SSH client prompt when connecting to a server for the first time, or if the server's host key has changed.","error":"The authenticity of host '[localhost]:3373' can't be established. RSA key fingerprint is ... Are you sure you want to continue connecting (yes/no)?"},{"fix":"Ensure your client provides a username and password (e.g., 'admin'/'admin') or a private key that matches the server's configuration. Verify the client's `paramiko.Transport.connect()` call includes correct `username` and `password` or `pkey` arguments.","cause":"The client attempted to connect but no valid credentials (username/password or key) were provided or accepted by the server. The default `sftpserver` accepts any credentials, so this usually indicates a client-side misconfiguration.","error":"paramiko.ssh_exception.SSHException: No authentication methods available"},{"fix":"Verify the `sftpserver` process is running. Check for any errors in the server's console output. Ensure no firewall is blocking the specified port (default 3373) on the server machine. Double-check the host and port in your client configuration.","cause":"The SFTP server process either crashed, was not running, or immediately rejected the connection attempt at a very early stage (e.g., due to port or firewall issues).","error":"ssh_exchange_identification: Connection closed by remote host"}]}