Some final tweaks

Author: normesta

articles/storage/blobs/secure-file-transfer-protocol-known-issues.md

@@ -20,15 +20,15 @@ This article describes limitations and known issues of SFTP support for Azure Bl
 
 ## Known unsupported clients
 
-The following clients are known to be incompatible with SFTP for Azure Blob Storage. See [Supported algorithms](secure-file-transfer-protocol-support.md#supported-algorithms) for more information.
+The following clients are known to be incompatible with SFTP for Azure Blob Storage. For more information, see [Supported algorithms](secure-file-transfer-protocol-support.md#supported-algorithms).
 
 - Five9
 - Kemp
 - Mule
 - paramiko 1.16.0
 - SSH.NET 2016.1.0
 
-The unsupported client list above isn't exhaustive and may change over time.
+This list isn't exhaustive and might change over time.
 
 ## Client settings
 
@@ -51,7 +51,7 @@ To transfer files to or from Azure Blob Storage via SFTP clients, see the follow
 | Extensions | Unsupported extensions include but aren't limited to: [email protected], [email protected], [email protected], [email protected] |
 | SSH Commands | SFTP is the only supported subsystem. Shell requests after the completion of key exchange will fail. |
 | Multi-protocol writes | Random writes and appends (`PutBlock`,`PutBlockList`, `GetBlockList`, `AppendBlock`, `AppendFile`)  aren't allowed from other protocols (NFS, Blob REST, Data Lake Storage Gen2 REST) on blobs that are created by using SFTP. Full overwrites are allowed.|
-| Rename Operations | Rename operations where the target file name already exists is a protocol violation. Attempting such an operation will return an error. See [Removing and Renaming Files](https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-02#section-6.5) for more information.|
+| Rename Operations | Rename operations where the target file name already exists is a protocol violation. Attempting such an operation returns an error. See [Removing and Renaming Files](https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-02#section-6.5) for more information.|
 | Cross Container Operations | Traversing between containers or performing operations on multiple containers from the same connection are unsupported.
 
 ## Authentication and authorization
@@ -82,7 +82,7 @@ To learn more, see [SFTP permission model](secure-file-transfer-protocol-support
 
 - Maximum file upload size via the SFTP endpoint is 100 GB. 
 
-- To change the storage account's redundancy/replication settings or initiate account failover, SFTP must be disabled. SFTP may be re-enabled once the conversion has completed. 
+- To change the storage account's redundancy/replication settings or initiate account failover, SFTP must be disabled. SFTP may be re-enabled once the conversion has completed.
 
 - Special containers such as $logs, $blobchangefeed, $root, $web aren't accessible via the SFTP endpoint. 
 

articles/storage/blobs/secure-file-transfer-protocol-performance.md

@@ -14,13 +14,13 @@ ms.author: normesta
 
 # SSH File Transfer Protocol (SFTP) performance considerations in Azure Blob storage
 
-Blob storage now supports the SSH File Transfer Protocol (SFTP). This article contains recommendations that will help you to optimize the performance of your storage requests. To learn more about SFTP support for Azure Blob Storage, see [SSH File Transfer Protocol (SFTP) support for Azure Blob Storage](secure-file-transfer-protocol-support.md).
+Blob storage now supports the SSH File Transfer Protocol (SFTP). This article contains recommendations that help you to optimize the performance of your storage requests. To learn more about SFTP support for Azure Blob Storage, see [SSH File Transfer Protocol (SFTP) support for Azure Blob Storage](secure-file-transfer-protocol-support.md).
 
 ## Use concurrent connections to increase throughput
 
 Azure Blob Storage scales linearly until it reaches the maximum storage account egress and ingress limit. Therefore, your applications can achieve higher throughput by using more client connections. To view storage account egress and ingress limits, see [Scalability and performance targets for standard storage accounts](../common/scalability-targets-standard-account.md).
 
-For WinSCP, you can use a maximum of 9 concurrent connections to upload multiple files. Other common SFTP clients such as FileZilla have similar options.
+For WinSCP, you can use a maximum of nine concurrent connections to upload multiple files. Other common SFTP clients such as FileZilla have similar options.
 
 > [!IMPORTANT]
 > Concurrent uploads will only improve performance when uploading multiple files at the same time. Using multiple connections to upload a single file is not supported.
@@ -36,7 +36,7 @@ For WinSCP, you can use a maximum of 9 concurrent connections to upload multiple
 
 ## Reduce the impact of network latency
 
-Network latency has a large impact on SFTP performance due to its reliance on small messages. By default, most clients use a message size of around 32KB.
+Network latency has a large impact on SFTP performance due to its reliance on small messages. By default, most clients use a message size of around 32 KB.
 
 - Increase default message size to achieve better performance
 

articles/storage/blobs/secure-file-transfer-protocol-support-authorize-access.md

@@ -49,7 +49,7 @@ You can authenticate local users connecting from SFTP clients by using a passwor
 
 3. In the **Add local user** configuration pane, add the name of a user, and then select which methods of authentication you'd like associate with this local user. You can associate a password and / or an SSH key.
 
-   If you select **SSH Password**, then your password will appear when you've completed all of the steps in the **Add local user** configuration pane. SSH passwords are generated by Azure and are minimum 32 characters in length.
+   If you select **SSH Password**, then your password appears when complete all of the steps in the **Add local user** configuration pane. SSH passwords are generated by Azure and are minimum 32 characters in length.
 
    If you select **SSH Key pair**, then select **Public key source** to specify a key source.
 
@@ -80,7 +80,7 @@ This section shows you how to authenticate by using either an SSH key or a passw
 
    - Use existing public key that is stored outside of Azure.
 
-      If you don't yet have a public key, then see [Generate keys with ssh-keygen](../../virtual-machines/linux/create-ssh-keys-detailed.md#generate-keys-with-ssh-keygen) for guidance about how to create one. Only OpenSSH formatted public keys are supported. The key that you provide must use this format: `<key type> <key data>`. For example, RSA keys would look similar to this: `ssh-rsa AAAAB3N...`. If your key is in another format then a tool such as `ssh-keygen` can be used to convert it to OpenSSH format.
+      If you don't yet have a public key, then see [Generate keys with ssh-keygen](../../virtual-machines/linux/create-ssh-keys-detailed.md#generate-keys-with-ssh-keygen) for guidance about how to create one. Only OpenSSH formatted public keys are supported. The key that you provide must use this format: `<key type> <key data>`. For example, RSA keys would look similar to this: `ssh-rsa AAAAB3N...`. If your key is in another format, then a tool such as `ssh-keygen` can be used to convert it to OpenSSH format.
 
 2. Create a public key object by using the [New-AzStorageLocalUserSshPublicKey](/powershell/module/az.storage/new-azstoragelocalusersshpublickey) command. Set the `-Key` parameter to a string that contains the key type and public key. In the following example, the key type is `ssh-rsa` and the key is `ssh-rsa a2V5...`.
 
@@ -141,7 +141,7 @@ This section shows you how to authenticate by using either an SSH key or a passw
 
    - Use existing public key that is stored outside of Azure.
 
-      If you don't yet have a public key, then see [Generate keys with ssh-keygen](../../virtual-machines/linux/create-ssh-keys-detailed.md#generate-keys-with-ssh-keygen) for guidance about how to create one. Only OpenSSH formatted public keys are supported. The key that you provide must use this format: `<key type> <key data>`. For example, RSA keys would look similar to this: `ssh-rsa AAAAB3N...`. If your key is in another format then a tool such as `ssh-keygen` can be used to convert it to OpenSSH format.
+      If you don't yet have a public key, then see [Generate keys with ssh-keygen](../../virtual-machines/linux/create-ssh-keys-detailed.md#generate-keys-with-ssh-keygen) for guidance about how to create one. Only OpenSSH formatted public keys are supported. The key that you provide must use this format: `<key type> <key data>`. For example, RSA keys would look similar to this: `ssh-rsa AAAAB3N...`. If your key is in another format, then a tool such as `ssh-keygen` can be used to convert it to OpenSSH format.
 
 2. To create a local user that is authenticated by using an SSH key, use the [az storage account local-user create](/cli/azure/storage/account/local-user#az-storage-account-local-user-create) command, and then set the `--has-ssh-key` parameter to a string that contains the key type and public key.
 

articles/storage/blobs/secure-file-transfer-protocol-support-connect.md

@@ -34,11 +34,11 @@ PS C:\Users\temp> sftp [email protected]
 
 The SFTP username is `storage_account_name`.`username`.  In the example above the `storage_account_name` is "contoso4" and the `username` is "contosouser."  The combined username becomes "contoso4.contosouser". The blob service endpoint is "contoso4.blob.core.windows.net".
 
-To complete the connection, you might have to respond to one or more prompts. For example, if you configured the local user with password authentication, then you'll be prompted to enter that password. You might also be prompted to trust a host key. Valid host keys are published [here](secure-file-transfer-protocol-host-keys.md).  
+To complete the connection, you might have to respond to one or more prompts. For example, if you configured the local user with password authentication, then you are prompted to enter that password. You might also be prompted to trust a host key. Valid host keys are published [here](secure-file-transfer-protocol-host-keys.md).  
 
 ### Connect using a custom domain
 
-If you want to connect to the blob service endpoint by using a custom domain, then the connection string is `[email protected]`. If the home directory hasn't been specified for the user, then the connection string is `[email protected]`.
+If you want to connect to the blob service endpoint by using a custom domain, then the connection string is `[email protected]`. If the home directory isn't specified for the user, then the connection string is `[email protected]`.
 
 > [!IMPORTANT]
 > Ensure your DNS provider does not proxy requests as this might cause the connection attempt to time out.
@@ -47,7 +47,7 @@ To learn how to map a custom domain to a blob service endpoint, see [Map a custo
 
 ### Connect using a private endpoint
 
-If you want to connect to the blob service endpoint by using a private endpoint, then the connection string is `[email protected]`. If the home directory hasn't been specified for the user, then it's `myaccount.mycontainer.myuser@myaccount.privatelink.blob.core.windows.net`.
+If you want to connect to the blob service endpoint by using a private endpoint, then the connection string is `[email protected]`. If the home directory isn't specified for the user, then it's `myaccount.mycontainer.myuser@myaccount.privatelink.blob.core.windows.net`.
 
 > [!NOTE]
 > Ensure that you change the networking configuration to "Enabled from selected virtual networks and IP addresses", and then select your private endpoint. Otherwise, the blob service endpoint will still be publicly accessible.
@@ -79,9 +79,9 @@ You can modify the permission level of the owning user, owning group, and all ot
 
 #### Modify permissions
 
-To change the the permission level of the owning user, owning group, or all other users of an ACL, the local user must have been given `Modify Permission` permission. See [Give permission to containers](secure-file-transfer-protocol-support-authorize-access.md#give-permission-to-containers).
+To change the permission level of the owning user, owning group, or all other users of an ACL, the local user must have `Modify Permission` permission. See [Give permission to containers](secure-file-transfer-protocol-support-authorize-access.md#give-permission-to-containers).
 
-The following example prints the ACL of a directory to the console. It then, sets the ACL to `777`. Each `7` is the numeric form of `rwx` (read, write, and execute). So `777` gives read, write, and execute permission to the owning user, owning group, and all other users. This example then prints the updated ACL to the console. To learn more about numeric and short forms of an ACL, see [Short forms for permissions](data-lake-storage-access-control.md#short-forms-for-permissions).
+The following example prints the ACL of a directory to the console. It then, uses the `chmod` command to set the ACL to `777`. Each `7` is the numeric form of `rwx` (read, write, and execute). So `777` gives read, write, and execute permission to the owning user, owning group, and all other users. This example then prints the updated ACL to the console. To learn more about numeric and short forms of an ACL, see [Short forms for permissions](data-lake-storage-access-control.md#short-forms-for-permissions).
 
 ```console
 sftp> ls -l
@@ -99,7 +99,7 @@ drwxr-x---        0        0                0 Mon, 16 Oct 2023 12:18:08 GMT dir2
 
 #### Change the owning user
 
-To change the owning user of a directory or blob, the local user must have been given `Modify Ownership` permission. See [Give permission to containers](secure-file-transfer-protocol-support-authorize-access.md#give-permission-to-containers).
+To change the owning user of a directory or blob, the local user must have `Modify Ownership` permission. See [Give permission to containers](secure-file-transfer-protocol-support-authorize-access.md#give-permission-to-containers).
 
 The following example prints the ACL of a directory to the console. The ID of the owning user is `0`. This example uses the `chown` command to set the ID of the owning user to `1234` and prints the change to the console.
 
@@ -117,7 +117,7 @@ sftp>
 
 #### Change the owning group
 
-To change the owning group of a directory or blob, the local user must have been given `Modify Ownership` permission. See [Give permission to containers](secure-file-transfer-protocol-support-authorize-access.md#give-permission-to-containers).
+To change the owning group of a directory or blob, the local user must have `Modify Ownership` permission. See [Give permission to containers](secure-file-transfer-protocol-support-authorize-access.md#give-permission-to-containers).
 
 The following example prints the ACL of a directory to the console. The ID of the owning group is `0`. This example uses the `chgrp` command to set the ID of the owning group to `5678` and prints the change to the console.
 

articles/storage/blobs/secure-file-transfer-protocol-support-how-to.md

@@ -66,7 +66,7 @@ az storage account update -g <resource-group> -n <storage-account> --enable-sftp
 
 ## Disable SFTP support
 
-This section shows you how to disable SFTP support for an existing storage account. Because SFTP support incurs an hourly cost, consider disabling SFTP support when clients are not actively using SFTP to transfer data. 
+This section shows you how to disable SFTP support for an existing storage account. Because SFTP support incurs an hourly cost, consider disabling SFTP support when clients aren't actively using SFTP to transfer data. 
 
 ### [Portal](#tab/azure-portal)