For the server file upload, we will create a user login server sftp, ssh landing ban server; this is for safety considerations, other paths to avoid external access server, access, modify, and other files on a different path.
Now provide external test users, sftp access server; creation process is as follows:
1. Establish sftp user test
useradd test, this time will create sftp user directory / home / test
chown -R root:test /home/test
chmod -R 750 /home/test
2. Create the upload directory file, give permission
cd /home/test
mkdir file
chown -R test:test /home/test/file
chmod -R 755 /home/test/file
Description:
sftp directory home owner must be root, is a group that test, the highest authority is set to 755, or sftp Rom; sftp landed directly enters the file directory; for upload or download files do not use an absolute path / home / test / file.
sftp directory home owner must be root, is a group that test, the highest authority is set to 755, or sftp Rom; sftp landed directly enters the file directory; for upload or download files do not use an absolute path / home / test / file.
3. Modify the sshd_config file
vim / etc / ssh / sshd_config
comment tone Subsystem sftp / usr / libexec / openssh / sftp-server
Appends
the Subsystem Internal SFTP SFTP-
Match the User Test01
the ChrootDirectory / Home / Test (SFTP user's root directory)
X11Forwarding NO
AllowTcpForwarding NO
ForceCommand, internal - sftp
comment tone Subsystem sftp / usr / libexec / openssh / sftp-server
Appends
the Subsystem Internal SFTP SFTP-
Match the User Test01
the ChrootDirectory / Home / Test (SFTP user's root directory)
X11Forwarding NO
AllowTcpForwarding NO
ForceCommand, internal - sftp
Restart the service:
systemctl restart sshd.service
systemctl restart sshd.service