sftp server set up

Others 2019-11-24 23:23:16 views: null

## structures Foreword:

 
The host system: centos7
 
due sftp ssh-based protocol, so we do not need to install extra packages , you only need to make the appropriate configuration.

 

## build process:

 

1. Create a user, user group, set the directory permissions (this is just a test, so only built a user / user group)

    #家目录默认在/home/sftp_user
    sudo useradd -m sftp_user:sftp_user 
    #将家目录的属主改为root
    sudo chown root:root /home/sftp_user 
    #将家目录的权限改为755
    sudo chmod 755 /home/sftp_user 
    #建立上传目录 
    sudo mkdir -p /home/sftp_user/upload 
    #建立下载目录
    sudo mkdir -p /home/sftp_user/download 
    #切换上传、下载两个目录的属主为sftp_user
    sudo chown -R sftp_user:sftp_user /home/sftp_user/upload  
    sudo chown -R sftp_user:sftp_user /home/sftp_user/download

 

2. Back up and modify the / etc / ssh / sshd_config, add the following content

 
Text follows, wherein reference can be directly unannotated content :

    # override default of no subsystems
    #Subsystem      sftp    /usr/libexec/openssh/sftp-server
    Subsystem sftp internal-sftp
    Match User sftp_user
    ForceCommand internal-sftp
    ChrootDirectory /home/sftp_user
    AllowAgentForwarding no
    AllowTcpForwarding no
    X11Forwarding no
    PasswordAuthentication yes
    # Example of overriding settings on a per-user basis
    #Match User anoncvs
    #       X11Forwarding no
    #       AllowTcpForwarding no
    #       PermitTTY no
    #       ForceCommand cvs server
    #UseDNS no
    #AddressFamily inet
    PermitRootLogin yes
    #SyslogFacility AUTHPRIV
    PasswordAuthentication no

 

3. Restart the service if error continue troubleshooting, if no error checking on the upload and download functions

sysetmctl restart sshd

 

At this point, sftp to build is complete.
 

## structures Postscript:

Of course, there are several points which need extra attention:

 

1. At the time of the restart sshd, sshd get up very container will cause the client to Rom. So, we need to pay attention to two points:

1.1 Backup / etc / ssh / sshd_config file, if ssh is really hung up, quickly revert to a previous state.

More than 1.2 open several console, always ensure there is a console even get host, it can ensure that the machine has the ability to restore to its previous state.

2. sftp server set up, we need to pay attention to three points:

2.1 ChrootDirectory set directory permissions and all of the parent folder permissions, the owner and group must be the root.

2.2 ChrootDirectory set directory permissions and all the parent folder permissions, only the owner can have write access permissions to the maximum setting can only be 755.

Owner directory 2.3 ChrootDirectory the following needs to be set to sftp user, so that users can have read / write / execute permissions.

Guess you like

Origin www.cnblogs.com/young233/p/11925017.html
Recommended
Ranking
SpringBoot-integrate redis
[Sword pointing to offer] Interview question 03: Repeated numbers in an array
Arrangement "Offer Penalty for prove safety" string
Browser prevent the automatic generation of fill and Echo have been saved account solutions
Work hard and never slacken——2022 Yinmai Information Year-End Summary
Install jdk7 on Linux system
App common dependency management tools
EduCoder-Web程序设计基础-html5— 给表单组件添加说明-第1关:label标签相关概念
Machine learning - clustering - density clustering algorithm notes
Ant's large model is exposed, AI+ finance enters the "big model" era
Daily
More
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)

Code World

© 2018 codetd.com