sftp的安装和使用

http://blog.srmklive.com/2013/04/24/how-to-setup-sftp-server-ftp-over-ssh-in-ubuntu/

In my previous post, i discussed about how to install & configure FTP Server on Ubuntu. In this post, i will discuss about how to setup SFTP server in Ubuntu. First you need to install openssh-server, which can be done using command:

1 sudo apt-get install openssh-server ssh

You can use the following commands for ssh:

1 sudo service ssh start          # Starts SSH Servier
2 sudo service ssh restart        # Restarts SSH Server
3 sudo service ssh stop           # Stops SSH Server
4 sudo service ssh status         # Gives a short description of the status of the SSH server

First create a backup of the /etc/ssh/sshd_config file and name it as/etc/ssh/sshd_config.bak. When done, open the /etc/ssh/sshd_config file:

1 sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
2 sudo vi /etc/ssh/sshd_config

Now edit the file /etc/ssh/sshd_config and add/edit the following lines:

#Subsystem sftp /usr/lib/openssh/sftp-server
2 Subsystem sftp internal-sftp -f AUTH -1 VERBOSE
3  
4 #Uncomment this line if already commented
5 UsePAM yes
6  
7 AllowGroups sftpusers sftp root
8  
9 Match Group sftpusers
10 ChrootDirectory %h
11 AllowTCPForwarding no
12 X11Forwarding no
13 ForceCommand internal-sftp

这里如果你想加入其他的用户test,并将它的目录限定在/home/test目录,需要加入如下的内容:

执行如下命令:sudo usermod -a -G sftpusers test

再sshd_config中加入如下内容:
Match user test
ChrootDirectory /home/test
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp

 为了不让test账户登录,可以设置/etc/passwd中的test账户为nologin。

 

Now lets create the relevant users & groups. First the create user group sftpusers using command:

1 sudo groupadd sftpusers

Now create a user suppose sftpuser. The commands listed below will create the user, add it to the sftpusers, and update its password

1 sudo adduser sftpuser
2 sudo usermod -a -G sftpusers sftpuser
3 sudo passwd sftpuser

Now proceed with modifying the permissions of the users home directory to allow for chrooting:

1 sudo chown root:sftpusers /home/sftpuser
2 sudo chmod 750 /home/sftpuser

Create a directory in which sftpuser is free to put any files in it:

1 sudo mkdir /home/sftpuser/public
2 sudo chown sftpuser:sftpusers /home/sftpuser/public
3 sudo chmod 777 /home/sftpuser/public
posted @ 2014-03-28 16:47  马僧  阅读(1155)  评论(0编辑  收藏  举报