Suning “sells unable to sell”

　Note: This article built SFTP systems above CENTOS 7 or above

SFTP server two construction methods

1. Create a new user directly on the system. This method is the simplest, but the least secure. After the user SFTP login, you can switch the directory at will. Cut the user can log in to the system. This is not introduced in detail.

First of all new SFTP login users

useradd stp-u

echo sftp-u | passwd –stdin sftp-u

Configuration/ETC/SSH/SSHD_CONFIG

comment

#Subsystem sftp /usr/libexec/openssh/sftp-server

Add as follows

Subsystem sftp internal-sftp

Match User sftp-u

ChrootDirectory /opt/upload

ForceCommand internal-sftp

　　AllowTcpForwarding no

　　X11Forwarding no

chrootdirectory settings settings and all their superior file folder permissions must be rooted;

chrootdirectory settings settings and all their superior file folder permissions, only the owner can have writing permissions, that is, permissionsThe maximum settings can only be 755

But if the directory authority cannot modify the permissions due to the actual environment, it can also be achieved through soft connection, but the director of the bottom directory is ROOT, and the most authority is 755. 755 is 755.

Modify the directory authority

chown root.sftp-u test/

Restart service

service sshd reload

service sshd restart

Login

sftp -P 22 [email protected]xxx

Display local directory

sftp> lls

1.json 2.json 3.json ls.txt put.sh

Display remote directory

stp> ls

1.json

Upload

From the local upload file to the remote, the local directory does not specify the current directory.

sftp> put 1.json

Uploading 1.json to /1.json

remote open(“/1.json”): Permission denied

prompt remote authority to fail, because this is to write to remote, so check whether the directory of the remote operation has a write permissions, and find that the SFTP-U user does

Then add the root directory specified by the SFTP-U user to write permissions, and the Service SSHD RESTART found that it still cannot be uploaded.

finds that you need to create a new child directory in the root directory and write permissions for the SFTP-U user before you can upload

chown root.sftp-u /root/upload/

mkdir /root/upload/file

chown sftp-u:sftp-u /root/upload/file

chmod 775 /root/upload/file

download

sftp> get sftp-s.txt .

Fetching /file/sftp-s.txt to ./sftp-s.txt

Summary

#file server

useradd sftp-u

echo sftp-u | passwd --stdin sftp-u

mkdir -p /root/upload/

chown root.sftp-u /root/upload/

mkdir /root/upload/file

chown sftp-u:sftp-u /root/upload/file

chmod 775 /root/upload/file

sed -i 's/Subsystem\tsftp\t\/usr\/libexec\/openssh\/sftp-server/#Subsystem\tsftp\t\/usr\/libexec\/openssh\/sftp-server/g' /etc/ssh/sshd_config

echo -e 'Subsystem sftp internal-sftp

Match User sftp-u

\tChrootDirectory /root/upload

\tForceCommand internal-sftp

\tAllowTcpForwarding no

\tX11Forwarding no' >> /etc/ssh/sshd_config

source

Free tutorials to bookmark

Tutorials, Free Online Tutorials, publishbookmarks provides tutorials and interview questions of all technology like java tutorial, android, java frameworks, javascript, ajax, core java, sql, python, php, c language etc. for beginners and professionals.

SFTP server two construction methods

Login

Display local directory

Display remote directory

Upload

download

Summary

Related Posts

Android adds bitmap to the overlay of View

Android VR Player (panoramic video player) [8]: MediaPlayer+SurfaceView video playback

qt configuration system new project function

C language to implement eight sorting algorithms (1)

Suning “sells unable to sell”

Random Posts

Ubuntu system linux installation Pytesseract and Tesseract-OCRCAOMEI

TODOLIST’s implementation

java multi -threaded ScheduledexecutorService

python2.7 and 3.5 dual versions coexist and the use of PIP

java implements the Virginia Canada algorithm, and the accurate key can be calculated in explicitly