Cetos 6.6 Setting up SFTP service

1. Installation dependencies

Yum Install-y openssl-devel

Yum install-y zlib-devel zlib

Or if you have RPM packages. You can use the following method
RPM-IVH--nodeps--force openssl-devel-0.9.8e-22.el5_8.4.x86_64.rpm

RPM-IVH--nodeps--force zlib-1.2.3-27.el6.x86_64.rpm

RPM-IVH--nodeps--force zlib-devel-1.2.3-27.el6.x86_64.rpm



2. Installing OpenSSL

Tar zxvf openssl-1.0.0.tar.gz
CD openssl-1.0.0
./config
Make
Make install




3. Installing OpenSSH

Tar zxvf openssh-5.4p1.tar.gz

CD OPENSSH-5.4P1

./configure--with-ssl-dir=/usr/local/ssl #openssl的安装位置
Make
Make install





4. Configuration
(1) Modifying the sshd startup script
# vi/etc/init.d/sshd
Sshd=/usr/sbin/sshd
Switch
Sshd=/usr/local/sbin/sshd

(2) Modify the sshd configuration file, the configuration file location of the TAR package installation is/usr/local/etc/sshd_config
Cd/usr/local/etc
CP Sshd_config Sshd_config.bak
cp/etc/ssh/sshd_config/usr/local/etc/



5. Modify the Sshd_config configuration file
Vim Sshd_config

# Override default of No subsystems
# Subsystem Sftp/usr/local/libexec/sftp-server

Subsystem sftp internal-sftp
Match Group SFTP #组名, single user can match user username
X11forwarding No
chrootdirectory/data/htdocs/#指定实际目录
Allowtcpforwarding No
Forcecommand internal-sftp



6. Modify Permissions
Groupadd SFTP

useradd-d/data-s/bin/false-g sftp yy (sftp account)

passwd yy Modify User password

Chown Root.sftp/data
chmod 750/data Note: Remember to give the owner of the directory to the root user. Cannot give the SFTP group user "W" permission.


7. Modify the sshd default port and Iptables rules


Vim/usr/local/etc/sshd_config

Change #Port 22 to Port 33525

Vim/etc/sysconfig/iptables

Change the 22 port of the-a input-m state--state new-m tcp-p tcp--dport 22-j ACCEPT rule to 33525


Service Iptables Restart
Service sshd Restart


8. Login to SFTP

sftp-oport=33525 [email protected]

Software under Windows.

Yum Install Lrzsz

Cetos 6.6 Setting up SFTP service