Linux Centos 6.6 Build SFTP Server

Source: Internet
Author: User
Tags create directory ftp client filezilla ftp filezilla ftp client

To summarize:

SFTP Service
  1. #ssh –V to view the OpenSSH version, if it is below 4.8p1, you need to upgrade the installation yourself,
  2. Create an SFTP group: #groupadd SFTP
  3. Create Test Account: #useradd-G sftp-s/bin/false testuser Change Password: # passwd TestUser
  4. Create directory: #mkdir/opt/sftp #cd/opt/sftp; #mkdir TestUser
  5. Modify the Test Account home path: # usermod-d/opt/sftp/testuser testuser
  6. Configuration sshd_config: # vim/etc/ssh/sshd_config
  7. commented out: subsystem   sftp    /usr/ Libexec/openssh/sftp-server
    1. Add the following lines
    2. subsystem        sftp    internal-sftp  
    3. match group sftp  
    4. chrootdirectory /opt/sftp/%u  
    5. forcecommand    internal-sftp   
    6. allowtcpforwarding no  
    7. x11forwarding no  
  8. Set chroot directory permissions: chown root:sftp/opt/sftp/testuser #chmod 755/opt/sftp/testuser Restart sshd service: # service sshd Restart
    1. # Mkdir/opt/sftp/testuser/upload
    2. # chown Uplus:sftp/opt/sftp/testuser/upload
    3. # chmod 755/opt/sftp/testuser/upload
  9. Test sftp [email protected] Display sftp> The SFTP was built successfully.

Use the system's own internal-sftp to build an SFTP server in the CentOS 6.6 environment.

Open the Command Terminal window and follow the steps below.

0. View OpenSSH version

Ssh-v

Use the SSH-V command to view the version of OpenSSH, the version must be greater than 4.8P1, and the version below will need to be upgraded.

1. Create an SFTP group

Groupadd SFTP

2, create an SFTP user, the user name is mysftp, password is mysftp

Modifying the user password is the same as modifying the Linux user password.

Useradd-g sftp-s/bin/false mysftp//user name
passwd mysftp//password

Useradd-g sftp-s/bin/false mysftp

passwd mysftp


3, the user's home directory of the SFTP group is uniformly assigned to/DATA/SFTP, according to the user name, here to create a new mysftp directory, and then specify MYSFTP home for/data/sftp/mysftp

Mkdir-p/data/sftp/mysftp

usermod-d/data/sftp/mysftp mysftp


4, Configuration Sshd_config
Text Editor opens/etc/ssh/sshd_config
Vi/etc/ssh/sshd_config

Find the following line, which is commented out with the # symbol, roughly at the end of the file.
# Subsystem Sftp/usr/libexec/openssh/sftp-server
Add the following lines to the last side of the file, and then save.

Subsystem sftp internal-sftp

Match Group SFTP

Chrootdirectory/data/sftp/%u

Forcecommand internal-sftp

Allowtcpforwarding No

X11forwarding No


5. Set chroot directory Permissions

Chown root:sftp/data/sftp/mysftp

chmod 755/data/sftp/mysftp


6. Create a directory that can be written after the SFTP user log in

After setting up the above, after restarting the SSHD service, the user mysftp can already log in. However, after using Chroot to specify the root directory, the root should be unable to write, so create a new directory for mysftp to upload files. This directory owner is mysftp, all groups are SFTP, the owner has write permissions, and all groups have no write permission. The command is as follows:

Mkdir/data/sftp/mysftp/upload

Chown Mysftp:sftp/data/sftp/mysftp/upload

chmod 755/data/sftp/mysftp/upload


7, modify the/etc/selinux/config

Text Editor opens/etc/selinux/config

Vi/etc/selinux/config

Modify the selinux=enforcing in the file to Selinux=disabled, and then save.

In the Enter command

Setenforce 0

8. Restart the SSHD service

Enter the command to restart the service.

Service sshd Restart

9. Verifying the SFTP environment
Login with mysftp user name, yes OK, enter password.

SFTP [email protected]

Display Sftp> The SFTP is successfully built.

10. Connect the SFTP server using FileZilla FTP client

Enter the host IP address, user name, password, port connection to the SFTP server, the port default is 22.

Linux Centos 6.6 Build SFTP Server

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.