Linux Centos 6.6 Build SFTP Server

Source: Internet
Author: User

Linux Centos 6.6 Build SFTP Server

Use the system's own internal-sftp to build an SFTP server in the CentOS 6.6 environment.

Open the Command Terminal window and follow the steps below.

0. View OpenSSH version

[Plain] view plaincopy

    1. Ssh-v

Use the SSH-V command to view the version of OpenSSH, the version must be greater than 4.8P1, and the version below will need to be upgraded.

1. Create an SFTP group

[Plain] view plaincopy

    1. Groupadd SFTP


2, create an SFTP user, named Mysftp, password is mysftp

[Plain] view plaincopy

    1. Useradd-g sftp-s/bin/false mysftp
    2. passwd mysftp


3, the user's home directory of the SFTP group is uniformly assigned to/DATA/SFTP, according to the user name, here to create a new mysftp directory, and then specify MYSFTP home for/data/sftp/mysftp

[Plain] view plaincopy

    1. Mkdir-p/data/sftp/mysftp
    2. usermod-d/data/sftp/mysftp mysftp


4, Configuration Sshd_config
Text Editor opens/etc/ssh/sshd_config
Vi/etc/ssh/sshd_config

Find the following line, which is commented out with the # symbol, roughly at the end of the file.
# Subsystem Sftp/usr/libexec/openssh/sftp-server

Add the following lines to the last side of the file, and then save.

[Plain] view plaincopy

    1. Subsystem sftp internal-sftp
    2. Match Group SFTP
    3. Chrootdirectory/data/sftp/%u
    4. Forcecommand internal-sftp
    5. Allowtcpforwarding No
    6. X11forwarding No


5. Set chroot directory Permissions

[Plain] view plaincopy

    1. Chown root:sftp/data/sftp/mysftp
    2. chmod 755/data/sftp/mysftp


6. Create a directory that can be written after the SFTP user log in

After setting up the above, after restarting the SSHD service, the user mysftp can already log in. However, after using Chroot to specify the root directory, the root should be unable to write, so create a new directory for mysftp to upload files. This directory owner is mysftp, all groups are SFTP, the owner has write permissions, and all groups have no write permission. The command is as follows:

[Plain] view plaincopy

    1. Mkdir/data/sftp/mysftp/upload
    2. Chown Mysftp:sftp/data/sftp/mysftp/upload
    3. chmod 755/data/sftp/mysftp/upload


7, modify the/etc/selinux/config

Text Editor opens/etc/selinux/config

[Plain] view plaincopy

    1. Vi/etc/selinux/config

Modify the selinux=enforcing in the file to Selinux=disabled, and then save.

In the Enter command

[Plain] view plaincopy

    1. Setenforce 0


8. Restart the SSHD service

Enter the command to restart the service.

[Plain] view plaincopy

    1. Service sshd Restart


9. Verifying the SFTP environment
Login with mysftp user name, yes OK, enter password.

[Plain] view plaincopy

    1. SFTP [email protected]

Display Sftp> The SFTP is successfully built.

10. Using WINSCP

Enter the host IP address, user name, password, port connection to the SFTP server, the port default is 22.

Linux Centos 6.6 Build SFTP Server

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.