Sftp installation Configuration

Sftp installation Configuration

1. Basic Knowledge
1.1 concepts
Sftp is short for Secure File Transfer Protocol and is a Secure File Transfer Protocol.
1.2 Functions
It provides a secure encryption method for transferring files.
1.3. Features
1) sftp has almost the same syntax and functions as ftp.
2) SFTP is part of SSH and is a secure method for transferring files to the Blogger server.
3) SFTP itself does not have a separate daemon. It must use the sshd daemon (the default port number is 22) to complete the corresponding connection operations.
4) SFTP is highly secure
5) the SSH software already includes the SFTP secure file transmission subsystem.
1.4. Disadvantages
The transmission method uses encryption/decryption technology, so the transmission efficiency is much lower than that of ordinary FTP.
1.5 client tools
1.5.1. windows Client
Core FTP, FileZilla, WinSCP, Xftp
1.5.2 linux Client
1 sftp username @ remote ip (or remote host name)

2. Server Configuration

2.1 environment overview
Ipaddress = 10.168.0.169
OS = CentOS 6.5
2.2. Environment check
2.2.1 view openssh version
1 ssh-V

Note: Versions later than 4.8p1 are required.
2.2.2 disable selinux
1 getenforce

If shown as follows:
1 Enforcing

Run the following command:
12 setenforce 0
Sed-I's/SELINUX = enforcing/SELINUX = disabled/G'/etc/selinux/config

2.3 configuration steps
2.3.1 create a directory for storing sftp
1 mkdir-p/data/sftp

2.3.2 create an sftp Group
1 groupadd sftp

2.3.3 configure the sshd transmission subsystem
Edit/etc/ssh/sshd_config in vim
Comment out the following lines:
1 # Subsystem sftp/usr/libexec/openssh/sftp-server

Add the following parameters to the last line:
123456 Subsystem sftp internal-sftp
Match Group sftp
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
ChrootDirectory/data/sftp/% u

2.3.4 restart the service
1/etc/init. d/sshd restart

2.3.5 create sftp users and related directories
12 mkdir/data/sftp/user1/
Useradd user1-g sftp-s/bin/false-d/data/sftp/user1/upload

Note: The owner of/data/sftp/user1 must be root; otherwise, login fails.
View root folder permissions:
1 ll-d/data/sftp/user1/

Shown as follows:
1 drwxr-xr-x. 3 root 4096 May 10/data/sftp/user1

View the upload folder permissions:
1 ll-d/data/sftp/user1/upload/

Shown as follows:
1 drwx ------. 2 user1 sftp 4096 May 10 09:21/data/sftp/user1/upload/

2.3.6. Configure the password of the sftp user
1 passwd user1

2.3.7 configure scripts
1) create a script directory
1 mkdir ~ /Script

2) vim editor ~ /Script/addsftpu. sh and enter the following content
123456 #! /Bin/bash
User = $1
Passwd = $2
Mkdir-p/data/sftp/$ user/
Useradd $ user-g sftp-s/bin/false-d/data/sftp/$ user/upload
Echo "$ passwd" | passwd -- stdin $ user

3) Authorization
1 chmod 700 ~ /Script/addsftpu. sh

4) Add a user
12 cd ~ /Script
./Addsftpu. sh user1 'pwd123'

3. Client Configuration
3.1 create a connection

3.2 select connection and log on

3.3 enter the password to log on

3.4 generate an encryption key

3.5 login successful

Configure the SFTP environment for non-SSH users in Linux

How to transmit files securely using SFTP

Error: unable to establish FTP connection with SFTP Server

This article permanently updates the link address: