SFTP is short for Secure File Transfer Protocol and is a Secure File Transfer Protocol. It provides a secure encryption method for transferring files. Sftp has almost the same syntax and functions as ftp. SFTP is part of SSH and is a secure method for transferring files to the Blogger server. In fact, the SSH package already contains a Secure File transmission subsystem named SFTP (Secure File Transfer Protocol). SFTP itself does not have a separate daemon process, it must use the sshd Daemon (the default port number is 22) to complete the corresponding connection operations, so in a sense, SFTP is not like a server program, but more like a client program. SFTP also uses encryption to transmit authentication information and transmitted data. Therefore, SFTP is very secure. However, because this transmission method uses encryption/decryption technology, the transmission efficiency is much lower than that of ordinary FTP. If you have higher network security requirements, you can use SFTP instead of FTP.
OpenSSH 4.8p1 and later versions support commands such as chroot required by SFTP. The OpenSSH version of my CentOS 5.x server is too low and you need to upgrade OpenSSH first.
Tip: before upgrading OpenSSH, to prevent unexpected events, I temporarily enable telnet and connect to the server via telnet (close telnet after upgrade ).
Service sshd stop # Disable sshd
Mv/etc/ssh/sshd_config/etc/ssh/sshd_config_bak # Rename the original setting file
Wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-4.9p1.tar.gz
Tar zxvf openssh-4.9p1.tar.gz
Cd openssh-4.9p1
./Configure -- prefix =/usr -- sysconfdir =/etc/ssh
Make
Make install
If the above process is successful, the following command should be able to start sshd normally.
Service sshd start
Next, configure sshd_config and set the SFTP user and directory.
# Subsystem sftp/usr/libexec/sftp-server
Subsystem sftp internal-sftp
Match User xxxxxx
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
ChrootDirectory/var/htdocs
In the above settings, replace "xxxxxx" with the username used for SFTP in your system. Here, I use User or Group to specify a User Group.
Restart sshd after setting.