sftp的安装和使用

http://blog.srmklive.com/2013/04/24/how-to-setup-sftp-server-ftp-over-ssh-in-ubuntu/

In my previous post, i discussed about how to install & configure FTP Server on Ubuntu. In this post, i will discuss about how to setup SFTP server in Ubuntu. First you need to install openssh-server, which can be done using command:

1sudo apt-get install openssh-server ssh

You can use the following commands for ssh:

1sudo service ssh start          # Starts SSH Servier

2sudo service ssh restart        # Restarts SSH Server

3sudo service ssh stop           # Stops SSH Server

4sudo service ssh status         # Gives a short description of the status of the SSH server

First create a backup of the /etc/ssh/sshd_config file and name it as/etc/ssh/sshd_config.bak. When done, open the /etc/ssh/sshd_config file:

1sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

2sudo vi /etc/ssh/sshd_config

Now edit the file /etc/ssh/sshd_config and add/edit the following lines:

#Subsystem sftp /usr/lib/openssh/sftp-server

2Subsystem sftp internal-sftp -f AUTH -1 VERBOSE

3 

4#Uncomment this line if already commented

5UsePAM yes

6 

7AllowGroups sftpusers sftp root

8 

9Match Group sftpusers

10ChrootDirectory %h

11AllowTCPForwarding no

12X11Forwarding no

13ForceCommand internal-sftp

这里如果你想加入其他的用户test，并将它的目录限定在/home/test目录，需要加入如下的内容：

执行如下命令：sudo usermod -a -G sftpusers test再sshd_config中加入如下内容：Match user testChrootDirectory /home/testAllowTCPForwarding noX11Forwarding noForceCommand internal-sftp

 为了不让test账户登录，可以设置/etc/passwd中的test账户为nologin。

 

Now lets create the relevant users & groups. First the create user group sftpusers using command:

1sudo groupadd sftpusers

Now create a user suppose sftpuser. The commands listed below will create the user, add it to the sftpusers, and update its password

1sudo adduser sftpuser

2sudo usermod -a -G sftpusers sftpuser

3sudo passwd sftpuser

Now proceed with modifying the permissions of the users home directory to allow for chrooting:

1sudo chown root:sftpusers /home/sftpuser

2sudo chmod 750 /home/sftpuser

Create a directory in which sftpuser is free to put any files in it:

1sudo mkdir /home/sftpuser/public

2sudo chown sftpuser:sftpusers /home/sftpuser/public

3sudo chmod 777 /home/sftpuser/public