sftp的安装和使用

http://blog.srmklive.com/2013/04/24/how-to-setup-sftp-server-ftp-over-ssh-in-ubuntu/

In my previous post, i discussed about how to install & configure FTP Server on Ubuntu. In this post, i will discuss about how to setup SFTP server in Ubuntu. First you need to install openssh-server, which can be done using command:

1	sudo apt-get install openssh-server ssh

You can use the following commands for ssh:

1	sudo service ssh start          # Starts SSH Servier

2	sudo service ssh restart        # Restarts SSH Server

3	sudo service ssh stop           # Stops SSH Server

4	sudo service ssh status         # Gives a short description of the status of the SSH server

First create a backup of the /etc/ssh/sshd_config file and name it as/etc/ssh/sshd_config.bak. When done, open the /etc/ssh/sshd_config file:

1	sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

2	sudo vi /etc/ssh/sshd_config

Now edit the file /etc/ssh/sshd_config and add/edit the following lines:

#Subsystem sftp /usr/lib/openssh/sftp-server

2	Subsystem sftp internal-sftp -f AUTH -1 VERBOSE

3

4	#Uncomment this line if already commented

5	UsePAM yes

6

7	AllowGroups sftpusers sftp root

8

9	Match Group sftpusers

10	ChrootDirectory %h

11	AllowTCPForwarding no

12	X11Forwarding no

13	ForceCommand internal-sftp

这里如果你想加入其他的用户test，并将它的目录限定在/home/test目录，需要加入如下的内容：

执行如下命令：sudo usermod -a -G sftpusers test

再sshd_config中加入如下内容：
Match user test
ChrootDirectory /home/test
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp

 为了不让test账户登录，可以设置/etc/passwd中的test账户为nologin。

Now lets create the relevant users & groups. First the create user group sftpusers using command:

1	sudo groupadd sftpusers

Now create a user suppose sftpuser. The commands listed below will create the user, add it to the sftpusers, and update its password

1	sudo adduser sftpuser

2	sudo usermod -a -G sftpusers sftpuser

3	sudo passwd sftpuser

Now proceed with modifying the permissions of the users home directory to allow for chrooting:

1	sudo chown root:sftpusers /home/sftpuser

2	sudo chmod 750 /home/sftpuser

Create a directory in which sftpuser is free to put any files in it:

1	sudo mkdir /home/sftpuser/public

2	sudo chown sftpuser:sftpusers /home/sftpuser/public

3	sudo chmod 777 /home/sftpuser/public