sftp传输文件安全吗_如何使用SFTP将文件安全地传输给其他人

最新推荐文章于 2024-07-04 21:00:00 发布

culun797375

最新推荐文章于 2024-07-04 21:00:00 发布

阅读量2.4k

点赞数

文章标签： ftp java linux python 数据库

原文链接：https://www.howtogeek.com/177105/how-to-securely-transfer-files-to-someone-else-with-sftp/

版权

sftp传输文件安全吗

We’ve previously written about hosting your own FTP server, but data is transferred in cleartext, making it unsuitable for confidential file transfers. In this guide we’ll go over the secure version of FTP – SFTP, and why it makes for an excellent way of transferring files to other people across the internet.

我们之前已经写过有关托管自己的FTP服务器的文章，但是数据以明文形式传输，因此不适合用于机密文件传输。在本指南中，我们将介绍FTP的安全版本– SFTP，以及为什么它是通过Internet将文件传输给其他人的绝佳方法。

为什么要使用SFTP？ (Why SFTP?)

Geeks run into this problem all the time: You have a file that’s just too big to transfer over email or instant messenger. Sure, you could upload it to Dropbox or some other cloud service, but what if you don’t have/want an account with them, have enough storage freed up, or what if you just want to bypass the middle man altogether? Not to mention the security concerns with cloud services.

极客经常遇到这个问题：您的文件太大，无法通过电子邮件或即时通讯程序进行传输。当然，您可以将其上传到Dropbox或其他一些云服务，但是如果您没有/想要使用它们的帐户，没有足够的存储空间，或者如果您只想完全绕过中间人怎么办？更不用说云服务的安全问题。

Instead of going through that hassle, you can save time by transferring files (big and small) to your friend by using SFTP. There’s no need to encrypt your files before transfer, because they are being tunneled through the very secure SSH protocol. Not only that, but now you can upload directly to your friend instead of the cloud, saving lots of time.

您可以通过使用SFTP将文件(大小)传输给您的朋友来节省时间，而不用麻烦。传输之前无需加密文件，因为它们通过非常安全的SSH协议进行传输。不仅如此，现在您还可以直接上传到您的朋友而不是云上，从而节省了大量时间。

But wait, there’s more! If you want to share out more files with people, you can just drop them in a specified folder and your buddies can browse that section of your PC as if it were a part of their own. Sharing files can be a whole lot easier with this method, because the uploading will be initiated by your friend instead of you. All you have to do is drag and drop, and let them know they can now download the file(s).

但是，等等，还有更多！如果您想与其他人共享更多文件，只需将它们放在指定的文件夹中，您的伙伴就可以浏览PC的该部分，就好像它属于他们自己的一部分一样。使用此方法可以更轻松地共享文件，因为上传将由您的朋友而不是您发起。您所要做的就是拖放，并让他们知道他们现在可以下载文件。

设置SFTP (Setting up SFTP)

Setting up an SFTP server in Windows is going to require some third party software. Most software that has this functionality is going to cost you, but we will be using a free one called freeFTPd. Click that link to download and install the program. Be forewarned, the developers clearly aren’t native English speakers, and it shows in a lot of the text. Don’t be alarmed though, it’s a legitimate program that we’ve tested and everything checks out – you’ll be hard-pressed to find a better free alternative.

在Windows中设置SFTP服务器将需要某些第三方软件。大多数具有此功能的软件都将向您收费，但我们将使用一个名为freeFTPd的免费软件。单击该链接下载并安装程序。请注意，开发人员显然不是母语为英语的人，并且在很多文字中都显示了这一点。不过请不要惊慌，它是我们已经测试过的合法程序，所有内容都可以检出-很难找到更好的免费替代品。

Go through installation as normal, and at the end there will two prompts, one asking if private keys should be created, and the other asking if it should run as a service; click Yes on both.

正常进行安装，最后会有两个提示，一个询问是否应创建私钥，另一个询问是否应作为服务运行；两者都单击“是”。

When installation finishes, open freeFTPd via the new shortcut icon on your desktop. We ran into problems writing configuration changes, so make sure you right click on the icon and run the program as Administrator.

安装完成后，通过桌面上的新快捷方式图标打开freeFTPd。我们在编写配置更改时遇到了问题，因此请确保您右键单击该图标并以管理员身份运行该程序。

To get started with the configuration, click on Users to the left.

要开始配置，请单击左侧的“用户”。

In this menu, click on Add and fill out the information for a new user account to access your server.

在此菜单中，单击添加，然后为新用户帐户填写信息以访问您的服务器。

Under Authorization, you can choose to use “NT authentication” or “Password stored as SHA1 hash.” NT authentication means that it uses a Windows username and password, so you’d need to create a new user on your computer for anyone who accesses the SFTP directory. In most cases, it will probably be best to just store the password as a SHA1 hash and keep the SFTP user separate from the Windows users.

在授权下，您可以选择使用“ NT身份验证”或“存储为SHA1哈希的密码”。 NT身份验证意味着它使用Windows用户名和密码，因此您需要在计算机上为访问SFTP目录的任何人创建一个新用户。在大多数情况下，最好仅将密码存储为SHA1哈希，并使SFTP用户与Windows用户分开。

After you’ve typed in the desired username and password, uncheck the “FTP server” box towards the bottom and then click Apply. Now that the user is setup, click on the SFTP tab.

输入所需的用户名和密码后，取消选中底部的“ FTP服务器”框，然后单击“应用”。现在已经设置了用户，单击SFTP选项卡。

The only thing really worth changing on this tab is the SFTP root directory. This specifies where the files you want to share out will reside. For simplicity, we’re just going to change the already populated directory to a folder on the desktop.

在此选项卡上唯一真正值得更改的是SFTP根目录。这指定了要共享的文件将驻留的位置。为了简单起见，我们将要将已经填充的目录更改为桌面上的文件夹。

Once you’re ready to begin hosting files, click the Start button in this tab. Windows Firewall will probably pop up and ask you if this is OK – click Allow access.

准备开始托管文件后，请单击此选项卡中的开始按钮。 Windows防火墙可能会弹出并询问您是否可以–单击“允许访问”。

Now you should be able to return to the Status tab and see that your SFTP server is running.

现在，您应该能够返回到“状态”选项卡，并看到您的SFTP服务器正在运行。

Click on Apply & Save to keep these changes and then close the window.

单击“应用并保存”以保留这些更改，然后关闭窗口。

freeFTPd will continue to run in the background. To access it, just open it up from the notification area.

freeFTPd将继续在后台运行。要访问它，只需从通知区域将其打开。

访问SFTP目录 (Accessing the SFTP Directory)

Put a couple of files in your SFTP directory so we can do some testing. If you left the home directory for the user at its default ($SERVERROOT\geek in our example), then you’ll need to create another directory within the SFTP root directory.

将几个文件放在您的SFTP目录中，以便我们进行一些测试。如果您将用户的主目录保留为默认目录(在我们的示例中为$ SERVERROOT \ geek)，则需要在SFTP根目录中创建另一个目录。

As you can see in this screenshot, we put two test files into the ‘geek’ directory which is inside of the ‘SFTP server files’ (SFTP root directory) folder. Make sure that port 22 is forwarded to your PC on your router, and then you’re ready for someone to connect to your PC. See this guide if you need help with port forwarding.

如您在此屏幕快照中所见，我们将两个测试文件放入“ SFTP服务器文件”(SFTP根目录)文件夹内的“ geek”目录中。确保将端口22转发到路由器上的PC，然后准备好有人连接到PC。如果您需要端口转发方面的帮助，请参阅本指南。

Have your buddy download an FTP client that is able to access SFTP servers – our recommendation is FileZilla. They will just need to type in your IP address, the username and password that you configured earlier, and specify the port your server is running on (if you left it at the default, it will be port 22).

让您的伙伴下载一个能够访问SFTP服务器的FTP客户端-我们的建议是FileZilla 。他们只需要输入您的IP地址，先前配置的用户名和密码，并指定服务器运行的端口即可(如果将其保留为默认端口，则为端口22)。

The first time they connect to your server, they will be prompted to save the host keys. They just need to check the “Always trust” box and click OK to never be prompted about this again (unless you change your host keys for some reason).

他们第一次连接到服务器时，将提示他们保存主机密钥。他们只需要选中“始终信任”框，然后单击“确定”就不会再出现此提示(除非您出于某种原因更改了主机密钥)。