sftp服务器配置(绝对好用)

1、创建用户组sftp

groupadd sftp

 

2、更改/etc/ssh/sshd_config文件、在文件中加入以下几行

Subsystem       sftp    internal-sftp
#匹配用户组sftp
Match   group   sftp
#设置sftp用户的根目录(/sftp/%u)
ChrootDirectory /sftp/%u
ForceCommand    internal-sftp

 

3、在更目录下创建sftp数据目录sftp,并设置权限为750,属主:root ,属组:sftp

cd /
mkdir -m 750 sftp
chown root:sftp sftp

 

4、创建用户test,加入用户组sftp,设置shell客户端不可登陆,设置不存在用户目录,设置用户密码为test。

useradd -g sftp -s /bin/false -M test
echo -e "test\ntest" | passwd $2

 

5、创建用户目录test、设置权限为750、设置目录的属组与属主

mkdir - m 750 /sftp/test
chown root:sftp /sftp/test


6、创建上传目录、下载目录并设置属性

mkdir -m 755 /sftp/test/upload
chown test:sftp /sftp/test/upload

mkdir -m 444 /sftp/test/download
chown test:sftp /sftp/test/download

 

7、设置SELINUX状态:修改/etc/selinux/config文件,将SELINUX=enforcing改为SELINUX=disenable,然后运行setenforce 0

8、重启sshd进程

service sshd restart


 

//--------------------------------------------------------------------------以下为创建sftp用户脚本(不完整)

#/bin/bash

str="Add user: Useage '$0' -u  username passwd. \nModify password : Useage '$0' -m username passwd.\nDelete user :Useage '$0' -d username."

if [ "$1" == "-u" ] || [ "$1" == "-U" ];then
	echo "add sftp user ... ..."
	
	if [ -n "$4" ];then
		echo -e $str
		exit -1
	fi
	
	if [ -z "$2" ] && [ -z "$3" ];then
		echo -e $str
		exit -1
	fi
	 
	useradd -g sftp -s /bin/false -M $2

	if [ $? -eq 0 ];then
		echo -e "$3\n$3" | passwd $2
	else
		exit -1
	fi

	
	if [ $? -eq 0 ];then
		if [ -d /sftp/$2 ];then
			DATE=`date +%Y-%m-%d_%H:%M:%S`
			mv /sftp/$2 /sftp/back/$2.$DATE
		fi
		mkdir /sftp/$2
	else
		exit -1
	fi

	
	if [ $? -eq 0 ];then
		chmod 750 /sftp/$2
	else
		exit -1
	fi


	if [ $? -eq 0 ];then
		chown root:sftp /sftp/$2
	else
		exit -1
	fi

	
	if [ $? -eq 0 ];then
		mkdir -m 755 /sftp/$2/upload
	else
		exit -1
	fi
	
	if [ $? -eq 0 ];then
		mkdir -m 444 /sftp/$2/download
	else
		exit -1
	fi


	if [ $? -eq 0 ];then
		chown $2.sftp /sftp/$2/upload
	else
		exit -1
	fi
	
	
	if [ $? -eq 0 ];then
		chown $2.sftp /sftp/$2/download
	else
		exit -1
	fi
	
	if [ $? -eq 0 ];then
		exit 0
	else
		exit -1
	fi

elif [ "$1" == "-m" ] || [ "$1" == "-M" ];then
	echo "Modify sftp user password ..."
	
	if [ -n "$4" ];then
		echo -e $str
		exit -1
	fi
	
	if [ -z "$2" ] || [ -z $3 ];then
		echo -e $str
		echo -1
	fi
	
	echo -e "$3\n$3" | passwd $2
	
	if [ $? -eq 0 ];then
		exit 0
	else
		exit -1
	fi
elif [ "$1" == "-d" ] || [ "$1" == "-D" ];then
	echo "Delete sftp user ..."
	
	if [ -n "$3" ];then
		echo -e $str
		exit -1
	fi

	if [ -z "$2" ];then
		echo -e $str
		exit -1
	fi
	
	userdel $2

	if [ $? -eq 0 ];then
		rm -rf /sftp/$2
		rm /var/mail/$2
	fi

	if [ $? -eq 0 ];then
		exit 0
	fi
	
else
	echo -e $str
	exit -1
fi


 

 

 

 

 


 


 

 

 

 

阅读更多
换一批

没有更多推荐了,返回首页