该楼层疑似违规已被系统折叠 隐藏此楼查看此楼
Subsystem sftp internal-sftp -I INFO -f local5 # 指定使用sftp服务使用系统自带的internal-sftp
LogLevel INFO
Match Group sftp,sftpadmin # 匹配sftp组的用户,若要匹配多个组,可用逗号分开
ChrootDirectory /home/sftp/ # 限制用户的根目录
ForceCommand internal-sftp # 只能用于sftp登录
AllowTcpForwarding no # 禁止用户使用端口转发
X11Forwarding no # 禁止用户使用端口转发
但是收集到的日志不全
tail -f /var/log/sftp.log
Mar 6 06:58:38 JXCP-FTP sshd[8178]: error: Received disconnect from 192.168.0.7 port 2905:0: [postauth]
Mar 6 06:58:38 JXCP-FTP sshd[8178]: Disconnected from 192.168.0.7 port 2905 [postauth]
Mar 6 06:58:38 JXCP-FTP sshd[8178]: pam_unix(sshd:session): session closed for user zgj
Mar 6 06:58:38 JXCP-FTP systemd-logind: Removed session 1025.
Mar 6 07:01:01 JXCP-FTP sshd[7896]: pam_unix(sshd:session): session closed for user guestsftp
Mar 6 07:01:01 JXCP-FTP systemd-logind: Removed session 1018.
Mar 6 07:01:07 JXCP-FTP sshd[7897]: pam_unix(sshd:session): session closed for user guestsftp
Mar 6 07:01:07 JXCP-FTP systemd-logind: Removed session 1017.
Mar 6 07:01:08 JXCP-FTP sshd[6763]: pam_unix(sshd:session): session closed for user guestsftp
Mar 6 07:01:08 JXCP-FTP systemd-logind: Removed session 952.