基于ssh的sftp拷贝命令

Read

sftp(secure file transfer program)是基于ssh的安全ftp命令，更多参数可以man sftp

sftp下可以使用的命令：get, put, rename,ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp, lpwd, df, and lmkdir.SourceByrd's Weblog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

案例：
主服务器hostname：SSH-MASTER #IP:192.168.199.171/24
辅服务器hostname：SSH-CLIENT-NO01 #192.168.199.172/24SourceByrd's Weblog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

试验过程：

[root@SSH-MASTER tmp]# touch 192.168.199.171.txt
[root@SSH-MASTER tmp]# sftp -oPort=22 root@192.168.199.172
Connecting to 192.168.199.172...
root@192.168.199.172's password: 
sftp> cd /tmp
sftp> ls -al
-rw-r--r--    1 root     root            0 Apr 19 22:07 192.168.199.172
sftp> put 192.168.199.171.txt
Uploading 192.168.199.171.txt to /tmp/192.168.199.171.txt
192.168.199.171.txt                                                                                 100%    0     0.0KB/s   00:00 
sftp> ls -al
-rw-r--r--    1 root     root            0 Apr 19 22:09 192.168.199.171.txt
-rw-r--r--    1 root     root            0 Apr 19 22:07 192.168.199.172
sftp> mkdir hello
sftp> ls -al
-rw-r--r--    1 root     root            0 Apr 19 22:09 192.168.199.171.txt
-rw-r--r--    1 root     root            0 Apr 19 22:07 192.168.199.172
drwxr-xr-x    2 root     root         4096 Apr 19 22:23 hello
[root@SSH-MASTER tmp]# ll
total 0
-rw-r--r--. 1 root root 0 Apr 19 22:05 192.168.199.171.txt
-rwxrwxrwx. 1 byrd byrd 0 Apr 19 20:56 test.txt
sftp> get 192.168.199.172
Fetching /tmp/192.168.199.172 to 192.168.199.172
sftp> 
[root@SSH-MASTER tmp]# ll
total 0
-rw-r--r--. 1 root root 0 Apr 19 22:05 192.168.199.171.txt
-rw-r--r--. 1 root root 0 Apr 19 22:32 192.168.199.172
-rwxrwxrwx. 1 byrd byrd 0 Apr 19 20:56 test.txt

[root@SSH-MASTER tmp]# touch 192.168.199.171.txt

[root@SSH-MASTER tmp]# sftp -oPort=22 root@192.168.199.172

Connecting to 192.168.199.172...

root@192.168.199.172's password:

sftp> cd /tmp

sftp> ls -al

-rw-r--r-- 1 root root 0 Apr 19 22:07 192.168.199.172

sftp> put 192.168.199.171.txt

Uploading 192.168.199.171.txt to /tmp/192.168.199.171.txt

192.168.199.171.txt 100% 0 0.0KB/s 00:00

sftp> ls -al

-rw-r--r-- 1 root root 0 Apr 19 22:09 192.168.199.171.txt

-rw-r--r-- 1 root root 0 Apr 19 22:07 192.168.199.172

sftp> mkdir hello

sftp> ls -al

-rw-r--r-- 1 root root 0 Apr 19 22:09 192.168.199.171.txt

-rw-r--r-- 1 root root 0 Apr 19 22:07 192.168.199.172

drwxr-xr-x 2 root root 4096 Apr 19 22:23 hello

[root@SSH-MASTER tmp]# ll

total 0

-rw-r--r--. 1 root root 0 Apr 19 22:05 192.168.199.171.txt

-rwxrwxrwx. 1 byrd byrd 0 Apr 19 20:56 test.txt

sftp> get 192.168.199.172

Fetching /tmp/192.168.199.172 to 192.168.199.172

sftp>

[root@SSH-MASTER tmp]# ll

total 0

-rw-r--r--. 1 root root 0 Apr 19 22:05 192.168.199.171.txt

-rw-r--r--. 1 root root 0 Apr 19 22:32 192.168.199.172

-rwxrwxrwx. 1 byrd byrd 0 Apr 19 20:56 test.txt

SourceByrd's Weblog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

扩展:[后补]SourceByrd's Weblog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

1:建立用户

$ groupadd sftp -g 2777 $ useradd sftp -u 2777 -g sftp -s /sbin/nologin

0
1

$ groupadd sftp -g 2777
$ useradd sftp -u 2777 -g sftp -s /sbin/nologin

2:配置sshd_config

#Subsystem sftp /usr/libexec/openssh/sftp-server Subsystem sftp internal-sftp X11Forwarding no AllowTcpForwarding no #ForceCommand internal-sftp Match User sftp_user_a ChrootDirectory /opt/sftp $ mkdir /opt/sftp $ chown -R root.root /opt/sftp/

0
1
2
3
4
5
6
7
8
9

#Subsystem      sftp    /usr/libexec/openssh/sftp-server
Subsystem sftp internal-sftp
X11Forwarding no
AllowTcpForwarding no
#ForceCommand internal-sftp
Match User sftp_user_a
ChrootDirectory /opt/sftp

$ mkdir /opt/sftp
$ chown -R root.root /opt/sftp/

3:远程连接

$ /usr/bin/sftp sftp@192.168.227.21 sftp> put a Uploading a to /a remote open("/a"): Permission denied sftp>

0
1
2
3
4

$ /usr/bin/sftp sftp@192.168.227.21
sftp> put a
Uploading a to /a
remote open("/a"): Permission denied
sftp>

4:免密传输
yum install lftp

#!/bin/bash # Author:Byrd # Version:0.1 # Site:note.t4x.org # Contact:root#t4x.org export LANG=en_US.UTF-8 s_port="22" s_user="sftp" s_passwd="admin123" s_ip="192.168.227.21" #/usr/bin/sftp -P${s_port} ${s_user}@${s_ip} lftp -u ${s_user},${s_passwd} sftp://${s_ip} << EOF #cd /opt/sftp/test cd test #sftp服务器目录 lcd /root/a #sftp客户端目录 mkdir `date +"%Y%m%d"` cd `date +"%Y%m%d"` mput * bye EOF

0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

#!/bin/bash
# Author:Byrd
# Version:0.1
# Site:note.t4x.org
# Contact:root#t4x.org
export LANG=en_US.UTF-8
s_port="22"
s_user="sftp"
s_passwd="admin123"
s_ip="192.168.227.21"
#/usr/bin/sftp -P${s_port} ${s_user}@${s_ip}
lftp -u ${s_user},${s_passwd} sftp://${s_ip} << EOF
  #cd /opt/sftp/test
  cd test   #sftp服务器目录
  lcd /root/a    #sftp客户端目录
  mkdir `date +"%Y%m%d"`
  cd `date +"%Y%m%d"`
  mput *
  bye
EOF

SourceByrd's Weblog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/
问题:

$ chown -R sftp.root /opt/sftp/ #服务器设置 $ /usr/bin/sftp sftp@192.168.227.21 #客户端连接失败 sftp_user_a@192.168.227.21's password: packet_write_wait: Connection to 192.168.227.21 port 22: Broken pipe Couldn't read packet: Connection reset by peer

0
1
2
3
4

$ chown -R sftp.root /opt/sftp/    #服务器设置
$ /usr/bin/sftp sftp@192.168.227.21    #客户端连接失败
sftp_user_a@192.168.227.21's password:
packet_write_wait: Connection to 192.168.227.21 port 22: Broken pipe
Couldn't read packet: Connection reset by peer

SourceByrd's Weblog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/
修复方法:

$ chown -R root.root /opt/sftp/ $ mkdir /opt/sftp/test $ chown -R sftp.root /opt/sftp/test/ $ systemctl restart sshd $ /usr/bin/sftp sftp_user_a@192.168.227.21 sftp_user_a@192.168.227.21's password: Connected to 192.168.227.21. sftp> ls -l drwxr-xr-x 2 2777 0 6 Jan 24 06:59 test sftp> cd test/ sftp> put a Uploading a to /test/a a 100% 0 0.0KB/s 00:00

0
1
2
3
4
5
6
7
8
9
10
11
12

$ chown -R root.root /opt/sftp/
$ mkdir /opt/sftp/test
$ chown -R sftp.root /opt/sftp/test/
$ systemctl restart sshd
$ /usr/bin/sftp sftp_user_a@192.168.227.21
sftp_user_a@192.168.227.21's password:
Connected to 192.168.227.21.
sftp> ls -l
drwxr-xr-x    2 2777     0               6 Jan 24 06:59 test
sftp> cd test/
sftp> put a
Uploading a to /test/a
a                                                                                                                          100%    0     0.0KB/s   00:00

SourceByrd's Weblog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

申明：本文由BYRD原创(基于Centos6.4 X64)，未经许可禁止转载！SourceByrd's Weblog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/ SourceByrd's Weblog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/