基于ssh的sftp拷贝命令

sftp(secure file transfer program)是基于ssh的安全ftp命令，更多参数可以man sftp

sftp下可以使用的命令：get, put, rename,ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp, lpwd, df, and lmkdir.文 章 源 自 note.t4x.orgByrd's Blog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

案例：
主服务器hostname：SSH-MASTER #IP:192.168.199.171/24
辅服务器hostname：SSH-CLIENT-NO01 #192.168.199.172/24文 章 源 自 note.t4x.orgByrd's Blog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

试验过程：

扩展:[后补]文 章 源 自 note.t4x.orgByrd's Blog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

1:建立用户

$ groupadd sftp -g 2777 $ useradd sftp -u 2777 -g sftp -s /sbin/nologin

0 1	$ groupadd sftp -g 2777 $ useradd sftp -u 2777 -g sftp -s /sbin/nologin

2:配置sshd_config

#Subsystem sftp /usr/libexec/openssh/sftp-server Subsystem sftp internal-sftp X11Forwarding no AllowTcpForwarding no #ForceCommand internal-sftp Match User sftp_user_a ChrootDirectory /opt/sftp $ mkdir /opt/sftp $ chown -R root.root /opt/sftp/

0 1 2 3 4 5 6 7 8 9

#Subsystem      sftp    /usr/libexec/openssh/sftp-server Subsystem sftp internal-sftp X11Forwarding no AllowTcpForwarding no #ForceCommand internal-sftp Match User sftp_user_a ChrootDirectory /opt/sftp   $ mkdir /opt/sftp $ chown -R root.root /opt/sftp/

3:远程连接

$ /usr/bin/sftp sftp@192.168.227.21 sftp> put a Uploading a to /a remote open("/a"): Permission denied sftp>

0 1 2 3 4

$ /usr/bin/sftp sftp@192.168.227.21 sftp> put a Uploading a to /a remote open("/a"): Permission denied sftp>

4:免密传输
yum install lftp

#!/bin/bash # Author:Byrd # Version:0.1 # Site:note.t4x.org # Contact:root#t4x.org export LANG=en_US.UTF-8 s_port="22" s_user="sftp" s_passwd="admin123" s_ip="192.168.227.21" #/usr/bin/sftp -P${s_port} ${s_user}@${s_ip} lftp -u ${s_user},${s_passwd} sftp://${s_ip} << EOF #cd /opt/sftp/test cd test #sftp服务器目录 lcd /root/a #sftp客户端目录 mkdir `date +"%Y%m%d"` cd `date +"%Y%m%d"` mput * bye EOF

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

#!/bin/bash # Author:Byrd # Version:0.1 # Site:note.t4x.org # Contact:root#t4x.org export LANG=en_US.UTF-8 s_port="22" s_user="sftp" s_passwd="admin123" s_ip="192.168.227.21" #/usr/bin/sftp -P${s_port} ${s_user}@${s_ip} lftp -u ${s_user},${s_passwd} sftp://${s_ip} << EOF   #cd /opt/sftp/test   cd test   #sftp服务器目录     lcd /root/a    #sftp客户端目录   mkdir `date +"%Y%m%d"`   cd `date +"%Y%m%d"`   mput *   bye EOF

文 章 源 自 note.t4x.orgByrd's Blog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

问题:

$ chown -R sftp.root /opt/sftp/ #服务器设置 $ /usr/bin/sftp sftp@192.168.227.21 #客户端连接失败 sftp_user_a@192.168.227.21's password: packet_write_wait: Connection to 192.168.227.21 port 22: Broken pipe Couldn't read packet: Connection reset by peer

0 1 2 3 4

$ chown -R sftp.root /opt/sftp/    #服务器设置 $ /usr/bin/sftp sftp@192.168.227.21    #客户端连接失败 sftp_user_a@192.168.227.21's password: packet_write_wait: Connection to 192.168.227.21 port 22: Broken pipe Couldn't read packet: Connection reset by peer

文 章 源 自 note.t4x.orgByrd's Blog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

修复方法:

$ chown -R root.root /opt/sftp/ $ mkdir /opt/sftp/test $ chown -R sftp.root /opt/sftp/test/ $ systemctl restart sshd $ /usr/bin/sftp sftp_user_a@192.168.227.21 sftp_user_a@192.168.227.21's password: Connected to 192.168.227.21. sftp> ls -l drwxr-xr-x 2 2777 0 6 Jan 24 06:59 test sftp> cd test/ sftp> put a Uploading a to /test/a a 100% 0 0.0KB/s 00:00

0 1 2 3 4 5 6 7 8 9 10 11 12

$ chown -R root.root /opt/sftp/           $ mkdir /opt/sftp/test $ chown -R sftp.root /opt/sftp/test/ $ systemctl restart sshd $ /usr/bin/sftp sftp_user_a@192.168.227.21 sftp_user_a@192.168.227.21's password: Connected to 192.168.227.21. sftp> ls -l drwxr-xr-x    2 2777     0               6 Jan 24 06:59 test sftp> cd test/ sftp> put a Uploading a to /test/a a                                                                                                                          100%    0     0.0KB/s   00:00

文 章 源 自 note.t4x.orgByrd's Blog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/

申明：本文由BYRD原创(基于Centos6.4 X64)，未经许可禁止转载！文 章 源 自 note.t4x.orgByrd's Blog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/ 文 章 源 自 note.t4x.orgByrd's Blog-https://note.t4x.org/basic/ssh-secure-file-transfer-program/