Chinaunix首页 | 论坛 | 博客

Blue Dreams

首页 |  博文目录 |  关于我

ruknow

  • 博客访问: 751548
  • 博文数量: 160
  • 博客积分: 2516
  • 博客等级: 大尉
  • 技术积分: 1511
  • 用 户 组: 普通用户
  • 注册时间: 2004-10-24 17:58
文章分类

全部博文(160)

文章存档

2019年(2)

2018年(3)

2017年(15)

2016年(3)

2015年(11)

2014年(3)

2013年(1)

2012年(3)

2011年(17)

2010年(25)

2009年(17)

2008年(13)

2007年(14)

2006年(21)

2005年(10)

2004年(2)

我的朋友
最近访客
推荐博文
相关博文
ssh 只传文件 不能登录 限定目录

分类: LINUX

2017-08-30 16:34:13


点击(此处)折叠或打开

  1. group: sftp:x:501:
  2. user: vue:x:501:501::/data/webapps/oa/ROOT:/bin/false


点击(此处)折叠或打开

  1. # $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $
  3. # This is the sshd server system-wide configuration file. See
  4. # sshd_config(5) for more information.
  6. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
  8. # The strategy used for options in the default sshd_config shipped with
  9. # OpenSSH is to specify options with their default value where
  10. # possible, but leave them commented. Uncommented options change a
  11. # default value.
  13. Port 52525
  14. #ListenAddress 0.0.0.0
  15. #ListenAddress ::
  17. # Disable legacy (protocol version 1) support in the server for new
  18. # installations. In future the default will change to require explicit
  19. # activation of protocol 1
  20. Protocol 2
  22. # HostKey for protocol version 1
  23. #HostKey /etc/ssh/ssh_host_key
  24. # HostKeys for protocol version 2
  25. #HostKey /etc/ssh/ssh_host_rsa_key
  26. #HostKey /etc/ssh/ssh_host_dsa_key
  28. # Lifetime and size of ephemeral version 1 server key
  29. #KeyRegenerationInterval 1h
  30. #ServerKeyBits 1024
  32. # Logging
  33. # obsoletes QuietMode and FascistLogging
  34. #LogLevel INFO
  36. # Authentication:
  38. #LoginGraceTime 2m
  39. #StrictModes yes
  40. #MaxAuthTries 6
  41. #MaxSessions 10
  43. #RSAAuthentication yes
  44. #PubkeyAuthentication yes
  45. #AuthorizedKeysFile .ssh/authorized_keys
  46. #AuthorizedKeysCommand none
  47. #AuthorizedKeysCommandRunAs nobody
  49. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  50. #RhostsRSAAuthentication no
  51. # similar for protocol version 2
  52. #HostbasedAuthentication no
  53. # Change to yes if you don't trust ~/.ssh/known_hosts for
  54. # RhostsRSAAuthentication and HostbasedAuthentication
  55. #IgnoreUserKnownHosts no
  56. # Don't read the user's ~/.rhosts and ~/.shosts files
  57. #IgnoreRhosts yes
  59. # To disable tunneled clear text passwords, change to no here!
  60. #PermitEmptyPasswords no
  62. # Change to no to disable s/key passwords
  63. #ChallengeResponseAuthentication yes
  64. ChallengeResponseAuthentication no
  66. # Kerberos options
  67. #KerberosAuthentication no
  68. #KerberosOrLocalPasswd yes
  69. #KerberosTicketCleanup yes
  70. #KerberosGetAFSToken no
  71. #KerberosUseKuserok yes
  73. # GSSAPI options
  74. #GSSAPIAuthentication no
  75. GSSAPIAuthentication yes
  76. #GSSAPICleanupCredentials yes
  77. GSSAPICleanupCredentials yes
  78. #GSSAPIStrictAcceptorCheck yes
  79. #GSSAPIKeyExchange no
  81. # Set this to 'yes' to enable PAM authentication, account processing,
  82. # and session processing. If this is enabled, PAM authentication will
  83. # be allowed through the ChallengeResponseAuthentication and
  84. # PAM authentication via ChallengeResponseAuthentication may bypass
  85. # If you just want the PAM account and session checks to run without
  86. # and ChallengeResponseAuthentication to 'no'.
  87. #UsePAM no
  88. UsePAM yes
  90. # Accept locale-related environment variables
  91. AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
  92. AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
  93. AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
  94. AcceptEnv XMODIFIERS
  96. #AllowAgentForwarding yes
  97. #AllowTcpForwarding yes
  98. #GatewayPorts no
  99. #X11Forwarding no
  100. X11Forwarding yes
  101. #X11DisplayOffset 10
  102. #X11UseLocalhost yes
  103. #PrintMotd yes
  104. #PrintLastLog yes
  105. #TCPKeepAlive yes
  106. #UseLogin no
  107. #UsePrivilegeSeparation yes
  108. #PermitUserEnvironment no
  109. #Compression delayed
  110. #ClientAliveInterval 0
  111. #ClientAliveCountMax 3
  112. #ShowPatchLevel no
  113. #PidFile /var/run/sshd.pid
  114. #MaxStartups 10:30:100
  115. #PermitTunnel no
  116. #ChrootDirectory none
  118. UseDNS no
  119. AddressFamily inet
  120. PermitRootLogin yes
  121. SyslogFacility AUTHPRIV
  122. PasswordAuthentication yes
  123. ClientAliveInterval 60
  124. ClientAliveCountMax 3
  126. # no default banner path
  127. #Banner none
  129. # override default of no subsystems
  130. # yuanzy Subsystem sftp /usr/libexec/openssh/sftp-server
  131. Subsystem sftp internal-sftp
  133. Match Group sftp
  134. X11Forwarding no
  135. AllowTcpForwarding no
  136. ChrootDirectory /data/webapps/oa
  137. ForceCommand internal-sftp
  139. # Example of overriding settings on a per-user basis
  140. #Match User anoncvs
  141. # X11Forwarding no
  142. # AllowTcpForwarding no
  143. # ForceCommand cvs server

点击(此处)折叠或打开

  1. chown -R root.root /data/webapps/oa
  2. chmod -R 755 /data/webapps/oa
  3. chmown -R vue:sftp /data/webapps/oa/ROOT


阅读(795) | 评论(0) | 转发(0) |
0

上一篇:mysql 备份 压缩 ssh 上传

下一篇:jenkins maven/git maven 自动部署 tomcat

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6