我必须从远程目录自动下载一个我只知道部分名称的文件(例如“file-vers.1.2.3.zip”,其中版本号是未知部分)。
由于 和 都不wget接受curl路径中的 '*' 特殊字符,我想我需要先下载目录内容(相当于ls或dir),解析它,提取我需要的文件名,检查它的版本是否比我已经拥有的版本更新,然后将它传递给wget或curl。
如果没有比这更快的方法,我的问题是:如何从 HTTPS 和 SFTP 存储库下载目录内容?
我是否必须拥有 rsa 私钥,或者是否可以使用用户名和密码?
我问是因为对 .NET 的 SSH.NET 库的解释:
“使用密码和公钥身份验证建立 SFTP 连接:”
是否有必要或者我可以使用其中一种吗?
我的问题是:是否需要我有一个私钥才能使用 SFTP 将文件上传到服务器,还是用户名/密码就足够了?
我在托管公司维护一个社区网站。每两周一次,我需要将备份下载到我的家庭 Linux 主机作为异地备份。备份总共大约 110M 字节。否则我的网站是空闲的。
我使用 sftp 下载。此下载会在托管公司中触发警报:IO 或网络超出限制。限制为每秒 5M 字节或位。然后托管公司会自动关闭我的网站。
我的 sftp 命令非常通用
sftp myname@mysite <<EOF
get -p file1_100M
get -p file2_5M
EOF
我看到很多关于加快文件传输的帖子。我的目标实际上是尽可能地减慢它的速度。
我的 Linux 是 Ubuntu 18。托管公司还在带有标准 C 面板的 LAMP 堆栈(Linux Apache MySQL PHP)中使用 Linux。
我最近才发现这个 sftp/ftp 的东西,我们是否有可能创建一个目录,我们可以在另一台计算机上使用 filezilla 或其他类似的应用程序连接到我的家用电脑作为服务器。
那些服务器也是计算机,所以也许我认为我们的家用电脑作为服务器这可能有用吗?
几年来,我一直在使用 Sublime Text 上的 SFTP 包连接到 AWS EC2 实例,但从未遇到任何问题。今天我创建了一个新实例,由于某种原因我无法连接到它。
当我尝试连接到任何其他实例时,连接有效。当我尝试使用 PuTTY 连接时,连接也有效。只有当我尝试通过 Sublime Text 连接时才会出现问题。
sftp-config.json:
{
"type": "sftp",
"save_before_upload": true,
"upload_on_save": true,
"sync_down_on_open": true,
"sync_skip_deletes": false,
"sync_same_age": true,
"confirm_downloads": false,
"confirm_sync": true,
"confirm_overwrite_newer": false,
"host": "00.000.000.000",
"user": "<Username>",
"port": "22",
"remote_path": "/var/www/html/",
"ignore_regexes": [
"\\.sublime-(project|workspace)", "sftp-config(-alt\\d?)?\\.json",
"sftp-settings\\.json", "/venv/", "\\.svn/", "\\.hg/", "\\.git/",
"\\.bzr", "_darcs", "CVS", "\\.DS_Store", "Thumbs\\.db", "desktop\\.ini"
],
"file_permissions": "755",
"dir_permissions": "755",
"connect_timeout": 30,
"ssh_key_file": "C:/AWS Key Pairs.ppk",
}
崇高的控制台:
Connecting to SFTP server "00.000.000.000" as "<Username>" ........... failure (Connection timeout)
sublime_sftp_debug.txt:
2022-06-01 00:12:19, SFTP Read:
Using username "<Username>".
Server refused our key
FATAL ERROR: No supported authentication methods available (server sent: publickey)
远程服务器的 auth.log:
Jun 1 04:12:18 ip-000-00-00-000 sshd[59492]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]
Jun 1 04:12:18 ip-000-00-00-000 sshd[59492]: Connection closed by authenticating user <Username> 00.00.000.00 port 49161 [preauth]
有谁碰巧知道为什么会出现这个问题?在此错误之前,出现了另一个关于 PuTTYgen 生成的密钥版本的错误。生成私钥时可能是其他一些配置,但我已经尝试过几个不同的教程,但都没有奏效。
是否可以映射为网络驱动器,我 SFTP 到的服务器?
例如 FileZilla 或 WinSCP(支持 SFTP)可以让您浏览您 SFTP 到的服务器。但我想将驱动器号映射到它。
我已经设置了一些由 digitalocean 托管的虚拟机/VPS(“数字海洋水滴”)。我可以通过 SSH 连接到他们,这意味着我可以进行 SFTP。
与 SFTP 客户端连接一切都很好,例如 FileZilla 客户端(或支持 SFTP 的 WinSCP 客户端),但我想将一些虚拟机的驱动器映射到我的 windows 计算机上的驱动器号。
我对此进行了谷歌搜索,并提出了适用于 Windows 的 SSHFS Win Manager。https://sftptogo.com/blog/how-to-map-sftp-as-a-windows-10-drive/ (虽然我在 Windows 7 上)。我不知道它是否不是很多人使用的程序,这可能解释了一些事情。
我无法获得适用于 Windows 的 SSHFS,以连接到 SSH/SFTP 服务器。
我可以从 cygwin SSH 到它
(文件“bleh”只是私钥 id_rsa 的副本)
$ ssh -i ~/.ssh/bleh user@164....
FileZilla 也很好。
但是 SSHFS Win Manager 连接不上。设置似乎一切正常。
我的 WinSCP 配置:
File protocol: SCP
user name: namjoo
port: 22
settings > SCP/Shell > Shell: sudo su -
当我尝试连接时,出现此错误:
跳过启动消息时出错。您的 shell 可能与应用程序不兼容(推荐使用 BASH)。
我的日志文件是:
root@hostname:~# systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-05-14 17:21:37 UTC; 1h 36min ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 2519 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
Main PID: 2532 (sshd)
Tasks: 1 (limit: 19062)
Memory: 3.1M
CGroup: /system.slice/ssh.service
└─2532 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
May 14 18:17:25 hostname sshd[2905]: pam_unix(sshd:session): session closed for user my_username
May 14 18:18:00 hostname sshd[2995]: Accepted password for my_username from 192.168.1.151 port 60242 ssh2
May 14 18:18:00 hostname sshd[2995]: pam_unix(sshd:session): session opened for user my_username by (uid=0)
May 14 18:18:01 hostname sshd[2995]: pam_unix(sshd:session): session closed for user my_username
May 14 18:20:40 hostname sshd[3112]: Accepted password for my_username from 192.168.1.151 port 60495 ssh2
May 14 18:20:40 hostname sshd[3112]: pam_unix(sshd:session): session opened for user my_username by (uid=0)
May 14 18:20:41 hostname sshd[3112]: pam_unix(sshd:session): session closed for user my_username
May 14 18:58:16 hostname sshd[3233]: Accepted password for my_username from 192.168.1.151 port 64655 ssh2
May 14 18:58:16 hostname sshd[3233]: pam_unix(sshd:session): session opened for user my_username by (uid=0)
May 14 18:58:17 hostname sshd[3233]: pam_unix(sshd:session): session closed for user my_username
我的用户是my_username. 我最近安装了它。WinSCP 日志文件内容:
. 2022-05-15 19:57:10.067 --------------------------------------------------------------------------
. 2022-05-15 19:57:10.067 WinSCP Version 5.17.10 (Build 11087) (OS 10.0.19043 - Windows 10 Enterprise)
. 2022-05-15 19:57:10.067 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2022-05-15 19:57:10.067 Log level: Normal
. 2022-05-15 19:57:10.067 Local account: WIN\namjoo
. 2022-05-15 19:57:10.067 Working directory: C:\Program Files (x86)\WinSCP
. 2022-05-15 19:57:10.067 Process ID: 5692
. 2022-05-15 19:57:10.067 Command-line: "C:\Program Files (x86)\WinSCP\WinSCP.exe"
. 2022-05-15 19:57:10.067 Time zone: Current: GMT+4:30, Standard: GMT+3:30 (Iran Standard Time), DST: GMT+4:30 (Iran Daylight Time), DST Start: 3/22/2022, DST End: 9/21/2022
. 2022-05-15 19:57:10.067 Login time: Sunday, May 15, 2022 7:57:10 PM
. 2022-05-15 19:57:10.067 --------------------------------------------------------------------------
. 2022-05-15 19:57:10.067 Session name: [email protected] (Site)
. 2022-05-15 19:57:10.067 Host name: 192.168.1.150 (Port: 22)
. 2022-05-15 19:57:10.067 User name: namjoo (Password: No, Key file: No, Passphrase: No)
. 2022-05-15 19:57:10.067 Tunnel: No
. 2022-05-15 19:57:10.067 Transfer Protocol: SCP
. 2022-05-15 19:57:10.067 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec
. 2022-05-15 19:57:10.067 Disable Nagle: No
. 2022-05-15 19:57:10.067 Proxy: None
. 2022-05-15 19:57:10.067 Send buffer: 262144
. 2022-05-15 19:57:10.067 SSH protocol version: 2; Compression: No
. 2022-05-15 19:57:10.067 Bypass authentication: No
. 2022-05-15 19:57:10.067 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: Yes
. 2022-05-15 19:57:10.067 GSSAPI: Forwarding: No; Libs: gssapi32,sspi,custom; Custom:
. 2022-05-15 19:57:10.067 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2022-05-15 19:57:10.067 KEX: ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1
. 2022-05-15 19:57:10.067 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2022-05-15 19:57:10.067 Simple channel: Yes
. 2022-05-15 19:57:10.067 Return code variable: Autodetect; Lookup user groups: Auto
. 2022-05-15 19:57:10.067 Shell: sudo su -
. 2022-05-15 19:57:10.067 EOL: LF, UTF: Auto
. 2022-05-15 19:57:10.067 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No
. 2022-05-15 19:57:10.067 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No; Exit code 1 is error: No
. 2022-05-15 19:57:10.067 Local directory: default, Remote directory: /var/www/lichens, Update: Yes, Cache: Yes
. 2022-05-15 19:57:10.067 Cache directory changes: Yes, Permanent: Yes
. 2022-05-15 19:57:10.067 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2022-05-15 19:57:10.067 DST mode: Unix;Timezone offset: 0h 0m
. 2022-05-15 19:57:10.067 --------------------------------------------------------------------------
. 2022-05-15 19:57:10.120 Looking up host "192.168.1.150" for SSH connection
. 2022-05-15 19:57:10.120 Connecting to 192.168.1.150 port 22
. 2022-05-15 19:57:10.136 We claim version: SSH-2.0-WinSCP_release_5.17.10
. 2022-05-15 19:57:10.136 Remote version: SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
. 2022-05-15 19:57:10.136 Using SSH protocol version 2
. 2022-05-15 19:57:10.136 Have a known host key of type ssh-ed25519
. 2022-05-15 19:57:10.152 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
. 2022-05-15 19:57:10.276 Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them
. 2022-05-15 19:57:10.276 Host key fingerprint is:
. 2022-05-15 19:57:10.276 ssh-ed25519 255 65:d6:2c:01:60:77:9b:bc:e3:71:b0:92:00:ee:32:88 obPgbW2b75UCCFNcIELRozzTRqFSbLNRNOccK63VtTE=
. 2022-05-15 19:57:10.338 Host key matches cached key
. 2022-05-15 19:57:10.338 Initialised AES-256 SDCTR (AES-NI accelerated) outbound encryption
. 2022-05-15 19:57:10.338 Initialised HMAC-SHA-256 outbound MAC algorithm
. 2022-05-15 19:57:10.338 Initialised AES-256 SDCTR (AES-NI accelerated) inbound encryption
. 2022-05-15 19:57:10.338 Initialised HMAC-SHA-256 inbound MAC algorithm
! 2022-05-15 19:57:10.338 Using username "namjoo".
. 2022-05-15 19:57:10.369 Server offered these authentication methods: publickey,password
. 2022-05-15 19:57:10.369 Prompt (password, "SSH password", <no instructions>, "&Password: ")
. 2022-05-15 19:57:14.784 Sent password
. 2022-05-15 19:57:14.810 Access granted
. 2022-05-15 19:57:14.810 Opening main session channel
. 2022-05-15 19:57:15.576 Opened main channel
. 2022-05-15 19:57:15.576 Started a shell/command
. 2022-05-15 19:57:15.607 --------------------------------------------------------------------------
. 2022-05-15 19:57:15.607 Using SCP protocol.
. 2022-05-15 19:57:15.607 Doing startup conversation with host.
. 2022-05-15 19:57:15.623 Skipping host startup message (if any).
> 2022-05-15 19:57:15.623 echo "WinSCP: this is end-of-file:0"
! 2022-05-15 19:57:15.623 sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper
. 2022-05-15 19:57:15.623 Session sent command exit status 1
. 2022-05-15 19:57:15.623 Main session channel closed
. 2022-05-15 19:57:15.623 All channels closed
. 2022-05-15 19:57:15.623 Attempt to close connection due to fatal exception:
* 2022-05-15 19:57:15.623 **Connection has been unexpectedly closed.** Server sent command exit status 1.
. 2022-05-15 19:57:15.623 Closing connection.
* 2022-05-15 19:57:15.652 (EFatal) **Connection has been unexpectedly closed.** Server sent command exit status 1.
* 2022-05-15 19:57:15.652 Error skipping startup message. Your shell is probably incompatible with the application (BASH is recommended).
cat /etc/sudoers:
root ALL=(ALL:ALL) ALL
darwin ALL=NOPASSWD:ALL
namjoo ALL=NOPASSWD:ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
我创建了我的第一个公共服务器——托管在谷歌云上的 SFTP 服务器。我在测试的第二天检查了身份验证日志,发现我每分钟都会从随机人那里得到 4-10 次点击!16 小时内有 3700 个请求失败 - 这看起来很荒谬,所以我想知道是否有任何方法可以阻止它们。我对防火墙的经验几乎为零 - 我希望避免默认拒绝所有人并且只允许列入白名单的 IP,但也许我必须考虑一下。
Apr 4 13:34:05 nfp sshd[12034]: Failed password for invalid user tjkim from 134.122.9.249 port 48930 ssh2
Apr 4 13:34:13 nfp sshd[12107]: Failed password for invalid user barman from 198.58.119.132 port 39626 ssh2
Apr 4 13:34:16 nfp sshd[12119]: Failed password for invalid user rscreen from 203.205.37.233 port 33740 ssh2
Apr 4 13:34:16 nfp sshd[12121]: Failed password for invalid user oakda from 164.90.194.36 port 41566 ssh2
Apr 4 13:34:18 nfp sshd[12123]: Failed password for invalid user lia from 43.130.60.190 port 46610 ssh2
Apr 4 13:34:20 nfp sshd[12125]: Failed password for invalid user hongphong from 193.106.60.145 port 33020 ssh2
Apr 4 13:34:23 nfp sshd[12127]: Failed password for invalid user uucpsh from 157.245.101.31 port 59112 ssh2
Apr 4 13:34:27 nfp sshd[12129]: Failed password for invalid user legaltech from 43.154.249.125 port 33970 ssh2
Apr 4 13:34:51 nfp sshd[12132]: Failed password for invalid user dhamu from 164.90.198.71 port 36212 ssh2
Apr 4 13:34:57 nfp sshd[12134]: Failed password for invalid user onapp from 115.182.105.68 port 46286 ssh2
对新手有什么指导吗?
我在 windows server 2022 上使用 openssh 服务设置了 sftp。我可以使用 Filezilla 从客户端连接 sftp 服务器。我的问题是,像 filezilla 这样的 sftp 客户端软件是否总是需要连接到 sftp 服务器,或者是否有任何其他方式可以通过 Windows 资源管理器或 Web 浏览器进行连接?
我曾经通过资源管理器和 Web 浏览器连接到我的实习生 ftp 服务器。但是 sftp 不允许这样连接...
你的想法是什么?