在开始介绍如何使用sftp之前,先简单说明一下sftp和ftps不是一回事情,很多人把这2个协议搞混了,有人还把Filezilla配置ftps来说明怎么利用filezilla如何配置sftp。其实filezilla服务端是不支持sftp协议的,客户端支持。
我们ftp不是一个安全的协议,其发送的内容很都是以明文的方式发送,包括用户名,密码还有文件内容。因此后来又引入了 secure ftp,就是安全的ftp协议,这其中包含了
1. sftp
这个协议由 ftp + SSH
2. ftps
而这个协议则有ftp + ssl组成
关于协议的解释不是我们的重点,这里我们只关心怎么来利用其中一个协议来完成我们 安全ftp协议。先说下关于协议的选择。
一开始我是选择了ftps来实验的,这样我就可以使用filezilla这个方案,因为它即提供了ftp的服务端也实现了客户端。但是在配置过程发现很是奇怪,配置的时候并没有提到公钥。我们知道,ssl的安全性就是靠这一对(或者两对)公私钥来保障的,如果只是拿私钥的话,根本就无法实现ssl协议,因为无法从私钥推断出公钥(反过来也是一样),当然如果能推断出的话,那么ssl的安全性就无从谈起了。
上面这段是我之前错误的理解,后来发现其实证书里面本身就包含了公钥。当客户端首次访问服务端时,服务端就会发送这个证书给客户端,这样客户端就有了这个公钥,就可以拿这个公钥加密一段文字发送给服务端来验证服务端的真实性。
关于ftps的配置方法我是参考filezilla的官方的wiki来配置,所以在配置的方法上就应该是没有什么的了。
所以我的结论是filezilla的对ftps协议的支持有缺陷。后来我也没有发现其他的支持ftps的服务端软件,因此放弃ftps,改用sftp。
在使用ftp上传文件的时候我们将应用场景分为2类。
1. 手动上传下载
2. 在你自己的程序中控制客户端上传下载
在上面的2个场景中服务端都可以使用
freeSSHD
这个软件是免费的,你可以把它用在你的商业软件中也没有问题。这里附上它的授权说明:
“
Copyright (c) 2005-2008 Kresimir Petric and Kresimir Grofelnik
NOTE: Portions of this software (wodSSHServer) are provided separately and use different type of licensing, so below text does not apply to them. Please consult their license agreement if you are interested in recompiling freeSSHd from the source code.
— License agreement —
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge,
publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE
FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
”
官方网站是:
http://www.freesshd.com/?ctt=terms
关于客户端,如果使用场景是第一种,那么你的选择比较多:
a. filezilla
b. WinSCP
c. SSH
d. psftp.exe
如果你的使用场景是第二种,那么采用WinSCP就是很好的一个选择,因为它提供了命令行的操作方式,更为的重要的是它提供脚本的方式才控制上传下载,并且它提供了速率的控制。
WinSCP的官方网站是:
http://winscp.net/eng/index.php
授权:
”
Copyright (c) 2005-2008 Kresimir Petric and Kresimir Grofelnik
>
> NOTE: Portions of this software (wodSSHServer) are provided
> separately and use different type of licensing, so below text does
> not apply to them. Please consult their license agreement if you are
> interested in recompiling freeSSHd from the source code.
>
> — License agreement —
>
> Permission is hereby granted, free of charge, to any person obtaining
> a copy of this software and associated documentation files (the
> “Software”), to deal in the Software without restriction, including
> without limitation the rights to use, copy, modify, merge, publish,
> distribute, sublicense, and/or sell copies of the Software, and to
> permit persons to whom the Software is furnished to do so, subject to
> the following conditions:
>
> The above copyright notice and this permission notice shall be
> included in all copies or substantial portions of the Software.
>
> THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND,
> EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
> MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
> NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
> BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
> ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
> CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
> SOFTWARE.
>
> “
>
> CLIENT SIDE – WINSCP ALSO CAN USED IN OUR PROJECT BECAUSE OF
>
> “
>
> No matter if your are an individual, or representative of educational
> institution, small firm or corporation, the GPL license grants you
> following rights:
>
> * Run WinSCP for any purpose for free;
> * Copy WinSCP anywhere you want in any number of copies or Provide
> a download link on your website;
> * Make whatever modifications to WinSCP you want (though your
> modification must also be released under the GPL).
“
我已经使用这个方案成功的完成了文件的安全的文件上传下载。因为项目的原因客户端我用的是c++,其实这种教程控制的工作如果有python来做的话,非常的适合,所以你可以使用python+winscp来完成客户端的工作,服务端你只要采用freesshd,freesshd有安装包可下载,因此只要下载安装即可。
上面提到这个winscp和freesshd都只可以在windows平台运行。
完。
版权所有,禁止转载. 如需转载,请先征得博主的同意,并且表明文章出处,否则按侵权处理.
