SFTP Server (SSH File Transfer Protocol) based on Apache MINA SSHD
. Open Source Java project under Apache License v2.0
Current Stable Version is 1.4.0
sftpserver | Java |
---|---|
1.0.x | 1.6 |
1.1.x | 1.6 |
1.2.x | 1.7 |
1.3.x | 1.8 |
1.4.x | 1.8 |
#
## Global Options
#
# Listen on localhost and localnet
#sftpserver.global.host=127.0.0.1,192.168.1.1
# Listen on TCP port 22222
sftpserver.global.port=22222
# Enable compression (requires jzlib) (default: false)
sftpserver.global.compress=true
# Enable dummy shell (default: false)
sftpserver.global.dummyshell=true
# Enable log request (default: false)
sftpserver.global.logrequest=true
#
## Configure user "test"
#
# Password for user (unencrypted-plain-text)
#sftpserver.user.test.userpassword=changeit
# Password for user (encrypted)
sftpserver.user.test.userpassword=$1$156RlTZJ$76bzjtXvDfgvouurtgEI10
# PublicKeys for user (OpenSSH format)
sftpserver.user.test.userkey.1=ssh-rsa AAAAB3NzaC1yc2EAAAADA...E7uQ==
sftpserver.user.test.userkey.2=ssh-ed25519 AAAAC3NzaC1...QfX
sftpserver.user.test.userkey.3=ecdsa-sha2-nistp256 AAAAE2VjZ...Z99xM=
# Set user home directory (chrooted)
sftpserver.user.test.homedirectory=./home/test/
# Enable user (default: false)
sftpserver.user.test.enableflag=true
# Enable write (default: false)
sftpserver.user.test.writepermission=true
#
#
## Global Options
#
# Listen on TCP port 22222
sftpserver.global.port=22222
# Enable compression (requires jzlib) (default: false)
sftpserver.global.compress=true
# Enable dummy shell (default: false)
sftpserver.global.dummyshell=true
#
## Configure htpasswd
#
# Enable htpasswd (default: false)
sftpserver.htpasswd.enableflag=true
# Set home directory for all users (chrooted)
sftpserver.htpasswd.homedirectory=./home/test/
# Enable write (default: false)
sftpserver.htpasswd.writepermission=true
#
./bin/sftpd.sh <run|start|stop|restart|status> [id]
./bin/sftpd.conf (you can copy to /etc/init/)
./bin/sftpd.service (you can copy to /etc/systemd/system/)
./bin/sftpd.sh <pwd>
- Use Java SecurityManager/Policy File
- Non operating system accounts
- Homes are chrooted
- ReadOnly accounts
- Encrypted Passwords (SHA2/MD5/APR1)
- PublicKey Authenticator (OpenSSH keys RSA/EcDSA/Ed25519)
- Support htpasswd file (APR1)
Current hardcoded values:
- Hostkeys are writed to:
hostkey.pem
orhostkey.ser
in${sftp.home}/keys/
directory - SecurityManager/Policy File is in
conf/${ID}/sftpd.policy
(custom) orlib/sftpd.policy
(generic) - Htpasswd File is in
conf/${ID}/htpasswd
(custom) orconf/htpasswd
(generic) - Default KexAlgorithms:
diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, diffie-hellman-group-exchange-sha256, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha1
- Default Ciphers:
aes128-ctr, aes192-ctr, aes256-ctr
- Default MACs:
[email protected], [email protected], [email protected], hmac-sha2-256, hmac-sha2-512, hmac-sha1
Maven Dependencies:
- mina-core-
XXX
.jar - sshd-core-
XXX
.jar - sshd-sftp-
XXX
.jar - sshd-scp-
XXX
.jar
Apache Commons Codec (password encryption)
- commons-codec-
XXX
.jar
- reload4j-
XXX
.jar
- slf4j-api-
XXX
.jar - slf4j-reload4j-
XXX
.jar
- bcprov-jdk15on-
XXX
.jar - bcpkix-jdk15on-
XXX
.jar
- jzlib-
XXX
.jar