Rackspace云文件:使用安全FTP(SFTP)客户端[sftp-cloudfs]上传文件
时间:2020-01-09 10:43:07 来源:igfitidea点击:
我正在使用来自Rackspace的云文件将文件存储在云中。
我知道如何将ftp客户端与云文件一起使用,但是出于安全和隐私考虑,如何使用安全文件传输程序,命令行上的sftp,OpenSSH项目中的真正SSH文件传输协议客户端。
如何在Linux或者Unix之类的操作系统下安装sftp-cloudfs?
您需要使用sftpcloudfs软件包。
这是Rackspace云文件和Open Stack对象存储(Swift)的SFTP接口。
这是Rackspace Cloud Files和OpenStack Object Storage的SFTP(安全文件传输协议)接口,提供充当SFTP客户端与远程文件/存储服务之间的代理的服务。
使用文件/存储服务的身份验证服务验证用于打开SFTP会话的用户名/密码对,以获取身份验证令牌。
客户端和SFTP守护程序之间的通信始终被加密,并且SFTP服务支持与远程文件/存储服务的HTTPS通信。
安装sftp-cloudfs
首先,按照此处所述安装pip命令。
接下来,执行以下pip命令以安装python软件包:
$ pip install sftp-cloudfs
输出示例:
Downloading/unpacking sftp-cloudfs
Downloading sftp-cloudfs-0.6.tar.gz
Running setup.py egg_info for package sftp-cloudfs
Requirement already satisfied (use --upgrade to upgrade): paramiko>=1.7.6 in ./py_virtual/lib/python2.6/site-packages (from sftp-cloudfs)
Requirement already satisfied (use --upgrade to upgrade): python-cloudfiles>=1.7.8 in ./py_virtual/lib/python2.6/site-packages (from sftp-cloudfs)
Requirement already satisfied (use --upgrade to upgrade): python-daemon>=1.5 in ./py_virtual/lib/python2.6/site-packages (from sftp-cloudfs)
Requirement already satisfied (use --upgrade to upgrade): python-memcached>=1.45 in ./py_virtual/lib/python2.6/site-packages (from sftp-cloudfs)
Requirement already satisfied (use --upgrade to upgrade): ftp-cloudfs>=0.19 in ./py_virtual/lib/python2.6/site-packages (from sftp-cloudfs)
Requirement already satisfied (use --upgrade to upgrade): pycrypto>=2.1,!=2.4 in ./py_virtual/lib/python2.6/site-packages (from paramiko>=1.7.6->sftp-cloudfs)
Requirement already satisfied (use --upgrade to upgrade): setuptools in ./py_virtual/lib/python2.6/site-packages (from python-daemon>=1.5->sftp-cloudfs)
Requirement already satisfied (use --upgrade to upgrade): lockfile>=0.9 in ./py_virtual/lib/python2.6/site-packages (from python-daemon>=1.5->sftp-cloudfs)
Requirement already satisfied (use --upgrade to upgrade): pyftpdlib in ./py_virtual/lib/python2.6/site-packages (from ftp-cloudfs>=0.19->sftp-cloudfs)
Installing collected packages: sftp-cloudfs
Running setup.py install for sftp-cloudfs
changing mode of build/scripts-2.6/sftpcloudfs from 644 to 755
changing mode of /home/Hyman/py_virtual/bin/sftpcloudfs to 755
Successfully installed sftp-cloudfs
Cleaning up...
创建主机密钥
您需要使用ssh-keygen命令创建主机密钥,如下所示:
$ mkdir $HOME/.ssh/sftcloudfs $ ssh-keygen -t rsa -f $HOME/.ssh/sftcloudfs/rsa_key_file
输出示例:
Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/Hyman/.ssh/sftcloudfs/rsa_key_file. Your public key has been saved in /home/Hyman/.ssh/sftcloudfs/rsa_key_file.pub. The key fingerprint is: b1:37:03:54:d3:e6:00:a2:e4:3c:67:16:81:fe:91:52 Hyman@wks01 The key's randomart image is: +--[ RSA 2048]----+ | ..+.ooo. | | +..E+ ..o | | .=.+.o + | | o=o + . | | o .S + | | . . o | | | | | | | +-----------------+
如何使用sftp-cloudfs?
语法如下:
sftpcloudfs -k /path/to/rsa_or_dsa_host_file -a http://your-open-cloud-url/path/url
对于基于Rackspace USA的云文件存储帐户,请使用:
sftpcloudfs -k $HOME/.ssh/sftcloudfs/rsa_key_file -a https://identity.api.rackspacecloud.com/v1.0
对于基于Rackspace UK的云文件存储帐户,请使用:
sftpcloudfs -k $HOME/.ssh/sftcloudfs/rsa_key_file -a https://lon.auth.api.rackspacecloud.com/v1.0.
使用ps命令验证sftpcloudfs进程是否正在运行,请运行:
$ ps aux | grep --color [s]ftpcloudfs
输出示例:
Hyman 21008 0.1 0.1 55352 10052 ? S 18:40 0:00 /home/Hyman/py_virtual/bin/python /home/Hyman/py_virtual/bin/sftpcloudfs -k /home/Hyman/.ssh/sftcloudfs/rsa_key_file -a https://identity.api.rackspacecloud.com/v1.0
确保默认端口8022已打开:
$ netstat -tulpn | grep :8022
输出示例:
(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) tcp 0 0 127.0.0.1:8022 0.0.0.0:* LISTEN 21008/python
如何关闭sftpcloud代理?
只需使用kill命令使用PID将TERM信号发送到名为sftpcloudfs的进程。
首先,获取一个pid,运行:
$ ps aux | grep [s]ftpcloudfs
输出示例:
Hyman 21008 0.0 0.1 55352 10052 ? S 18:40 0:00 /home/Hyman/py_virtual/bin/python /home/Hyman/py_virtual/bin/sftpcloudfs -k /home/Hyman/.ssh/sftcloudfs/rsa_key_file -a https://identity.api.rackspacecloud.com/v1.0
杀了它:
$ kill 21008
验证一下:
$ ps aux | grep [s]ftpcloudfs
如何在不同的IP和端口上启动sftpcloud代理?
默认绑定地址是127.0.0.1,但是您可以使用以下语法进行更改。
在此示例中,将BIND地址设置为192.168.1.100,运行:
sftpcloudfs -b 192.168.1.100 -k $HOME/.ssh/sftcloudfs/rsa_key_file -a https://identity.api.rackspacecloud.com/v1.0
默认绑定端口是8022,但是您可以使用以下语法进行更改。
在此示例中,将BIND端口设置为3000,运行:
sftpcloudfs -p 3000 -k $HOME/.ssh/sftcloudfs/rsa_key_file -a https://identity.api.rackspacecloud.com/v1.0
和往常一样,您可以结合使用-b和-p两种开关:
sftpcloudfs -b 192.168.1.100 -p 3000 -k $HOME/.ssh/sftcloudfs/rsa_key_file -a https://identity.api.rackspacecloud.com/v1.0
如何使用sftp客户端使用sftpcloud代理上传和下载文件到Rackspsace云文件存储?
使用默认的sftp客户端,它是一个交互式文件传输程序,类似于ftp,它通过加密的ssh传输执行所有操作。
语法为:
sftp -P PORT RACKSPACE-USER@IP-ADDRESS sftp -P 3000 [email protected]
请注意,您需要使用机架帐户API用户名和密码进行身份验证。
样品会议
sftp -P 8022 [email protected] [email protected]'s password: HIDDEN-PASSWORD Connected to 127.0.0.1. sftp> ls assets sftp> mkdir foo sftp> ls assets foo sftp> lcd /etc sftp> put resolv.conf Uploading resolv.conf to /theitroad/resolv.conf resolv.conf sftp> ls assets foo resolv.conf sftp> rm resolv.conf Removing /theitroad/resolv.conf sftp> rmdir foo sftp> quit
如何从云文件下载文件?
您可以使用URL通过cdn url通过公共互联网访问此容器中的文件,如下所示:
http://8173579aa04ea33f3314-2bd3e6c481b4a486fea8b805a638363d.r25.cf2.rackcdn.com/file.txt
登录到您的机架式CDN帐户以查看启用CDN的URL:
