No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

HUAWEI CLOUD Stack 6.5.0 Backup and Restoration Guide 03

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Preparing the SFTP Server

Preparing the SFTP Server

Overview

This section describes how to connect the maintenance terminal to the SFTP server and perform configurations to prepare for interconnection between the SFTP server and cloud services.

Prerequisites

  • The maintenance terminal has been connected to the SFTP server through the management network port.
  • The IP address of the SFTP server has been obtained.

Context

This document uses PuTTY 0.67 as an example.

Operation Procedure

Before backing up data to the SFTP server, ensure that the storage space of the server is greater than or equal to 800 GB.

  1. Run PuTTY.

    The PuTTY Configuration dialog box is displayed, as shown in Figure 1-1.

    Figure 1-1 PuTTY Configuration

  2. Configure the CLI to support display of Chinese characters.

    1. In the navigation tree on the left, choose Window > Translation.
    2. Set Remote character set: to UTF-8, as shown in Figure 1-2.
      Figure 1-2 Configuring support for Chinese characters

    3. In the navigation tree, choose Window > Appearance.
    4. In the Font settings area, click Change.

      The Font dialog box is displayed.

    5. In the dialog box that is displayed, select the Chinese character properties (including the font, font style, and size), and click OK.

      The PuTTY Configuration dialog box is displayed.

    6. In the navigation tree, choose Session.
    7. In the Load, save or delete a stored session area, select Default Settings and click Save to save the settings as the default.

  3. Select Session. In the Specify the destination you want to connect to area, enter the IP address of the SFTP server's management network port that connects to the maintenance terminal in Host Name (or IP address) and set Connection type to SSH.
  4. Click Open. The CLI login page is displayed as follows:

    login as:

  5. Enter the username and password of the SFTP server as prompted. If the login is successful, the following message is displayed:

    Last login: Mon Apr 10 10:38:06 2017 from XXX.XXX.XXX.XXX 
    [root@localhost ~]# 

  6. Create a user group and add users to it. Set passwords for the users.

    1. Run the groupadd sftp command to create a user group.
    2. Run the useradd -g sftp -s /bin/false sftpuser command to add users.
    3. Run the passwd sftpuser command to set passwords.

  7. Create a directory for the user group and set permissions.

    1. Run the mkdir /datas command to create the datas directory.
    2. Run the mkdir /datas/backup command to create a directory for the upload.
    3. Run the usermod -d/datas/backup sftpuser command to change the directory of user sftpuser.

  8. Modify the sshd_config file.

    1. Run the vi /etc/ssh/sshd_config command to open the sshd_config file.
    2. Press i to enter editing mode.
    3. Add a number sign (#) before "Subsystem sftp /usr/libexec/openssh/sftp-server" to comment out the text.
    4. (Optional) Change the value of GSSAPIAuthentication to no.
    5. Add the following information at the end of the configuration file:
    Subsystem sftp internal-sftp # Indicates that the built-in internal-sftp service of the system is used.
    Match User sftpuser #Used to match users
    ChrootDirectory /datas/backup #Indicates using chroot to specify the root directory of the user to /datas/backup 
    AllowTcpForwarding no
    ForceCommand internal-sftp #Specifies the SFTP command.

  9. Press Esc to exit editing mode.

    Enter :wq and press Enter to save the configuration and exit.

  10. Set permission for the Chroot directory.

    1. Run the chown -R root:root/datas/backup command.
    2. Run the chmod 755 /datas/backup command to grant permissions to /datas/backup.

  11. Create a directory that can be written by the SFTP user after login.

    1. Run the mkdir /datas/backup/sftpuser command to create a directory.
    2. Run the chown -R sftpuser:sftp /datas/backup/sftpuser/ command.
    3. Run the chmod 755 /datas/backup/sftpuser/ command to grant permissions to /datas/backup/sftpuser/.

  12. Run the service sshd restart command to restart the sshd service.
  13. Run the sftp sftpuser@sftp server IP address command to check whether this address can be logged in to.

    • If yes, no further action is required.
    • If no, repeat steps Step 1 to Step 12. If the login still fails, contact technical support engineers.

Translation
Download
Updated: 2019-06-14

Document ID: EDOC1100062366

Views: 783

Downloads: 9

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next