|SFTP-SERVER(8)||System Manager's Manual||SFTP-SERVER(8)|
sftp-serveris a program that speaks the server side of SFTP protocol to stdout and expects client requests from stdin.
sftp-serveris not intended to be called directly, but from sshd(8) using the
Command-line flags to
be specified in the
Subsystem declaration. See
sshd_config(5) for more
Valid options are:
sftp-serverto print logging information to stderr instead of syslog for debugging.
sftp-server. The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH.
sftp-server. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions that
sftp-serverperforms on behalf of the client. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR.
sftp-serverwill reply to any blacklisted request with a failure. The
-Qflag can be used to determine the supported request types. If both a blacklist and a whitelist are specified, then the blacklist is applied before the whitelist.
Care must be taken when using this feature to ensure that requests made implicitly by SFTP clients are permitted.
sftp-server. At present the only feature that may be queried is “requests”, which may be used for black or whitelisting (flags
sftp-serverinto a read-only mode. Attempts to open files for writing, as well as other operations that change the state of the filesystem, will be denied.
On some systems,
sftp-server must be able
to access /dev/log for logging to work, and use of
sftp-server in a chroot configuration therefore
requires that syslogd(8) establish a
logging socket inside the chroot directory.
T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-filexfer-02.txt, October 2001, work in progress material.
sftp-serverfirst appeared in OpenBSD 2.8.
|December 11, 2014||OpenBSD-current|