|SFTP-SERVER(8)||System Manager's Manual||SFTP-SERVER(8)|
OpenSSH SFTP server subsystem
sftp-server is a program that speaks the
server side of SFTP protocol to stdout and expects client requests from
sftp-server is not intended to be called
directly, but from sshd(8) using the
Command-line flags to
be specified in the
Subsystem declaration. See
sshd_config(5) for more
Valid options are:
sftp-serverto print logging information to stderr instead of syslog for debugging.
sftp-server. The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH.
sftp-server. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions that
sftp-serverperforms on behalf of the client. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR.
sftp-serverwill reply to any denied request with a failure. The
-Qflag can be used to determine the supported request types. If both denied and allowed lists are specified, then the denied list is applied before the allowed list.
Care must be taken when using this feature to ensure that requests made implicitly by SFTP clients are permitted.
sftp-server. At present the only feature that may be queried is “requests”, which may be used to deny or allow specific requests (flags
sftp-serverinto a read-only mode. Attempts to open files for writing, as well as other operations that change the state of the filesystem, will be denied.
On some systems,
sftp-server must be able
to access /dev/log for logging to work, and use of
sftp-server in a chroot configuration therefore
requires that syslogd(8) establish a
logging socket inside the chroot directory.
T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-filexfer-02.txt, October 2001, work in progress material.
sftp-server first appeared in
Markus Friedl <email@example.com>
|June 22, 2020||OpenBSD-current|