xref: /freebsd/crypto/openssh/sftp-server.8 (revision 7661de35d15f582ab33e3bd6b8d909601557e436)
1.\" $OpenBSD: sftp-server.8,v 1.25 2013/10/14 14:18:56 jmc Exp $
2.\" $FreeBSD$
3.\"
4.\" Copyright (c) 2000 Markus Friedl.  All rights reserved.
5.\"
6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions
8.\" are met:
9.\" 1. Redistributions of source code must retain the above copyright
10.\"    notice, this list of conditions and the following disclaimer.
11.\" 2. Redistributions in binary form must reproduce the above copyright
12.\"    notice, this list of conditions and the following disclaimer in the
13.\"    documentation and/or other materials provided with the distribution.
14.\"
15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25.\"
26.Dd October 14, 2013
27.Dt SFTP-SERVER 8
28.Os
29.Sh NAME
30.Nm sftp-server
31.Nd SFTP server subsystem
32.Sh SYNOPSIS
33.Nm sftp-server
34.Bk -words
35.Op Fl ehR
36.Op Fl d Ar start_directory
37.Op Fl f Ar log_facility
38.Op Fl l Ar log_level
39.Op Fl P Ar blacklisted_requests
40.Op Fl p Ar whitelisted_requests
41.Op Fl u Ar umask
42.Ek
43.Nm
44.Fl Q Ar protocol_feature
45.Sh DESCRIPTION
46.Nm
47is a program that speaks the server side of SFTP protocol
48to stdout and expects client requests from stdin.
49.Nm
50is not intended to be called directly, but from
51.Xr sshd 8
52using the
53.Cm Subsystem
54option.
55.Pp
56Command-line flags to
57.Nm
58should be specified in the
59.Cm Subsystem
60declaration.
61See
62.Xr sshd_config 5
63for more information.
64.Pp
65Valid options are:
66.Bl -tag -width Ds
67.It Fl d Ar start_directory
68specifies an alternate starting directory for users.
69The pathname may contain the following tokens that are expanded at runtime:
70%% is replaced by a literal '%',
71%h is replaced by the home directory of the user being authenticated,
72and %u is replaced by the username of that user.
73The default is to use the user's home directory.
74This option is useful in conjunction with the
75.Xr sshd_config 5
76.Cm ChrootDirectory
77option.
78.It Fl e
79Causes
80.Nm
81to print logging information to stderr instead of syslog for debugging.
82.It Fl f Ar log_facility
83Specifies the facility code that is used when logging messages from
84.Nm .
85The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
86LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
87The default is AUTH.
88.It Fl h
89Displays
90.Nm
91usage information.
92.It Fl l Ar log_level
93Specifies which messages will be logged by
94.Nm .
95The possible values are:
96QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
97INFO and VERBOSE log transactions that
98.Nm
99performs on behalf of the client.
100DEBUG and DEBUG1 are equivalent.
101DEBUG2 and DEBUG3 each specify higher levels of debugging output.
102The default is ERROR.
103.It Fl P Ar blacklisted_requests
104Specify a comma-separated list of SFTP protocol requests that are banned by
105the server.
106.Nm
107will reply to any blacklisted request with a failure.
108The
109.Fl Q
110flag can be used to determine the supported request types.
111If both a blacklist and a whitelist are specified, then the blacklist is
112applied before the whitelist.
113.It Fl p Ar whitelisted_requests
114Specify a comma-separated list of SFTP protocol requests that are permitted
115by the server.
116All request types that are not on the whitelist will be logged and replied
117to with a failure message.
118.Pp
119Care must be taken when using this feature to ensure that requests made
120implicitly by SFTP clients are permitted.
121.It Fl Q Ar protocol_feature
122Query protocol features supported by
123.Nm .
124At present the only feature that may be queried is
125.Dq requests ,
126which may be used for black or whitelisting (flags
127.Fl P
128and
129.Fl p
130respectively).
131.It Fl R
132Places this instance of
133.Nm
134into a read-only mode.
135Attempts to open files for writing, as well as other operations that change
136the state of the filesystem, will be denied.
137.It Fl u Ar umask
138Sets an explicit
139.Xr umask 2
140to be applied to newly-created files and directories, instead of the
141user's default mask.
142.El
143.Pp
144For logging to work,
145.Nm
146must be able to access
147.Pa /dev/log .
148Use of
149.Nm
150in a chroot configuration therefore requires that
151.Xr syslogd 8
152establish a logging socket inside the chroot directory.
153.Sh SEE ALSO
154.Xr sftp 1 ,
155.Xr ssh 1 ,
156.Xr sshd_config 5 ,
157.Xr sshd 8
158.Rs
159.%A T. Ylonen
160.%A S. Lehtinen
161.%T "SSH File Transfer Protocol"
162.%N draft-ietf-secsh-filexfer-02.txt
163.%D October 2001
164.%O work in progress material
165.Re
166.Sh HISTORY
167.Nm
168first appeared in
169.Ox 2.8 .
170.Sh AUTHORS
171.An Markus Friedl Aq Mt markus@openbsd.org
172