xref: /freebsd/crypto/openssh/sftp-server.8 (revision dd41de95a84d979615a2ef11df6850622bf6184e)
1.\" $OpenBSD: sftp-server.8,v 1.27 2014/12/11 04:16:14 djm Exp $
2.\"
3.\" Copyright (c) 2000 Markus Friedl.  All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\" 1. Redistributions of source code must retain the above copyright
9.\"    notice, this list of conditions and the following disclaimer.
10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\"    notice, this list of conditions and the following disclaimer in the
12.\"    documentation and/or other materials provided with the distribution.
13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24.\"
25.Dd $Mdocdate: December 11 2014 $
26.Dt SFTP-SERVER 8
27.Os
28.Sh NAME
29.Nm sftp-server
30.Nd SFTP server subsystem
31.Sh SYNOPSIS
32.Nm sftp-server
33.Bk -words
34.Op Fl ehR
35.Op Fl d Ar start_directory
36.Op Fl f Ar log_facility
37.Op Fl l Ar log_level
38.Op Fl P Ar blacklisted_requests
39.Op Fl p Ar whitelisted_requests
40.Op Fl u Ar umask
41.Ek
42.Nm
43.Fl Q Ar protocol_feature
44.Sh DESCRIPTION
45.Nm
46is a program that speaks the server side of SFTP protocol
47to stdout and expects client requests from stdin.
48.Nm
49is not intended to be called directly, but from
50.Xr sshd 8
51using the
52.Cm Subsystem
53option.
54.Pp
55Command-line flags to
56.Nm
57should be specified in the
58.Cm Subsystem
59declaration.
60See
61.Xr sshd_config 5
62for more information.
63.Pp
64Valid options are:
65.Bl -tag -width Ds
66.It Fl d Ar start_directory
67specifies an alternate starting directory for users.
68The pathname may contain the following tokens that are expanded at runtime:
69%% is replaced by a literal '%',
70%d is replaced by the home directory of the user being authenticated,
71and %u is replaced by the username of that user.
72The default is to use the user's home directory.
73This option is useful in conjunction with the
74.Xr sshd_config 5
75.Cm ChrootDirectory
76option.
77.It Fl e
78Causes
79.Nm
80to print logging information to stderr instead of syslog for debugging.
81.It Fl f Ar log_facility
82Specifies the facility code that is used when logging messages from
83.Nm .
84The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
85LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
86The default is AUTH.
87.It Fl h
88Displays
89.Nm
90usage information.
91.It Fl l Ar log_level
92Specifies which messages will be logged by
93.Nm .
94The possible values are:
95QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
96INFO and VERBOSE log transactions that
97.Nm
98performs on behalf of the client.
99DEBUG and DEBUG1 are equivalent.
100DEBUG2 and DEBUG3 each specify higher levels of debugging output.
101The default is ERROR.
102.It Fl P Ar blacklisted_requests
103Specify a comma-separated list of SFTP protocol requests that are banned by
104the server.
105.Nm
106will reply to any blacklisted request with a failure.
107The
108.Fl Q
109flag can be used to determine the supported request types.
110If both a blacklist and a whitelist are specified, then the blacklist is
111applied before the whitelist.
112.It Fl p Ar whitelisted_requests
113Specify a comma-separated list of SFTP protocol requests that are permitted
114by the server.
115All request types that are not on the whitelist will be logged and replied
116to with a failure message.
117.Pp
118Care must be taken when using this feature to ensure that requests made
119implicitly by SFTP clients are permitted.
120.It Fl Q Ar protocol_feature
121Query protocol features supported by
122.Nm .
123At present the only feature that may be queried is
124.Dq requests ,
125which may be used for black or whitelisting (flags
126.Fl P
127and
128.Fl p
129respectively).
130.It Fl R
131Places this instance of
132.Nm
133into a read-only mode.
134Attempts to open files for writing, as well as other operations that change
135the state of the filesystem, will be denied.
136.It Fl u Ar umask
137Sets an explicit
138.Xr umask 2
139to be applied to newly-created files and directories, instead of the
140user's default mask.
141.El
142.Pp
143On some systems,
144.Nm
145must be able to access
146.Pa /dev/log
147for logging to work, and use of
148.Nm
149in a chroot configuration therefore requires that
150.Xr syslogd 8
151establish a logging socket inside the chroot directory.
152.Sh SEE ALSO
153.Xr sftp 1 ,
154.Xr ssh 1 ,
155.Xr sshd_config 5 ,
156.Xr sshd 8
157.Rs
158.%A T. Ylonen
159.%A S. Lehtinen
160.%T "SSH File Transfer Protocol"
161.%N draft-ietf-secsh-filexfer-02.txt
162.%D October 2001
163.%O work in progress material
164.Re
165.Sh HISTORY
166.Nm
167first appeared in
168.Ox 2.8 .
169.Sh AUTHORS
170.An Markus Friedl Aq Mt markus@openbsd.org
171