1.\" $OpenBSD: sftp-server.8,v 1.27 2014/12/11 04:16:14 djm Exp $ 2.\" 3.\" Copyright (c) 2000 Markus Friedl. All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24.\" 25.Dd $Mdocdate: December 11 2014 $ 26.Dt SFTP-SERVER 8 27.Os 28.Sh NAME 29.Nm sftp-server 30.Nd SFTP server subsystem 31.Sh SYNOPSIS 32.Nm sftp-server 33.Bk -words 34.Op Fl ehR 35.Op Fl d Ar start_directory 36.Op Fl f Ar log_facility 37.Op Fl l Ar log_level 38.Op Fl P Ar blacklisted_requests 39.Op Fl p Ar whitelisted_requests 40.Op Fl u Ar umask 41.Ek 42.Nm 43.Fl Q Ar protocol_feature 44.Sh DESCRIPTION 45.Nm 46is a program that speaks the server side of SFTP protocol 47to stdout and expects client requests from stdin. 48.Nm 49is not intended to be called directly, but from 50.Xr sshd 8 51using the 52.Cm Subsystem 53option. 54.Pp 55Command-line flags to 56.Nm 57should be specified in the 58.Cm Subsystem 59declaration. 60See 61.Xr sshd_config 5 62for more information. 63.Pp 64Valid options are: 65.Bl -tag -width Ds 66.It Fl d Ar start_directory 67specifies an alternate starting directory for users. 68The pathname may contain the following tokens that are expanded at runtime: 69%% is replaced by a literal '%', 70%d is replaced by the home directory of the user being authenticated, 71and %u is replaced by the username of that user. 72The default is to use the user's home directory. 73This option is useful in conjunction with the 74.Xr sshd_config 5 75.Cm ChrootDirectory 76option. 77.It Fl e 78Causes 79.Nm 80to print logging information to stderr instead of syslog for debugging. 81.It Fl f Ar log_facility 82Specifies the facility code that is used when logging messages from 83.Nm . 84The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, 85LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. 86The default is AUTH. 87.It Fl h 88Displays 89.Nm 90usage information. 91.It Fl l Ar log_level 92Specifies which messages will be logged by 93.Nm . 94The possible values are: 95QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. 96INFO and VERBOSE log transactions that 97.Nm 98performs on behalf of the client. 99DEBUG and DEBUG1 are equivalent. 100DEBUG2 and DEBUG3 each specify higher levels of debugging output. 101The default is ERROR. 102.It Fl P Ar blacklisted_requests 103Specify a comma-separated list of SFTP protocol requests that are banned by 104the server. 105.Nm 106will reply to any blacklisted request with a failure. 107The 108.Fl Q 109flag can be used to determine the supported request types. 110If both a blacklist and a whitelist are specified, then the blacklist is 111applied before the whitelist. 112.It Fl p Ar whitelisted_requests 113Specify a comma-separated list of SFTP protocol requests that are permitted 114by the server. 115All request types that are not on the whitelist will be logged and replied 116to with a failure message. 117.Pp 118Care must be taken when using this feature to ensure that requests made 119implicitly by SFTP clients are permitted. 120.It Fl Q Ar protocol_feature 121Query protocol features supported by 122.Nm . 123At present the only feature that may be queried is 124.Dq requests , 125which may be used for black or whitelisting (flags 126.Fl P 127and 128.Fl p 129respectively). 130.It Fl R 131Places this instance of 132.Nm 133into a read-only mode. 134Attempts to open files for writing, as well as other operations that change 135the state of the filesystem, will be denied. 136.It Fl u Ar umask 137Sets an explicit 138.Xr umask 2 139to be applied to newly-created files and directories, instead of the 140user's default mask. 141.El 142.Pp 143On some systems, 144.Nm 145must be able to access 146.Pa /dev/log 147for logging to work, and use of 148.Nm 149in a chroot configuration therefore requires that 150.Xr syslogd 8 151establish a logging socket inside the chroot directory. 152.Sh SEE ALSO 153.Xr sftp 1 , 154.Xr ssh 1 , 155.Xr sshd_config 5 , 156.Xr sshd 8 157.Rs 158.%A T. Ylonen 159.%A S. Lehtinen 160.%T "SSH File Transfer Protocol" 161.%N draft-ietf-secsh-filexfer-02.txt 162.%D October 2001 163.%O work in progress material 164.Re 165.Sh HISTORY 166.Nm 167first appeared in 168.Ox 2.8 . 169.Sh AUTHORS 170.An Markus Friedl Aq Mt markus@openbsd.org 171