Damien Miller | aa7ad30 | 2013-01-09 15:58:21 +1100 | [diff] [blame] | 1 | .\" $OpenBSD: sftp-server.8,v 1.21 2013/01/04 19:26:38 jmc Exp $ |
Damien Miller | e4340be | 2000-09-16 13:29:08 +1100 | [diff] [blame] | 2 | .\" |
Ben Lindstrom | 92a2e38 | 2001-03-05 06:59:27 +0000 | [diff] [blame] | 3 | .\" Copyright (c) 2000 Markus Friedl. All rights reserved. |
Damien Miller | e4340be | 2000-09-16 13:29:08 +1100 | [diff] [blame] | 4 | .\" |
| 5 | .\" Redistribution and use in source and binary forms, with or without |
| 6 | .\" modification, are permitted provided that the following conditions |
| 7 | .\" are met: |
| 8 | .\" 1. Redistributions of source code must retain the above copyright |
| 9 | .\" notice, this list of conditions and the following disclaimer. |
| 10 | .\" 2. Redistributions in binary form must reproduce the above copyright |
| 11 | .\" notice, this list of conditions and the following disclaimer in the |
| 12 | .\" documentation and/or other materials provided with the distribution. |
| 13 | .\" |
| 14 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
| 15 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
| 16 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
| 17 | .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
| 18 | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| 19 | .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 20 | .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 21 | .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 24 | .\" |
Damien Miller | aa7ad30 | 2013-01-09 15:58:21 +1100 | [diff] [blame] | 25 | .Dd $Mdocdate: January 4 2013 $ |
Damien Miller | 7b28dc5 | 2000-09-05 13:34:53 +1100 | [diff] [blame] | 26 | .Dt SFTP-SERVER 8 |
| 27 | .Os |
| 28 | .Sh NAME |
| 29 | .Nm sftp-server |
| 30 | .Nd SFTP server subsystem |
| 31 | .Sh SYNOPSIS |
| 32 | .Nm sftp-server |
Darren Tucker | db7bf82 | 2010-01-09 22:24:33 +1100 | [diff] [blame] | 33 | .Op Fl ehR |
Damien Miller | 502ab0e | 2013-01-09 15:57:36 +1100 | [diff] [blame] | 34 | .Op Fl d Ar start_directory |
Damien Miller | fef95ad | 2006-07-10 20:46:55 +1000 | [diff] [blame] | 35 | .Op Fl f Ar log_facility |
| 36 | .Op Fl l Ar log_level |
Darren Tucker | 6b286a4 | 2009-10-07 08:46:21 +1100 | [diff] [blame] | 37 | .Op Fl u Ar umask |
Damien Miller | 7b28dc5 | 2000-09-05 13:34:53 +1100 | [diff] [blame] | 38 | .Sh DESCRIPTION |
| 39 | .Nm |
| 40 | is a program that speaks the server side of SFTP protocol |
| 41 | to stdout and expects client requests from stdin. |
| 42 | .Nm |
| 43 | is not intended to be called directly, but from |
Damien Miller | 50a41ed | 2000-10-16 12:14:42 +1100 | [diff] [blame] | 44 | .Xr sshd 8 |
Damien Miller | 7b28dc5 | 2000-09-05 13:34:53 +1100 | [diff] [blame] | 45 | using the |
| 46 | .Cm Subsystem |
| 47 | option. |
Damien Miller | fef95ad | 2006-07-10 20:46:55 +1000 | [diff] [blame] | 48 | .Pp |
| 49 | Command-line flags to |
| 50 | .Nm |
| 51 | should be specified in the |
| 52 | .Cm Subsystem |
| 53 | declaration. |
Damien Miller | 7b28dc5 | 2000-09-05 13:34:53 +1100 | [diff] [blame] | 54 | See |
Darren Tucker | 1f20394 | 2003-10-15 15:50:42 +1000 | [diff] [blame] | 55 | .Xr sshd_config 5 |
Damien Miller | 7b28dc5 | 2000-09-05 13:34:53 +1100 | [diff] [blame] | 56 | for more information. |
Damien Miller | fef95ad | 2006-07-10 20:46:55 +1000 | [diff] [blame] | 57 | .Pp |
| 58 | Valid options are: |
| 59 | .Bl -tag -width Ds |
Damien Miller | aa7ad30 | 2013-01-09 15:58:21 +1100 | [diff] [blame] | 60 | .It Fl d Ar start_directory |
Damien Miller | 502ab0e | 2013-01-09 15:57:36 +1100 | [diff] [blame] | 61 | specifies an alternate starting directory for users. |
| 62 | The pathname may contain the following tokens that are expanded at runtime: |
| 63 | %% is replaced by a literal '%', |
| 64 | %h is replaced by the home directory of the user being authenticated, |
| 65 | and %u is replaced by the username of that user. |
| 66 | The default is to use the user's home directory. |
| 67 | This option is useful in conjunction with the |
| 68 | .Xr sshd_config 5 |
| 69 | .Cm ChrootDirectory |
| 70 | option. |
Darren Tucker | 7bee06a | 2009-10-07 08:47:47 +1100 | [diff] [blame] | 71 | .It Fl e |
| 72 | Causes |
| 73 | .Nm |
| 74 | to print logging information to stderr instead of syslog for debugging. |
Damien Miller | fef95ad | 2006-07-10 20:46:55 +1000 | [diff] [blame] | 75 | .It Fl f Ar log_facility |
| 76 | Specifies the facility code that is used when logging messages from |
| 77 | .Nm . |
| 78 | The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, |
| 79 | LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. |
| 80 | The default is AUTH. |
Darren Tucker | 7bee06a | 2009-10-07 08:47:47 +1100 | [diff] [blame] | 81 | .It Fl h |
| 82 | Displays |
| 83 | .Nm |
| 84 | usage information. |
Damien Miller | fef95ad | 2006-07-10 20:46:55 +1000 | [diff] [blame] | 85 | .It Fl l Ar log_level |
| 86 | Specifies which messages will be logged by |
| 87 | .Nm . |
| 88 | The possible values are: |
| 89 | QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. |
| 90 | INFO and VERBOSE log transactions that |
| 91 | .Nm |
| 92 | performs on behalf of the client. |
| 93 | DEBUG and DEBUG1 are equivalent. |
| 94 | DEBUG2 and DEBUG3 each specify higher levels of debugging output. |
| 95 | The default is ERROR. |
Darren Tucker | db7bf82 | 2010-01-09 22:24:33 +1100 | [diff] [blame] | 96 | .It Fl R |
| 97 | Places this instance of |
| 98 | .Nm |
| 99 | into a read-only mode. |
| 100 | Attempts to open files for writing, as well as other operations that change |
Darren Tucker | 838891f | 2010-01-09 22:25:46 +1100 | [diff] [blame] | 101 | the state of the filesystem, will be denied. |
Darren Tucker | 6b286a4 | 2009-10-07 08:46:21 +1100 | [diff] [blame] | 102 | .It Fl u Ar umask |
| 103 | Sets an explicit |
| 104 | .Xr umask 2 |
| 105 | to be applied to newly-created files and directories, instead of the |
| 106 | user's default mask. |
Damien Miller | fef95ad | 2006-07-10 20:46:55 +1000 | [diff] [blame] | 107 | .El |
Damien Miller | 276571c | 2008-07-14 12:09:57 +1000 | [diff] [blame] | 108 | .Pp |
| 109 | For logging to work, |
| 110 | .Nm |
| 111 | must be able to access |
| 112 | .Pa /dev/log . |
| 113 | Use of |
| 114 | .Nm |
Darren Tucker | 5837b51 | 2009-06-21 17:52:27 +1000 | [diff] [blame] | 115 | in a chroot configuration therefore requires that |
Damien Miller | 276571c | 2008-07-14 12:09:57 +1000 | [diff] [blame] | 116 | .Xr syslogd 8 |
| 117 | establish a logging socket inside the chroot directory. |
Damien Miller | 7b28dc5 | 2000-09-05 13:34:53 +1100 | [diff] [blame] | 118 | .Sh SEE ALSO |
Ben Lindstrom | 160ec62 | 2001-04-22 17:17:46 +0000 | [diff] [blame] | 119 | .Xr sftp 1 , |
Damien Miller | 7b28dc5 | 2000-09-05 13:34:53 +1100 | [diff] [blame] | 120 | .Xr ssh 1 , |
Darren Tucker | 1f20394 | 2003-10-15 15:50:42 +1000 | [diff] [blame] | 121 | .Xr sshd_config 5 , |
Damien Miller | 50a41ed | 2000-10-16 12:14:42 +1100 | [diff] [blame] | 122 | .Xr sshd 8 |
Ben Lindstrom | 160ec62 | 2001-04-22 17:17:46 +0000 | [diff] [blame] | 123 | .Rs |
Ben Lindstrom | 90fd060 | 2001-06-25 04:45:33 +0000 | [diff] [blame] | 124 | .%A T. Ylonen |
| 125 | .%A S. Lehtinen |
Ben Lindstrom | 160ec62 | 2001-04-22 17:17:46 +0000 | [diff] [blame] | 126 | .%T "SSH File Transfer Protocol" |
| 127 | .%N draft-ietf-secsh-filexfer-00.txt |
| 128 | .%D January 2001 |
| 129 | .%O work in progress material |
| 130 | .Re |
Damien Miller | 50a41ed | 2000-10-16 12:14:42 +1100 | [diff] [blame] | 131 | .Sh HISTORY |
| 132 | .Nm |
Darren Tucker | 25bd3c0 | 2006-09-26 20:14:28 +1000 | [diff] [blame] | 133 | first appeared in |
| 134 | .Ox 2.8 . |
| 135 | .Sh AUTHORS |
| 136 | .An Markus Friedl Aq markus@openbsd.org |