Skip Navigation Links | |
Exit Print View | |
man pages section 1M: System Administration Commands Oracle Solaris 11.1 Information Library |
- SFTP server subsystem
/usr/lib/ssh/sftp-server [-f log_facility] [-l log_level]
sftp-server implements the server side of the SSH File Transfer Protocol as defined in the IETF draft-ietf-secsh-filexfer.
sftp-server is a subsystem for sshd(1M) and must not be run directly. Command-line flags to sftp-server should be specified in the Subsystem declaration. See sshd_config(4) for more information.
To enable the sftp-server subsystem for sshd add the following to /etc/ssh/sshd_config:
Subsystem sftp /usr/lib/ssh/sftp-server
To run sftp-server in a chroot configuration, use internal-sftp instead of /usr/lib/ssh/sftp-server. Otherwise, the chroot directory must contain the necessary files and directories to support the user's session. See the ChrootDirectory and Subsystem options in sshd_config(4)) for more information on how sshd and sftp-server work with chroot(2).
See sshd_config(4) for a description of the format and contents of that file.
There is no relationship between the protocol used by sftp-server and the FTP protocol (RFC 959) provided by in.ftpd.
For logging to work, sftp-server must be able to access /dev/log. Use of sftp-server in a chroot configuration therefore requires that syslogd(1M) establish a logging socket inside the chroot directory.
Valid options are listed below. As stated above, these options, if used, are specified in the Subsystem declaration of sshd_config.
Specifies the facility code that is used when logging messages from sftp-server. The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH.
Specifies which messages will be logged by sftp-server. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions that sftp-server performs on behalf of the client. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR.
Sets an explicit umask(2) to be applied to newly-created files and directories, instead of the user's default mask.
The following exit values are returned:
Successful completion.
An error occurred.
Server-side binary.
See attributes(5) for descriptions of the following attributes:
|
sftp(1), ssh(1), ssh-add(1), ssh-keygen(1), sshd(1M), syslogd(1M), chroot(2), umask(2), sshd_config(4), attributes(5)