diff options
author | Colin Watson <cjwatson@debian.org> | 2014-02-10 00:18:28 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-02-10 00:18:28 +0000 |
commit | 9a975a9faed7c4f334e8c8490db3e77e102f2b21 (patch) | |
tree | 764a885ec9a963f6a8b15de6e1765f16b9ac4738 /sftp-server.0 | |
parent | ee196dab7c5f97f0b80c8099343a375bead92010 (diff) | |
parent | cdb6c90811caa5df2df856be9b0b16db020fe31d (diff) |
Import openssh_6.5p1.orig.tar.gz
Diffstat (limited to 'sftp-server.0')
-rw-r--r-- | sftp-server.0 | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/sftp-server.0 b/sftp-server.0 index 391f42736..5bf8da600 100644 --- a/sftp-server.0 +++ b/sftp-server.0 | |||
@@ -5,7 +5,9 @@ NAME | |||
5 | 5 | ||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level] | 7 | sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level] |
8 | [-P blacklisted_requests] [-p whitelisted_requests] | ||
8 | [-u umask] | 9 | [-u umask] |
10 | sftp-server -Q protocol_feature | ||
9 | 11 | ||
10 | DESCRIPTION | 12 | DESCRIPTION |
11 | sftp-server is a program that speaks the server side of SFTP protocol to | 13 | sftp-server is a program that speaks the server side of SFTP protocol to |
@@ -46,6 +48,26 @@ DESCRIPTION | |||
46 | DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher | 48 | DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher |
47 | levels of debugging output. The default is ERROR. | 49 | levels of debugging output. The default is ERROR. |
48 | 50 | ||
51 | -P blacklisted_requests | ||
52 | Specify a comma-separated list of SFTP protocol requests that are | ||
53 | banned by the server. sftp-server will reply to any blacklisted | ||
54 | request with a failure. The -Q flag can be used to determine the | ||
55 | supported request types. If both a blacklist and a whitelist are | ||
56 | specified, then the blacklist is applied before the whitelist. | ||
57 | |||
58 | -p whitelisted_requests | ||
59 | Specify a comma-separated list of SFTP protocol requests that are | ||
60 | permitted by the server. All request types that are not on the | ||
61 | whitelist will be logged and replied to with a failure message. | ||
62 | |||
63 | Care must be taken when using this feature to ensure that | ||
64 | requests made implicitly by SFTP clients are permitted. | ||
65 | |||
66 | -Q protocol_feature | ||
67 | Query protocol features supported by sftp-server. At present the | ||
68 | only feature that may be queried is ``requests'', which may be | ||
69 | used for black or whitelisting (flags -P and -p respectively). | ||
70 | |||
49 | -R Places this instance of sftp-server into a read-only mode. | 71 | -R Places this instance of sftp-server into a read-only mode. |
50 | Attempts to open files for writing, as well as other operations | 72 | Attempts to open files for writing, as well as other operations |
51 | that change the state of the filesystem, will be denied. | 73 | that change the state of the filesystem, will be denied. |
@@ -70,4 +92,4 @@ HISTORY | |||
70 | AUTHORS | 92 | AUTHORS |
71 | Markus Friedl <markus@openbsd.org> | 93 | Markus Friedl <markus@openbsd.org> |
72 | 94 | ||
73 | OpenBSD 5.4 July 16, 2013 OpenBSD 5.4 | 95 | OpenBSD 5.4 October 14, 2013 OpenBSD 5.4 |