diff options
Diffstat (limited to 'sftp-server.0')
| -rw-r--r-- | sftp-server.0 | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/sftp-server.0 b/sftp-server.0 index 4c5fbbb72..36c5f846f 100644 --- a/sftp-server.0 +++ b/sftp-server.0 | |||
| @@ -5,8 +5,7 @@ NAME | |||
| 5 | 5 | ||
| 6 | SYNOPSIS | 6 | SYNOPSIS |
| 7 | sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level] | 7 | sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level] |
| 8 | [-P blacklisted_requests] [-p whitelisted_requests] | 8 | [-P denied_requests] [-p allowed_requests] [-u umask] |
| 9 | [-u umask] | ||
| 10 | sftp-server -Q protocol_feature | 9 | sftp-server -Q protocol_feature |
| 11 | 10 | ||
| 12 | DESCRIPTION | 11 | DESCRIPTION |
| @@ -48,17 +47,19 @@ DESCRIPTION | |||
| 48 | DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher | 47 | DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher |
| 49 | levels of debugging output. The default is ERROR. | 48 | levels of debugging output. The default is ERROR. |
| 50 | 49 | ||
| 51 | -P blacklisted_requests | 50 | -P denied_requests |
| 52 | Specify a comma-separated list of SFTP protocol requests that are | 51 | Specify a comma-separated list of SFTP protocol requests that are |
| 53 | banned by the server. sftp-server will reply to any blacklisted | 52 | banned by the server. sftp-server will reply to any denied |
| 54 | request with a failure. The -Q flag can be used to determine the | 53 | request with a failure. The -Q flag can be used to determine the |
| 55 | supported request types. If both a blacklist and a whitelist are | 54 | supported request types. If both denied and allowed lists are |
| 56 | specified, then the blacklist is applied before the whitelist. | 55 | specified, then the denied list is applied before the allowed |
| 56 | list. | ||
| 57 | 57 | ||
| 58 | -p whitelisted_requests | 58 | -p allowed_requests |
| 59 | Specify a comma-separated list of SFTP protocol requests that are | 59 | Specify a comma-separated list of SFTP protocol requests that are |
| 60 | permitted by the server. All request types that are not on the | 60 | permitted by the server. All request types that are not on the |
| 61 | whitelist will be logged and replied to with a failure message. | 61 | allowed list will be logged and replied to with a failure |
| 62 | message. | ||
| 62 | 63 | ||
| 63 | Care must be taken when using this feature to ensure that | 64 | Care must be taken when using this feature to ensure that |
| 64 | requests made implicitly by SFTP clients are permitted. | 65 | requests made implicitly by SFTP clients are permitted. |
| @@ -66,7 +67,8 @@ DESCRIPTION | |||
| 66 | -Q protocol_feature | 67 | -Q protocol_feature |
| 67 | Query protocol features supported by sftp-server. At present the | 68 | Query protocol features supported by sftp-server. At present the |
| 68 | only feature that may be queried is M-bM-^@M-^\requestsM-bM-^@M-^], which may be used | 69 | only feature that may be queried is M-bM-^@M-^\requestsM-bM-^@M-^], which may be used |
| 69 | for black or whitelisting (flags -P and -p respectively). | 70 | to deny or allow specific requests (flags -P and -p |
| 71 | respectively). | ||
| 70 | 72 | ||
| 71 | -R Places this instance of sftp-server into a read-only mode. | 73 | -R Places this instance of sftp-server into a read-only mode. |
| 72 | Attempts to open files for writing, as well as other operations | 74 | Attempts to open files for writing, as well as other operations |
| @@ -93,4 +95,4 @@ HISTORY | |||
| 93 | AUTHORS | 95 | AUTHORS |
| 94 | Markus Friedl <markus@openbsd.org> | 96 | Markus Friedl <markus@openbsd.org> |
| 95 | 97 | ||
| 96 | OpenBSD 6.7 November 30, 2019 OpenBSD 6.7 | 98 | OpenBSD 6.8 June 22, 2020 OpenBSD 6.8 |