diff options
Diffstat (limited to 'sftp-server.0')
-rw-r--r-- | sftp-server.0 | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/sftp-server.0 b/sftp-server.0 index 4c5fbbb72..36c5f846f 100644 --- a/sftp-server.0 +++ b/sftp-server.0 | |||
@@ -5,8 +5,7 @@ NAME | |||
5 | 5 | ||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level] | 7 | sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level] |
8 | [-P blacklisted_requests] [-p whitelisted_requests] | 8 | [-P denied_requests] [-p allowed_requests] [-u umask] |
9 | [-u umask] | ||
10 | sftp-server -Q protocol_feature | 9 | sftp-server -Q protocol_feature |
11 | 10 | ||
12 | DESCRIPTION | 11 | DESCRIPTION |
@@ -48,17 +47,19 @@ DESCRIPTION | |||
48 | DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher | 47 | DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher |
49 | levels of debugging output. The default is ERROR. | 48 | levels of debugging output. The default is ERROR. |
50 | 49 | ||
51 | -P blacklisted_requests | 50 | -P denied_requests |
52 | Specify a comma-separated list of SFTP protocol requests that are | 51 | Specify a comma-separated list of SFTP protocol requests that are |
53 | banned by the server. sftp-server will reply to any blacklisted | 52 | banned by the server. sftp-server will reply to any denied |
54 | request with a failure. The -Q flag can be used to determine the | 53 | request with a failure. The -Q flag can be used to determine the |
55 | supported request types. If both a blacklist and a whitelist are | 54 | supported request types. If both denied and allowed lists are |
56 | specified, then the blacklist is applied before the whitelist. | 55 | specified, then the denied list is applied before the allowed |
56 | list. | ||
57 | 57 | ||
58 | -p whitelisted_requests | 58 | -p allowed_requests |
59 | Specify a comma-separated list of SFTP protocol requests that are | 59 | Specify a comma-separated list of SFTP protocol requests that are |
60 | permitted by the server. All request types that are not on the | 60 | permitted by the server. All request types that are not on the |
61 | whitelist will be logged and replied to with a failure message. | 61 | allowed list will be logged and replied to with a failure |
62 | message. | ||
62 | 63 | ||
63 | Care must be taken when using this feature to ensure that | 64 | Care must be taken when using this feature to ensure that |
64 | requests made implicitly by SFTP clients are permitted. | 65 | requests made implicitly by SFTP clients are permitted. |
@@ -66,7 +67,8 @@ DESCRIPTION | |||
66 | -Q protocol_feature | 67 | -Q protocol_feature |
67 | Query protocol features supported by sftp-server. At present the | 68 | Query protocol features supported by sftp-server. At present the |
68 | only feature that may be queried is M-bM-^@M-^\requestsM-bM-^@M-^], which may be used | 69 | only feature that may be queried is M-bM-^@M-^\requestsM-bM-^@M-^], which may be used |
69 | for black or whitelisting (flags -P and -p respectively). | 70 | to deny or allow specific requests (flags -P and -p |
71 | respectively). | ||
70 | 72 | ||
71 | -R Places this instance of sftp-server into a read-only mode. | 73 | -R Places this instance of sftp-server into a read-only mode. |
72 | Attempts to open files for writing, as well as other operations | 74 | Attempts to open files for writing, as well as other operations |
@@ -93,4 +95,4 @@ HISTORY | |||
93 | AUTHORS | 95 | AUTHORS |
94 | Markus Friedl <markus@openbsd.org> | 96 | Markus Friedl <markus@openbsd.org> |
95 | 97 | ||
96 | OpenBSD 6.7 November 30, 2019 OpenBSD 6.7 | 98 | OpenBSD 6.8 June 22, 2020 OpenBSD 6.8 |