| SFTP-SERVER(8) | System Manager's Manual | SFTP-SERVER(8) | 
sftp-server —
| sftp-server | [ -ehR]
      [-dstart_directory]
      [-flog_facility]
      [-llog_level]
      [-Pdenied_requests]
      [-pallowed_requests]
      [-uumask] | 
| sftp-server | -Qprotocol_feature | 
sftp-server is a program that speaks the server side of
  SFTP protocol to stdout and expects client requests from stdin.
  sftp-server is not intended to be called directly, but
  from sshd(8) using the
  Subsystem option.
Command-line flags to sftp-server should
    be specified in the Subsystem declaration. See
    sshd_config(5) for more
    information.
Valid options are:
-d
    start_directoryChrootDirectory option.-esftp-server to print logging information to
      stderr instead of syslog for debugging.-f
    log_facilitysftp-server. The possible values are: DAEMON,
      USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6,
      LOCAL7. The default is AUTH.-hsftp-server usage information.-l
    log_levelsftp-server. The possible values are: QUIET,
      FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. INFO and
      VERBOSE log transactions that sftp-server performs
      on behalf of the client. DEBUG and DEBUG1 are equivalent. DEBUG2 and
      DEBUG3 each specify higher levels of debugging output. The default is
      ERROR.-P
    denied_requestssftp-server will reply to any
      denied request with a failure. The -Q flag can be
      used to determine the supported request types. If both denied and allowed
      lists are specified, then the denied list is applied before the allowed
      list.-p
    allowed_requestsCare must be taken when using this feature to ensure that requests made implicitly by SFTP clients are permitted.
-Q
    protocol_featuresftp-server. At present the only feature that may
      be queried is “requests”, which may be used to deny or allow
      specific requests (flags -P and
      -p respectively).-Rsftp-server into a
      read-only mode. Attempts to open files for writing, as well as other
      operations that change the state of the filesystem, will be denied.-u
    umaskOn some systems, sftp-server must be able
    to access /dev/log for logging to work, and use of
    sftp-server in a chroot configuration therefore
    requires that syslogd(8)
    establish a logging socket inside the chroot directory.
T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-filexfer-02.txt, October 2001, work in progress material.
sftp-server first appeared in OpenBSD
  2.8.
| July 27 2021 | NetBSD 10.1 |