1SFTP-SERVER(8)          OpenBSD System Manager's Manual         SFTP-SERVER(8)
2
3NAME
4     sftp-server - SFTP server subsystem
5
6SYNOPSIS
7     sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level]
8                 [-u umask]
9
10DESCRIPTION
11     sftp-server is a program that speaks the server side of SFTP protocol to
12     stdout and expects client requests from stdin.  sftp-server is not
13     intended to be called directly, but from sshd(8) using the Subsystem
14     option.
15
16     Command-line flags to sftp-server should be specified in the Subsystem
17     declaration.  See sshd_config(5) for more information.
18
19     Valid options are:
20
21     -d start_directory
22             specifies an alternate starting directory for users.  The
23             pathname may contain the following tokens that are expanded at
24             runtime: %% is replaced by a literal '%', %h is replaced by the
25             home directory of the user being authenticated, and %u is
26             replaced by the username of that user.  The default is to use the
27             user's home directory.  This option is useful in conjunction with
28             the sshd_config(5) ChrootDirectory option.
29
30     -e      Causes sftp-server to print logging information to stderr instead
31             of syslog for debugging.
32
33     -f log_facility
34             Specifies the facility code that is used when logging messages
35             from sftp-server.  The possible values are: DAEMON, USER, AUTH,
36             LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
37             The default is AUTH.
38
39     -h      Displays sftp-server usage information.
40
41     -l log_level
42             Specifies which messages will be logged by sftp-server.  The
43             possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG,
44             DEBUG1, DEBUG2, and DEBUG3.  INFO and VERBOSE log transactions
45             that sftp-server performs on behalf of the client.  DEBUG and
46             DEBUG1 are equivalent.  DEBUG2 and DEBUG3 each specify higher
47             levels of debugging output.  The default is ERROR.
48
49     -R      Places this instance of sftp-server into a read-only mode.
50             Attempts to open files for writing, as well as other operations
51             that change the state of the filesystem, will be denied.
52
53     -u umask
54             Sets an explicit umask(2) to be applied to newly-created files
55             and directories, instead of the user's default mask.
56
57     For logging to work, sftp-server must be able to access /dev/log.  Use of
58     sftp-server in a chroot configuration therefore requires that syslogd(8)
59     establish a logging socket inside the chroot directory.
60
61SEE ALSO
62     sftp(1), ssh(1), sshd_config(5), sshd(8)
63
64     T. Ylonen and S. Lehtinen, SSH File Transfer Protocol,
65     draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress
66     material.
67
68HISTORY
69     sftp-server first appeared in OpenBSD 2.8.
70
71AUTHORS
72     Markus Friedl <markus@openbsd.org>
73
74OpenBSD 5.3                     January 4, 2013                    OpenBSD 5.3
75