diff options
| author | des <des@FreeBSD.org> | 2014-01-31 13:12:02 +0000 |
|---|---|---|
| committer | des <des@FreeBSD.org> | 2014-01-31 13:12:02 +0000 |
| commit | 7573e91b127f1c198210fd345d3ca198b598cfc6 (patch) | |
| tree | d32fb61cec38c52314210c3459fd436685dacdba /crypto/openssh/sftp-server.8 | |
| parent | c692973c992c321bb10e631f572fab1500ae5b0e (diff) | |
| parent | 45d0197dd79eceffb5bbc29f75199eb09af5a5f9 (diff) | |
| download | FreeBSD-src-7573e91b127f1c198210fd345d3ca198b598cfc6.zip FreeBSD-src-7573e91b127f1c198210fd345d3ca198b598cfc6.tar.gz | |
Upgrade to OpenSSH 6.5p1.
Diffstat (limited to 'crypto/openssh/sftp-server.8')
| -rw-r--r-- | crypto/openssh/sftp-server.8 | 38 |
1 files changed, 36 insertions, 2 deletions
diff --git a/crypto/openssh/sftp-server.8 b/crypto/openssh/sftp-server.8 index 61c2aa3..4407045 100644 --- a/crypto/openssh/sftp-server.8 +++ b/crypto/openssh/sftp-server.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp-server.8,v 1.23 2013/07/16 00:07:52 schwarze Exp $ +.\" $OpenBSD: sftp-server.8,v 1.25 2013/10/14 14:18:56 jmc Exp $ .\" $FreeBSD$ .\" .\" Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -23,7 +23,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd July 16, 2013 +.Dd October 14, 2013 .Dt SFTP-SERVER 8 .Os .Sh NAME @@ -31,11 +31,17 @@ .Nd SFTP server subsystem .Sh SYNOPSIS .Nm sftp-server +.Bk -words .Op Fl ehR .Op Fl d Ar start_directory .Op Fl f Ar log_facility .Op Fl l Ar log_level +.Op Fl P Ar blacklisted_requests +.Op Fl p Ar whitelisted_requests .Op Fl u Ar umask +.Ek +.Nm +.Fl Q Ar protocol_feature .Sh DESCRIPTION .Nm is a program that speaks the server side of SFTP protocol @@ -94,6 +100,34 @@ performs on behalf of the client. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR. +.It Fl P Ar blacklisted_requests +Specify a comma-separated list of SFTP protocol requests that are banned by +the server. +.Nm +will reply to any blacklisted request with a failure. +The +.Fl Q +flag can be used to determine the supported request types. +If both a blacklist and a whitelist are specified, then the blacklist is +applied before the whitelist. +.It Fl p Ar whitelisted_requests +Specify a comma-separated list of SFTP protocol requests that are permitted +by the server. +All request types that are not on the whitelist will be logged and replied +to with a failure message. +.Pp +Care must be taken when using this feature to ensure that requests made +implicitly by SFTP clients are permitted. +.It Fl Q Ar protocol_feature +Query protocol features supported by +.Nm . +At present the only feature that may be queried is +.Dq requests , +which may be used for black or whitelisting (flags +.Fl P +and +.Fl p +respectively). .It Fl R Places this instance of .Nm |
