similar to: [Bug 1229] No way to set default umask for SFTP server

http://bugzilla.mindrot.org/show_bug.cgi?id=1229 ------- Comment #2 from hans at parse.nl 2006-11-09 20:52 ------- I think there's a bunch of Gentoo users including me that are interested in this feature aswell, now that the Gentoo core system packages team decided to ditch the sftplogging (http://sftplogging.sourceforge.net/) features of the openssh ebuild. See my ticket at

I'm running OpenSSH 5.1p1 on openSUSE 10.3 (i586) and I want to setup chroot jails for certain SFTP-only users. I use the following lines in my sshd_config file: Match Group sftponly ChrootDirectory /home/chroot-%u ForceCommand internal-sftp It works great. The problem is that some of my users need umask 002 for their uploads. I tried a few ways to achieve this: * set umask in sshrc,

Hello, I have noticed that the -u parameter to the sftp-server or internal-sftp subsystem is not working correctly. For openssh-5.6p1 I believe that the problem lies in this code, starting at line 1414 in sftp-server.c: ---------------------------------------------------------- case 'u': mask = (mode_t)strtonum(optarg, 0, 0777, &errmsg); if (errmsg != NULL)

https://bugzilla.mindrot.org/show_bug.cgi?id=1715 Summary: Integrate patch to provide ability to force 'umask' in sftp-server Product: Portable OpenSSH Version: 5.3p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sftp-server

Hi, I understand that if I specify `ForceCommand internal-sftp -u <umask>`, the permission of any files uploaded via sftp will be calculated by `<original permission> & ~umask`. However, this can be bypassed by the `-P` option of `put` command. We are developing a shared hosting platform, therefore we definitely don?t want our users being able to upload any executable files. We

Hi, I've already discussed this issue in SSHSCI's SSH 2.2 context on ssh at clinet.fi list. My standpoint is that it's wrong and meaningless to perform chown in sftp-server as the file is most likely copied between systems with distinct accounting system where user is not necessarily (and even unlikely) has same numeric user id. The original bug report was that user couldn't

https://bugzilla.mindrot.org/show_bug.cgi?id=1844 Summary: Explicit file permissions enhancement to sftp-server Product: Portable OpenSSH Version: 5.6p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sftp-server AssignedTo: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1584 Summary: umask setting in sshd Product: Portable OpenSSH Version: 5.2p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: leo.baltus at omroep.nl

Hi Jakub, Sorry for the late reply. I was off from work for a few days. I?ve tried to add the noexec, nosuid and nodev mount options but it seems to have some difficulties to do so with kubernetes nfs-mount. I?ll keep trying to resolve it anyway. The patch you pasted is exactly the thing I wanna have. I think it?s super useful and I definitely vote yes for merging it to master. I was actually

I'm having trouble with users transferring files to a solaris box running ossh v2.3.1p1 via sftp using ssh.com's windows client. The sftp client appears not to respect the users umask, creating files with either mode 666 or 600. We're using version 2.4.0 of the windows client. Any ideas? thanks, -Brett ----------------- Brett Longworth Systems Manager Department of Biology

Sftp fails to correctly preserve permissions when fetching a file. It adds write permission for the owner (presumably so it can write the file). Sftp also fails to preserve the uid/gid. Added code so that if is running as root, uid and gid are preserved. patch is based on Openssh 3.4p1. *** sftp-client.c@@\main\1 Tue Oct 1 17:26:20 2002 --- sftp-client.c Tue Nov 5 10:22:52 2002

Hello again, Even with umask working (thanks very much!) I have found that I require more control over file permissions with sftp-server/internal-sftp. Please see the attached patch. It adds yet another option to sftp-server (-m) that will force file permissions. I have a been running a patched version of 5.6p1 under RHEL4 in production with no problems. Please consider including this change

On 7/15/20 2:39 AM, Gianluca Cecchi wrote: > On Wed, Jul 15, 2020 at 2:39 AM Emmett Culley via CentOS <centos at centos.org <mailto:centos at centos.org>> wrote: > > > Thanks for the info.? I hadn't seen that before nor many of the links.? I had seen the suggested systemd fix, but have never been able got them to work. And I've tried many combinations.? Still

Hi OpenSSH developers, I'm using OpenSSH on a daily basis and I'm very pleased with the work you've done. I am contributing to some Open Source software hosted at Savannah https://savannah.nongnu.org/projects/tsp and we recently hit some sftp unexpected behavior: https://savannah.gnu.org/support/?105838 when using chmod sftp client command it appears that setuid / setgid bits are

Hello. These patches add a new mode of operation for the sftp server. It is located between the ordinary, unrestricted mode and read-only mode. It allows you to add files to the server, but only if these files do not exist on the server before. Changes to existing files - are prohibited. Please review them, maybe these patches will be useful not only to me. Thank you. -------------- next part

Hello, I just downloaded OpenSSH 3.5p1. This version has some great improvement in sftp client. But I still miss the FTP's "ls [flags] remote-path [localpath]" feature to redirect the output of ls/dir to a local file. The following are the diff outputs against 3.5p1 to enable this feature. *** sftp-int.c.orig Wed Sep 11 20:34:15 2002 --- sftp-int.c Fri Oct 18 13:39:46 2002

hello! i want to use the new options for sftp logging (openshh version 4.5, solaris 10), but sshd doesn't know the options (LogSftp, Sftpxxxxx) from the release notes 4.4: " * Add optional logging of transactions to sftp-server(8). " 4.5 is only a bug fix version. from http://sftplogging.sourceforge.net/ " NOTICE: 1/31/2007. This patch is superseded by the sftpfilecontrol

On 7/13/20 4:21 PM, Phoenix, Merka wrote: >>> I need to set the umask for apache to 002. I've tried every idea I've found on the internet, but nothing make a difference. Most suggest that I put "umask 002" in /etc/sysconfig/httpd, but that doesn't seem to make a difference.>> >>> Other's suggest adding something to the httpd.service script for

Folks, I've noticed poor performance using sftp. If anyone has any advice on how to improve performance, I'd like to hear it. Test simply involved transferring a single 143MB MP3 file using defaults for all the program configs. The opensshd 3.0.2p1 server is used in all tests. Software: openssh suite 3.0.2p1 psftp (putty sftp client) latest dev snapshot pscp (putty scp client) latest

The included patch for openssh 3.0.2p1 implements overlapping read requests for the sftp client. It should be able to handle weird cases such as shriking files and reordered responses. This is only the first shot, and I'd be happy for any comments. I plan to implement something similar for the write path if this works out well. The maximum number of outstanding requests is quite high at