# phpman > man > sftp-server(8) [SFTP-SERVER(8)](https://www.chedong.com/phpMan.php/man/SFTP-SERVER/8/markdown) BSD System Manager's Manual [SFTP-SERVER(8)](https://www.chedong.com/phpMan.php/man/SFTP-SERVER/8/markdown) ## NAME **sftp-server** — OpenSSH SFTP server subsystem ## SYNOPSIS **sftp-server** [**-ehR**] [**-d** _start_directory_] [**-f** _log_facility_] [**-l** _log_level_] [**-P** _denied_requests_] [**-p** _allowed_requests_] [**-u** _umask_] **sftp-server** **-Q** _protocol_feature_ ## DESCRIPTION **sftp-server** is a program that speaks the server side of SFTP protocol to stdout and expects client requests from stdin. **sftp-server** is not intended to be called directly, but from [sshd(8)](https://www.chedong.com/phpMan.php/man/sshd/8/markdown) using the **Subsystem** option. Command-line flags to **sftp-server** should be specified in the **Subsystem** declaration. See [sshd_config(5)](https://www.chedong.com/phpMan.php/man/sshdconfig/5/markdown) for more information. Valid options are: ### -d Specifies an alternate starting directory for users. The pathname may contain the fol‐ lowing tokens that are expanded at runtime: %% is replaced by a literal '%', %d is re‐ placed by the home directory of the user being authenticated, and %u is replaced by the username of that user. The default is to use the user's home directory. This option is useful in conjunction with the [sshd_config(5)](https://www.chedong.com/phpMan.php/man/sshdconfig/5/markdown) **ChrootDirectory** option. ### -e ging. ### -f Specifies the facility code that is used when logging messages from **sftp-server**. The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LO‐ CAL5, LOCAL6, LOCAL7. The default is AUTH. ### -h ### -l Specifies which messages will be logged by **sftp-server**. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. INFO and VER‐ BOSE log transactions that **sftp-server** performs on behalf of the client. DEBUG and DE‐ BUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR. ### -P Specifies a comma-separated list of SFTP protocol requests that are banned by the server. **sftp-server** will reply to any denied request with a failure. The **-Q** flag can be used to determine the supported request types. If both denied and allowed lists are specified, then the denied list is applied before the allowed list. ### -p Specifies a comma-separated list of SFTP protocol requests that are permitted by the server. All request types that are not on the allowed list will be logged and replied to with a failure message. Care must be taken when using this feature to ensure that requests made implicitly by SFTP clients are permitted. ### -Q Queries protocol features supported by **sftp-server**. At present the only feature that may be queried is “requests”, which may be used to deny or allow specific requests (flags **-P** and **-p** respectively). ### -R writing, as well as other operations that change the state of the filesystem, will be denied. ### -u Sets an explicit [umask(2)](https://www.chedong.com/phpMan.php/man/umask/2/markdown) to be applied to newly-created files and directories, instead of the user's default mask. On some systems, **sftp-server** must be able to access _/dev/log_ for logging to work, and use of **sftp-server** in a chroot configuration therefore requires that [syslogd(8)](https://www.chedong.com/phpMan.php/man/syslogd/8/markdown) establish a logging socket inside the chroot directory. ## SEE ALSO [sftp(1)](https://www.chedong.com/phpMan.php/man/sftp/1/markdown), [ssh(1)](https://www.chedong.com/phpMan.php/man/ssh/1/markdown), [sshd_config(5)](https://www.chedong.com/phpMan.php/man/sshdconfig/5/markdown), [sshd(8)](https://www.chedong.com/phpMan.php/man/sshd/8/markdown) T. Ylonen and S. Lehtinen, _SSH_ _File_ _Transfer_ _Protocol_, draft-ietf-secsh-filexfer-02.txt, October 2001, work in progress material. ## HISTORY **sftp-server** first appeared in OpenBSD 2.8. ## AUTHORS Markus Friedl <<_markus@openbsd.org_>> BSD July 27, 2021 BSD