The SFTP Users Dialog is used to configure SFTP settings for Pragma FortressSSH Server.
Secure File Transfer (SFTP) is a ftp-like transfer of files that uses the secure ssh2 data communications. SFTP does not use the ftp protocol. A standard ftp client cannot be used to connect to a sftp server.
The sftp server is installed with the ssh server. It will automatically launch when a sftp client connects to the server. SFTP access is on by default. Use the Access Control page to turn off all access or explictly allow users using the SFTP Users main page.
Only Allow Configured Users Access to SFTP
Check this box to deny SFTP access to any user not explicitly listed in the user box.
Logging
Use this list to choose the type of SFTP session logging desired.
Off - No logging.
Transfers - Log only the files transferred and the result of the transfer.
Detailed - Log all commands and results of the sftp session.
Status - Log all events performed by the sftp server. This is the most detailed logging available.
Directory for Log Files
Choose the directory to store sftp log files.
To configure the sftp related settings for all sftp users, modify the settings for the Default user. To create a unique environment for each user or to grant access to only specific users, create the user and modify their settings individually.
Home directory functionality
Home directory - Specify the path to the home directory for the default sftp user in this field.
Restrict user to home
directory or sub-directory - Select this option to restrict
the sftp user's accress to the home directory and its sub directories.
Allow user to traverse
above home directory - Select this option to allow the sftp
user to traverse to all directories above the home directory if the
home directory set above is not a root directory.
Use virtual directory assignments
- Select this option to the virtualize the directory structure for
the sftp user(s). Please read the information below:
In this mode the root of the sftp session has no actual physical directory. It is a made up construct by the sftp server. The user is allowed to configure the first level directories to point to specific file paths. This allows the SFTP server administrator to be able to grant access to specific directories to specific users. Consider the following directory tree:
+ -------- Documents and Settings ------ localuser
|
C:
|
+ --------- TempSuppose you wish to give the user only access to the localuser directory and the temp directory. Using the mapped root mechanism, you would need to make the root C:. That is the only way the sftp user would be able to see and access both directories. Using virtual roots, this isn’t necessary. The administrator can configure the sftp user to use a virtual root with two subdirectories; one for each of the desired directories. The user will not be able to see or access anything but those specified. Using the above tree as an example, the vroot could be configured as:
UserDir %USERPROFILE%
Temp C:\Temp
When the sftp user connects, they will two directories in their root, Temp and UserDir. Traversing into either of these will allow the sftp user to access the contents of the C:\Documents and Settings\localuser and C:\temp directories, any directories beneath them and nothing more.
Map User Drives - Select this option to map all existing drives available to the user .. i.e. mapped for the user using the user's credentials outside the sftp session.
Map drives in background
- Select this option to do the above in the background so as to get
the sftp prompt immediately.
Show hidden files -
Select this option to display hidden files to the sftp user.