Setting permissions for SFTP transfer (during transfer, not after)

Tom H tomh0665 at gmail.com
Wed Feb 24 14:36:58 UTC 2010


>> Your requirements are contradictory. You want a mode of 0660 but users
>> must "not read, change or delete the file at any time (during or after
>> the transfer)". If you set 0660, they can modify the sftp'd files
>> after sftp'ing them.

> I ment at no time should users outside the group have any access to the file.

OK. Thanks.


>> To have the 0660 mode, change
>> Subsystem sftp /usr/libexec/openssh/sftp-server
>> in
>> /etc/ssh/sshd.config
>> to set a umask.

> Thanks for that, I will have a look at the file. Is this a umask for
> all gusers of can it be done on a user basis?

This will set a umask for all sftp users.

If you just want a umask for some users, you could set it in their
~/.bashrc but that will also change their umask if and when they ssh
or otherwise login to that box.




More information about the ubuntu-users mailing list