HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Set umask for certain sftp users

 
Richard Ross
Regular Advisor

Set umask for certain sftp users

Thought I would be able to perform the following .. Any other ideas how I can do this? I basically want to create a drop box .. write only access without list or read capabilities to their home directory

I added the following line to /opt/ssh/etc/sshd_config

Match User hqdata
SftpUmask 757

/sbin/init.d/secsh start
/opt/ssh/etc/sshd_config line 171: Directive 'SftpUmask' is not allowed within a Match block
EXIT CODE: 255

ssh -V
OpenSSH_5.0p1+sftpfilecontrol-v1.2-hpn13v1, OpenSSL 0.9.7m 23 Feb 2007
HP-UX Secure Shell-A.05.00.012, HP-UX Secure Shell version

Appreciate any help
Richard
3 REPLIES
Steven E. Protter
Exalted Contributor

Re: Set umask for certain sftp users

Shalom,

Either the ssh version needs update or you should set this in the actual user profiles.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Richard Ross
Regular Advisor

Re: Set umask for certain sftp users

Sorry .. should have been umask 507
Richard Ross
Regular Advisor

Re: Set umask for certain sftp users

Steven .. I don't believe that sftp will source .profile .kshrc or .netrc .. so I'm not sure which profile you are referring to .. Also, the man page for sshd_config says that sftpumask is not valid the Match parameter, so I doubt that upgrading ssh will do anything as well ..

Thanks