Subject: Re: [Summer of code] Proposal : a Sftp server
To: Hubert Feyrer <>
From: Aris Adamantiadis <>
List: tech-userlevel
Date: 06/15/2005 00:49:17
Le Mardi 14 Juin 2005 22:37, vous avez =E9crit=A0:
> On Tue, 14 Jun 2005, Aris Adamantiadis wrote:
> > -Anonymous accounts
> > -Jailing user accesses
> > -ACL on file access not based on standard FS acls
> > -File transfer logging
> > etc.
> > I would be happy to receive feedback on how you perceive this projet and
> > what you think about it.
> Why not add this to OpenSSH?
> Starting a seperate project seems like a lot of overhead until you get
> where OpenSSH is now, so that you can do what you really want.
>   - Hubert
In fact, I already started the libssh project which only miss server=20
capabilities which lot of developers are asking.
But I've though about this :
There is a problem about openssh and anonymous account : openssh needs a=20
special configuration in /etc/passwd to have anonymous accounts which canno=
execute a shell, but it's not that important. It's not as simple as setting=
"user ftp is anonymous" into a configuration file and saying that anonymous=
users can't upload except in upload/ even if the /home/ftp directory is 777.

My idea was to make the server behave in two different ways depending the w=
it's called or compiled:
1- standalone server which behaves like a ssh server. The server is=20
single-process, meaning that all file accesses are done using the same=20
process. That's the most powerfull system for file services on monoprocesso=
2- people want to open only one port for SSH and want to keep an openssh op=
for standard shell. Then, the sftp server is called like the current=20
implementation of the openssh sftp server, with all ssh calls avoided (will=
communicate through the pipes to sshd).

Thank you for your comment,