Tim Retout's www presence

Sat, 10 Dec 2011

SFTP default umask

So I was about to configure an FTP server to let a friend upload content for a website... and then I came to my senses and remembered sftp exists. It's supported by the same graphical clients, and avoids me having to figure out SSL certificates and so on.

Next problem: we want to both edit the site. Okay, so I create a group, make it the default group for both users... and now I need to set the umask to 002 so that all group members can edit all files. There's no option in the client...

Skimming Debian bug #496843 (closed Apr 2010, thanks Colin Watson!) we can set this in sshd_config these days - no need to mess about with wrapper scripts. Very easy:

Subsystem sftp /usr/lib/openssh/sftp-server -u 002

Now all content created through the sftp client is group-writable, and owned by the default group of each user! See 'man (8) sftp-server'.

Posted: 10 Dec 2011 20:47 | Tags: , ,

Contact

Tim Retout tim@retout.co.uk
JabberID: tim@retout.co.uk

Comments

I'm afraid I have turned off comments for this blog, because of all the spam. Let's face it, I didn't read them anyway. Feel free to email me.

Me Elsewhere

Copyright © 2007-2014 Tim Retout