I am using various SFTP clients for uploading files to an SFTP server and I have a problem with default permission used when putting files.
When requesting to put a file, SFTP client like WinSCP or Filezilla will send the SSH_OPEN command without requesting any explicit file permission.
On the other side, it looks like the OpenSSH sftp command on Linux (Red Hat and Ubuntu) is pending the SSH_OPEN command together with the '640' mode.
How can I configure the OpenSSH command to not explictly set the file mode or how can I configure it to send a mode, other than 640?
Many thanks!
Update:
I checked the OpenSSH sftp client source code and it looks like OpenSSH sftp will always tries to preserve file mode even if -P is not set: http://www.koders.com/c/fidD3B20680F615B33ACCB42398FAAFEE1C007DF942.aspx?s=rsa#L986
To solve this problem I used Putty SFTP client.
If an SFTP client does not specify permissions for uploaded files, the OpenSSH SFTP server assigns 0664 permissions to newly created files. That's for the default umask 0002, which you can change using the
-u
switch as the answer by @JimB shows.If an SFTP client specifies the permissions, OpenSSH server uses the specified permissions (the umask does not apply).
Overview of some popular SFTP clients:
PSFTP: Does not allow you to set permissions for uploaded files. (But Unix version preserves files of source local file)
OpenSSH
sftp
: Does not allow you to set permissions for uploaded files. Preserves files of source local file. For details on the-P
switch, see Does OpenSSH SFTP server use umask or preserve client side permissions after put command (chrooted environment)?WinSCP: You can set permissions for uploaded files
See https://winscp.net/eng/docs/ui_transfer_custom
(I'm the author of WinSCP)
FileZilla: Does not allow you to set permissions for uploaded files. Server's default (umask) applies.
The sftp-server will create the new file with the default umask of the user. This can be overridden with the
-u umask
option to sftp-serverThe client (OpenSSH sftp) can choose to preserve local permission by using the
-p
option, which will send the file then fchmod it appropriately.If you're strictly asking how to set a mandatory file mode with the sftp client; you can't (at least with openssh sftp-client). You will have to send a chmod after sending the file.
I believe that the sftp-server will use the user's profile's default umask unless it has been started with an explicit umask (man 8 sftp-server for details).