SSH Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

181

182

183

184

185

186

187

188

189

190

"/home" or "/usr" or "/" will not be allowed. Specifying option LOCKED results in a pseudo root visible for the user, i.e.

a pwd command will show "/" as current directory.

If a value /G LOCKED is used, then the user can only access Guardian files and no OSS files.

SFTP-PRIORITY

A number specifying the priority of the SFTPSERV processes for this user. Following are the meanings of the values

allowed for this parameter:

Value Meaning

1-199 Use the given priority value

-1 Use the same priority as the SSH2 process starting SFTPSERV

The default value is 100

SFTP-SECURITY

This parameter is comprised of a comma-separated list of allowed operations for the user, with operations enclosed in

brackets. The following operations are available:

• LIST: allows perusal of files

• READ: allows downloading of files to the remote system

• WRITE: allows uploading of files from the remote system

• PURGE: allows deletion of files on the NonStop system

• RENAME: allows renaming of files on the NonStop system

• MKDIR: allows creation of directories on the NonStop system

• RMDIR: allows removal of directories on the NonStop system

• SYMLINK: allows creation of symbolic links on the NonStop system

• ALL: shortcut for all operations

• NONE: shortcut for no operation

Operations can be abbreviated as long as the abbreviation is unambiguous.

Example:

• SFTP-SECURITY (WRITE,LIST)

o will only allow perusal of files and uploading of files

o can be abbreviated as SFTP-SECURITY (W,L)

SHELL-COMMAND

This attribute specifies a forced command that is to be executed rather than any command given by an exec request from

the SSH client. A forced command allows you to limit shell access to specific tasks or implement additional security

measures. SSH2 will retain commands given in the user's exec request, in the SSH_ORIGINAL_COMMAND

environment variable, to allow a shell script to analyze and/or execute the original command.

SHELL-ENVIRONMENT

The full OSS file name of a shell script preparing the shell environment for non-login shells (which are started without

executing /etc/profile or ~/.profile). The value will be used to set environment variable ENV (see man pages of ksh for

information on how the shell processes ENV). The attribute value (shell script) can contain absolute paths but also pre-

defined values like $HOME or ~.

HP NonStop SSH Reference Manual SSHCOM Command Reference • 181