allow to disable SFTP service

Fixes #228
2025-12-07 23:00:55 +03:00 · 2020-11-24 13:44:57 +01:00
parent 99cd1ccfe5
commit 0609188d3f
9 changed files with 112 additions and 48 deletions
--- a/docs/full-configuration.md
+++ b/docs/full-configuration.md
@@ -64,7 +64,7 @@ The configuration file contains the following sections:
    - If `proxy_protocol` is set to 2 and we receive a proxy header from an IP that is not in the list then the connection will be rejected
  - `post_connect_hook`, string. Absolute path to the command to execute or HTTP URL to notify. See [Post connect hook](./post-connect-hook.md) for more details. Leave empty to disable
 - **"sftpd"**, the configuration for the SFTP server
-  - `bind_port`, integer. The port used for serving SFTP requests. Default: 2022
+  - `bind_port`, integer. The port used for serving SFTP requests. 0 means disabled. Default: 2022
  - `bind_address`, string. Leave blank to listen on all available network interfaces. Default: ""
  - `idle_timeout`, integer. Deprecated, please use the same key in `common` section.
  - `max_auth_tries` integer. Maximum number of authentication attempts permitted per connection. If set to a negative number, the number of attempts is unlimited. If set to zero, the number of attempts is limited to 6.
--- a/docs/portable-mode.md
+++ b/docs/portable-mode.md
@@ -19,7 +19,7 @@ Flags:
                                        advertised via multicast DNS, this
                                        flag allows to put username/password
                                        inside the advertised TXT record
-  -S, --advertise-service               Advertise SFTP/FTP service using
+  -S, --advertise-service               Advertise configured services using
                                        multicast DNS
      --allowed-patterns stringArray    Allowed file patterns case insensitive.
                                        The format is:
@@ -88,7 +88,8 @@ Flags:
                                        parallel (default 2)
      --s3-upload-part-size int         The buffer size for multipart uploads
                                        (MB) (default 5)
-  -s, --sftpd-port int                  0 means a random unprivileged port
+  -s, --sftpd-port int                  0 means a random unprivileged port,
+                                        < 0 disabled
  -c, --ssh-commands strings            SSH commands to enable.
                                        "*" means any supported SSH command
                                        including scp