From f284008fb51824e379a4b5e0d081a67adbb66933 Mon Sep 17 00:00:00 2001 From: Nicola Murino Date: Thu, 26 Mar 2020 23:38:24 +0100 Subject: [PATCH] enable scp in default configuration remove the deprecated enable_scp setting --- config/config.go | 1 - docs/full-configuration.md | 5 ++--- sftpd/server.go | 7 ------- sftpd/sftpd.go | 2 +- sftpd/sftpd_test.go | 1 - sftpgo.json | 4 ++-- 6 files changed, 5 insertions(+), 15 deletions(-) diff --git a/config/config.go b/config/config.go index 5cbd5a6c..af1043ba 100644 --- a/config/config.go +++ b/config/config.go @@ -55,7 +55,6 @@ func init() { HTTPNotificationURL: "", }, Keys: []sftpd.Key{}, - IsSCPEnabled: false, KexAlgorithms: []string{}, Ciphers: []string{}, MACs: []string{}, diff --git a/docs/full-configuration.md b/docs/full-configuration.md index 98a6f873..498a991c 100644 --- a/docs/full-configuration.md +++ b/docs/full-configuration.md @@ -52,14 +52,13 @@ The configuration file contains the following sections: - `http_notification_url`, a valid URL. An HTTP GET request will be executed to this URL. Leave empty to disable. - `keys`, struct array. It contains the daemon's private keys. If empty or missing, the daemon will search or try to generate `id_rsa` and `id_ecdsa` keys in the configuration directory. - `private_key`, path to the private key file. It can be a path relative to the config dir or an absolute one. - - `enable_scp`, boolean. Default disabled. Set to `true` to enable the experimental SCP support. This setting is deprecated and will be removed in future versions. Please add `scp` to the `enabled_ssh_commands` list to enable it. - `kex_algorithms`, list of strings. Available KEX (Key Exchange) algorithms in preference order. Leave empty to use default values. The supported values can be found here: [`crypto/ssh`](https://github.com/golang/crypto/blob/master/ssh/common.go#L46 "Supported kex algos") - `ciphers`, list of strings. Allowed ciphers. Leave empty to use default values. The supported values can be found here: [`crypto/ssh`](https://github.com/golang/crypto/blob/master/ssh/common.go#L28 "Supported ciphers") - `macs`, list of strings. available MAC (message authentication code) algorithms in preference order. Leave empty to use default values. The supported values can be found here: [`crypto/ssh`](https://github.com/golang/crypto/blob/master/ssh/common.go#L84 "Supported MACs") - `login_banner_file`, path to the login banner file. The contents of the specified file, if any, are sent to the remote user before authentication is allowed. It can be a path relative to the config dir or an absolute one. Leave empty to disable login banner. - `setstat_mode`, integer. 0 means "normal mode": requests for changing permissions, owner/group and access/modification times are executed. 1 means "ignore mode": requests for changing permissions, owner/group and access/modification times are silently ignored. - - `enabled_ssh_commands`, list of enabled SSH commands. These SSH commands are enabled by default: `md5sum`, `sha1sum`, `cd`, `pwd`. `*` enables all supported commands. Some commands are implemented directly inside SFTPGo, while for other commands we use system commands that need to be installed and in your system's `PATH`. For system commands we have no direct control on file creation/deletion and so we cannot support remote filesystems, such as S3, and quota check is suboptimal: if quota is enabled, the number of files is checked at the command begin and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one, and it is checked against the bytes transferred via SSH. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Anyway, we see the bytes that the remote command sends to the local command via SSH. These bytes contain both protocol commands and files, and so the size of the files is different from the size trasferred via SSH: for example, a command can send compressed files, or a protocol command (few bytes) could delete a big file. To mitigate this issue, quotas are recalculated at the command end with a full home directory scan. This could be heavy for big directories. If you need system commands and quotas you could consider disabling quota restrictions and periodically update quota usage yourself using the REST API. We support the following SSH commands: - - `scp`, SCP is an experimental feature, we have our own SCP implementation since we can't rely on "scp" system command to proper handle quotas and user's home dir restrictions. The SCP protocol is quite simple but there is no official docs about it, so we need more testing and feedback before enabling it by default. We may not handle some borderline cases or sneaky bugs. Please do careful tests yourself before enabling SCP and let us known if something does not work as expected for your use cases. SCP between two remote hosts is supported using the `-3` scp option. + - `enabled_ssh_commands`, list of enabled SSH commands. These SSH commands are enabled by default: `md5sum`, `sha1sum`, `cd`, `pwd`, `scp`. `*` enables all supported commands. Some commands are implemented directly inside SFTPGo, while for other commands we use system commands that need to be installed and in your system's `PATH`. For system commands we have no direct control on file creation/deletion and so we cannot support virtual folders, cloud storage filesystem, such as S3, and quota check is suboptimal: if quota is enabled, the number of files is checked at the command start and not while new files are created. The allowed size is calculated as the difference between the max quota and the used one, and it is checked against the bytes transferred via SSH. The command is aborted if it uploads more bytes than the remaining allowed size calculated at the command start. Anyway, we see the bytes that the remote command sends to the local command via SSH. These bytes contain both protocol commands and files, and so the size of the files is different from the size trasferred via SSH: for example, a command can send compressed files, or a protocol command (few bytes) could delete a big file. To mitigate this issue, quotas are recalculated at the command end with a full home directory scan. This could be heavy for big directories. If you need system commands and quotas you could consider disabling quota restrictions and periodically update quota usage yourself using the REST API. We support the following SSH commands: + - `scp`, we have our own SCP implementation since we can't rely on `scp` system command to proper handle quotas, user's home dir restrictions, cloud storage providers and virtual folders. SCP between two remote hosts is supported using the `-3` scp option. - `md5sum`, `sha1sum`, `sha256sum`, `sha384sum`, `sha512sum`. Useful to check message digests for uploaded files. These commands are implemented inside SFTPGo so they work even if the matching system commands are not available, for example, on Windows. - `cd`, `pwd`. Some SFTP clients do not support the SFTP SSH_FXP_REALPATH packet type, so they use `cd` and `pwd` SSH commands to get the initial directory. Currently `cd` does nothing and `pwd` always returns the `/` path. - `git-receive-pack`, `git-upload-pack`, `git-upload-archive`. These commands enable support for Git repositories over SSH. They need to be installed and in your system's `PATH`. Git commands are not allowed inside virtual folders or inside directories with file extensions filters. diff --git a/sftpd/server.go b/sftpd/server.go index 91d8e6aa..998ccb6d 100644 --- a/sftpd/server.go +++ b/sftpd/server.go @@ -63,10 +63,6 @@ type Configuration struct { Actions Actions `json:"actions" mapstructure:"actions"` // Keys are a list of host keys Keys []Key `json:"keys" mapstructure:"keys"` - // IsSCPEnabled determines if experimental SCP support is enabled. - // This setting is deprecated and will be removed in future versions, - // please add "scp" to the EnabledSSHCommands list to enable it. - IsSCPEnabled bool `json:"enable_scp" mapstructure:"enable_scp"` // KexAlgorithms specifies the available KEX (Key Exchange) algorithms in // preference order. KexAlgorithms []string `json:"kex_algorithms" mapstructure:"kex_algorithms"` @@ -502,9 +498,6 @@ func (c *Configuration) checkSSHCommands() { return } sshCommands := []string{} - if c.IsSCPEnabled { - sshCommands = append(sshCommands, "scp") - } for _, command := range c.EnabledSSHCommands { if utils.IsStringInSlice(command, supportedSSHCommands) { sshCommands = append(sshCommands, command) diff --git a/sftpd/sftpd.go b/sftpd/sftpd.go index 40b36736..e80989ed 100644 --- a/sftpd/sftpd.go +++ b/sftpd/sftpd.go @@ -67,7 +67,7 @@ var ( setstatMode int supportedSSHCommands = []string{"scp", "md5sum", "sha1sum", "sha256sum", "sha384sum", "sha512sum", "cd", "pwd", "git-receive-pack", "git-upload-pack", "git-upload-archive", "rsync"} - defaultSSHCommands = []string{"md5sum", "sha1sum", "cd", "pwd"} + defaultSSHCommands = []string{"md5sum", "sha1sum", "cd", "pwd", "scp"} sshHashCommands = []string{"md5sum", "sha1sum", "sha256sum", "sha384sum", "sha512sum"} systemCommands = []string{"git-receive-pack", "git-upload-pack", "git-upload-archive", "rsync"} ) diff --git a/sftpd/sftpd_test.go b/sftpd/sftpd_test.go index 9d8a3ac6..f5bbe700 100644 --- a/sftpd/sftpd_test.go +++ b/sftpd/sftpd_test.go @@ -245,7 +245,6 @@ func TestInitialization(t *testing.T) { sftpdConf.Umask = "invalid umask" sftpdConf.BindPort = 2022 sftpdConf.LoginBannerFile = "invalid_file" - sftpdConf.IsSCPEnabled = true sftpdConf.EnabledSSHCommands = append(sftpdConf.EnabledSSHCommands, "ls") err := sftpdConf.Initialize(configDir) if err == nil { diff --git a/sftpgo.json b/sftpgo.json index e6f647d7..72a6c142 100644 --- a/sftpgo.json +++ b/sftpgo.json @@ -13,7 +13,6 @@ "http_notification_url": "" }, "keys": [], - "enable_scp": false, "kex_algorithms": [], "ciphers": [], "macs": [], @@ -23,7 +22,8 @@ "md5sum", "sha1sum", "cd", - "pwd" + "pwd", + "scp" ], "keyboard_interactive_auth_program": "", "proxy_protocol": 0,