Bug#1006171: marked as done (Make internal-sftp the default)

To: MichaIng <micha@dietpi.com>
Subject: Bug#1006171: marked as done (Make internal-sftp the default)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Wed, 07 May 2025 14:36:02 +0000
Message-id: <[🔎] handler.1006171.D1006171.17466284363065035.ackdone@bugs.debian.org>
Reply-to: 1006171@bugs.debian.org
References: <bb824c67-91b6-42ab-9b90-4bda1d743977@dietpi.com> <13ae6053-fb94-bfba-7bf3-a949d4d9bed0@dietpi.com>

Your message dated Wed, 7 May 2025 16:33:51 +0200
with message-id <bb824c67-91b6-42ab-9b90-4bda1d743977@dietpi.com>
and subject line Re: Bug#1006171: Acknowledgement (Make internal-sftp the default)
has caused the Debian Bug report #1006171,
regarding Make internal-sftp the default
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1006171: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006171
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org

Subject: Make internal-sftp the default

From: MichaIng <micha@dietpi.com>

Date: Sun, 20 Feb 2022 14:46:50 +0100

Message-id: <13ae6053-fb94-bfba-7bf3-a949d4d9bed0@dietpi.com>
Package: openssh-server
Version: 1:8.8p1-1
Currently the standalone OpenSSH sftp-server is used as default SFTPsubsystem, set via /etc/ssh/sshd_config. This implies a dependency onthe openssh-sftp-server package and means that every SFTP connectionspawns a new external process, while sshd ships with the internal-sftpin-process SFTP server, which perform better when dealing with manyshort duration connections and simplifies the ChrootDirectory usage tonot require any manual /dev node setup.
Legacy SSH1 clients pass an exact SFTP command, hence will still dependon openssh-sftp-server or any alternative standalone SFTP server, alsointernal-sftp means that the login shell is skipped in the first place.But the need for both are edge cases, the use of SSH1 IMO worth to beactively discouraged, and the vast majority of OpenSSH SFTP serveradmins will benefit from this change, at least to not require a configchange that is part of very most SFTP guides around the internet,reasonably.
Forgive me if this discussion was already done, but I couldn't find itwithin the Debian bug tracker at least.
Best regards,

Micha
--- End Message ---

--- Begin Message ---

To: 1006171-done@bugs.debian.org

Subject: Re: Bug#1006171: Acknowledgement (Make internal-sftp the default)

From: MichaIng <micha@dietpi.com>

Date: Wed, 7 May 2025 16:33:51 +0200

Message-id: <bb824c67-91b6-42ab-9b90-4bda1d743977@dietpi.com>

In-reply-to: <handler.1006171.B.164536481524433.ack@bugs.debian.org>

References: <13ae6053-fb94-bfba-7bf3-a949d4d9bed0@dietpi.com> <handler.1006171.B.164536481524433.ack@bugs.debian.org>

I agree the reasons behind upstream default are legit and it makes sensefor Debian to follow upstream defaults as much as possible, unless thereare reasons special in Debian environments.
I am annoyed as well by the fact that sshd_config itself needs to beedited to change the subsystem, and as well to unset AcceptEnv as I donot want clients to pass locale variables. But this is a different issue.
--- End Message ---

Reply to:

Prev by Date: Bug#1103418: openssh-server irregularly crashing since 10.0p1 upgrade
Next by Date: Bug#1006171: Acknowledgement (Make internal-sftp the default)
Previous by thread: Processed: Re: Bug#1103418: openssh-server irregularly crashing since 10.0p1 upgrade
Next by thread: Bug#1006171: Acknowledgement (Make internal-sftp the default)
Index(es):
- Date
- Thread