HP NonStop SSH 544701-014, Справочное руководство

Страница: 158 / 344

158
•
SSHCOM Command Reference HP NonStop SSH Reference Manual
The value can be a CPU number (e.g. 2), a range of CPUs (e.g. 3-4), or a comma-separated list of CPU numbers and
CPU ranges, enclosed in parentheses, e.g. (2, 5-7, 9).
The default is to start user processes in the same CPU in which the SSH2 process is running. In this case, the processing
load is spread by using multiple SSH2 processes and starting these SSH2 processes in different CPUs).
If no value is specified, the value will be reset to the default. The default is to use the value of SSH2 parameter
SFTPCPUSET to determine a CPU or, if that is not set, the CPU the SSH2 process is running in is used.
SFTP-GUARDIAN-FILESET
A list of patterns identifying the GUARDIAN systems, volumes, subvolumes and files the user is allowed to access. The
default for this attribute is as follows:
('\*.$*.*.*)
This enables access (limited by the SFTP-SECURITY attribute) to any GUARDIAN system, volume, subvolume, or file.
In each pattern configured with the GUARDIAN file set, the '*' sign is used as a wildcard for any sequence of characters.
The '?' sign is used in a pattern as a wildcard for one single character.
SFTP-INITIAL-DIRECTORY
This attribute specifies the initial server-side directory the user will access after establishing the SFTP session. The
default value for the initial directory is either the value taken from INITIAL-DIRECTORY when defined in Safeguard or
from the Guardian default subvolume of the SYSTEM-USER.
If the option LOCKED is used, a user will not be allowed to leave that path, by issuing a "cd .." command. For example,
if a value of "/home/jdoe" is used, only access to directories below is allowed. Access to upper level directories such as
"/home" or "/usr" or "/" will not be allowed. Specifying option LOCKED results in a pseudo root visible for the user, i.e.
a pwd command will show "/" as current directory.
If a value /G LOCKED is used, then the user can only access Guardian files and no OSS files.
SFTP-PRIORITY
A number specifying the priority of the SFTPSERV processes for this user. Following are the meanings of the values
allowed for this parameter:
Value Meaning
1-199 Use the given priority value
-1 Use the same priority as the SSH2 process starting SFTPSERV
The default value is 100
SFTP-SECURITY
This parameter is comprised of a comma-separated list of allowed operations for the user, with operations enclosed in
brackets. The following operations are available:
•
LIST: allows perusal of files
•
READ: allows downloading of files to the remote system
•
WRITE: allows uploading of files from the remote system
•
PURGE: allows deletion of files on the NonStop system
•
RENAME: allows renaming of files on the NonStop system
•
MKDIR: allows creation of directories on the NonStop system
•
RMDIR: allows removal of directories on the NonStop system
•
SYMLINK: allows creation of symbolic links on the NonStop system
•
ALL: shortcut for all operations