I have a question concerning default umasks when using SFTP under openssh. In case it makes a difference, my servers are based on Redhat Enterprise Linux Version 4 Advanced Server, and the version of the openssh package is currently openssh-3.9p1-8.RHEL4.15.
The issue is that when I SFTP a file onto the server, the default umask used seems to be 077, given that files are created with mode 600 and directories with mode 700. What I would like is to change the default umask to 007 so that, when using SFTP, files are created with mode 660 and directories with mode 770. I've google'd on this and it seems to be a limitation (?) of openssh where you cannot configure default umasks natively with the openssh package. I realize that user profiles are not processed when you SFTP in, but I would have expected some kind of SFTP-based option in the sshd config file that would allow you to provision the default umask. On a previous posting to this mailing list, I asked the question of how to enable SFTP-only access (blocking SSH login and remote command execution). I received valuable feedback, and was pointed to several things, including the "scponly" shell. I haven't had the opportunity to try that yet, but hope to do so soon. My hope is that this shell would also provide some option where I could set the default umask, thus killing two birds with one stone (ftp only and default umask). I don't know what to make of what I've google'd on so far, so thought I would pose the question to this mailing list. As always, any help is greatly appreciated... Thanks, Mark
