How to put desired umask with SFTP?

Solution 1:

Since OpenSSH 5.4p1 I think, you can use the "-u" option, for example:

Subsystem sftp /usr/lib/openssh/sftp-server -u 022

From the man page:

 -u umask
         Sets an explicit umask(2) to be applied to newly-created files
         and directories, instead of the user's default mask.

Solution 2:

I hope this can save someone else hours of frustration...

If you're using a GUI SFTP application, check its preferences for setting permissions on upload.

I had tried all the solutions above, and it turns out the application was just overriding them.

---

Solution 3:

In the ssh config file you can also use this to set the mode of the file specifically (overriding any chmod that the client may try to set). Here I am using internal-sftp but I guess it would be the same for sftp-server:

ForceCommand internal-sftp -u 0022   

---

Solution 4:

After many hours trying to apply various hacks and fixes i've found a proper solution!

There's a patch for SSH that permits you to chose the umask that you want for SFTP. You can download it here: http://sftpfilecontrol.sourceforge.net/

For me (OpenSSH_5.2p1+sftpfilecontrol-v1.3, OpenSSL 0.9.8g 19 Oct 2007) it's working perfectly!