Rebex Buru SFTP Server documentation

SSH shell support

This article describes server behavior when the client connects to the server via SSH (using e.g. PuTTY) and related configuration options.

SSH shell modes

The server supports three modes of behavior for SSH shells.

These can be configured in the configuration file, using web administration or (per user) using burusftp user update command.

none

No shell (except for minimal shell when SCP is enabled) will be available. File system access will be restricted to user's path mapping. This is the default option.

terminal

Shell process will be spawned. See next section for details.

legacy

Same as none, with SSH aliases support. This corresponds do sshShell.enabled: true in earlier versions. Legacy mode but should not be relied upon for any new functionality as the feature is now marked as deprecated and most likely will be removed.

SSH terminal mode

Since version 2.5 clients may use SSH to connect to their favourite shell (cmd.exe, PowerShell, bash, etc.), with similar experience as when connecting to a Linux machine. The shell executable and home directory can be configured globally with the possibility of per-user override.

The shell process runs under the service's user account, unless the user has Windows impersonation enabled (in which case uses the associated Windows account).

Note that the terminal mode ignores user's path mappings when client connects using SSH and therefore the connected user will gain access to the whole file system, with restrictions imposed only by the operating system for the service (or impersonated) user.

This is especially dangerous when the service account runs under a privileged user. Use this mode only if you know what you are doing.

The server needs to run using a privileged account (e.g. SYSTEM) in order to spawn impersonated processes.

Terminal mode relies on Windows' ConPTY API, which is available only on new platforms: Windows 10 version 1809 and newer, Windows Server 2019 and newer. Impersonation is available in Pro edition only.

SSH exec

Clients may ask to execute a command directly, using SSH 'exec' command (overriding the default shell), which is useful for executing commands which do not require a shell session.

Putty example configuration:
Putty configuration screenshot

What next?

Download

Download fully functional free 30-day trial.

Free download

Non-commercial use

Get a free non-commercial license. It includes most of the features of Professional edition.

Get free license

Commercial use

If you use the server for anything related to business or commercial use you have to purchase a license.

Sales contact
sales@rebex.net

Buy a license

Get help

The server is completely free for personal, academy and other non-commercial use.

Technical support

support@rebex.net