Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.


This spec describes how to add support for the sftp protocol to apt.

Release Note



Launchpad private PPAs consider using ssh/sftp as their authentication mechanism. Apt needs to support it as well then to make private PPAs useful.


The apt transport will be based on libcurl and should share as much code as possible with the libcurl based https transport.

The current libcurl in hardy has support for sftp via libssh2. For license reasons (we do not have a explicit excpection for openssl) we need to build with libcurl-gnutls. The current curl package does not enable sftp for libcurl-gnutls. We need to fix that (should be no problem, because libssl2 links against libgcrypt *not* openssl). Then libssl2 needs to be promoted to main (libcurl is already in main).

Some sftp specifc options need to be added to the transport, especially acquire::sftp::private-keyfile and acquire::sftp::public-keyfile (matching CURLOPT_SSH_PRIVATE_KEYFILE and CURLOPT_SSH_PUBLIC_KEYFILE). The default should be ~/.ssh/id_dsa).



UI Changes

None needed.

Test/Demo Plan


Outstanding Issues

Will launchpad actually use sftp:// for private PPAs?


AptSftpSupport (last edited 2008-08-06 16:32:11 by localhost)