Merge pull request #190805 from yashluna/patch-31

LJSpiller · web-flow · commit 311b1a1ec1a5 · 2022-03-07T17:13:33.000-05:00
Update secure-file-transfer-protocol-known-issues.md
diff --git a/articles/storage/blobs/secure-file-transfer-protocol-known-issues.md b/articles/storage/blobs/secure-file-transfer-protocol-known-issues.md
@@ -22,18 +22,18 @@ This article describes limitations and known issues of SFTP support for Azure Bl
 >
 > To enroll in the preview, complete [this form](https://forms.office.com/r/gZguN0j65Y) AND request to join via 'Preview features' in Azure portal.
 
-## Authorization
+## Authentication and authorization
 
-- Local users are the only form of identity management that is currently supported for the SFTP endpoint.
+- _Local users_ is the only form of identity management that is currently supported for the SFTP endpoint.
 
-- Azure Active Directory (Azure AD), shared access signature (SAS) and account key authorization are not supported for the SFTP endpoint.
+- Azure Active Directory (Azure AD) is not supported for the SFTP endpoint.
 
 - POSIX-like access control lists (ACLs) are not supported for the SFTP endpoint.
 
   > [!NOTE]
   > After your data is ingested into Azure Storage, you can use the full breadth of Azure storage security settings. While authorization mechanisms such as role-based access control (RBAC) and access control lists aren't supported as a means to authorize a connecting SFTP client, they can be used to authorize access via Azure tools (such Azure portal, Azure CLI, Azure PowerShell commands, and AzCopy) as well as Azure SDKS, and Azure REST APIs. 
 
-- Account level operations such as listing, putting/getting, creating/deleting containers are not supported.
+- Account and container level operations are not supported for the SFTP endpoint.
  
 ## Networking
 
@@ -43,23 +43,11 @@ This article describes limitations and known issues of SFTP support for Azure Bl
 
 ## Security
 
-- Host keys are published [here](secure-file-transfer-protocol-host-keys.md). During the public preview, host keys will rotate up to once per month.
-
-- There a few different reasons for "remote host identification has changed" warning:
-
-  - The remote host key was updated (host keys are periodically rotated).
-  
-  - The client selected a different host key algorithm than the one stored in the local ssh "known_hosts" file. OpenSSH will use an already trusted key if the host (account.blob.core.windows.net) matches, even when the algorithm doesn't necessarily match.
-  
-  - The storage account failed over to a different region.
-  
-  - The remote host (account.blob.core.windows.net) is being faked.
+- Host keys are published [here](secure-file-transfer-protocol-host-keys.md). During the public preview, host keys may rotate frequently.
 
 ## Integrations
 
-- Change feed is not supported.
-
-- Account metrics such as transactions and capacity are available. Filter logs by operations to see SFTP activity.
+- Change feed and Event Grid notifications are not supported.
 
 - Network File System (NFS) 3.0 and SFTP can't be enabled on the same storage account.
 
@@ -75,16 +63,12 @@ This article describes limitations and known issues of SFTP support for Azure Bl
 
 - There's a 4 minute timeout for idle or inactive connections. OpenSSH will appear to stop responding and then disconnect. Some clients reconnect automatically. 
 
-- Maximum file size upload is limited by client message size. A few examples below: 
-
-  - 32KB message (OpenSSH default) * 50k blocks = 1.52GB 
-
-  - 100KB message (OpenSSH Windows max) * 50k blocks = 4.77GB 
-
-  - 256KB message (OpenSSH Linux max) * 50k blocks = 12.20GB 
+- Maximum file upload size is 90 GB.
 
 ## Other
 
+- Special containers such as $logs, $blobchangefeed, $root, $web are not accessible via the SFTP endpoint. 
+
 - Symbolic links are not supported.
 
 - `ssh-keyscan` is not supported.
@@ -105,10 +89,12 @@ This article describes limitations and known issues of SFTP support for Azure Bl
   
   - The user has been assigned appropriate permissions to the container.
   
-  -	The container name is specified in the connection string if you have not configured (set home directory) and provisioned (create the directory inside the container) a home directory for the user.
+  -	The container name is specified in the connection string for local users don't have a home directory.
+  
+  -	The container name is specified in the connection string for local users that have a home directory that doesn't exist.
 
 ## See also
 
 - [SSH File Transfer Protocol (SFTP) support for Azure Blob Storage](secure-file-transfer-protocol-support.md)
 - [Connect to Azure Blob Storage by using the SSH File Transfer Protocol (SFTP)](secure-file-transfer-protocol-support-how-to.md)
-- [Host keys for SSH File Transfer Protocol (SFTP) support for Azure Blob Storage](secure-file-transfer-protocol-host-keys.md)
+- [Host keys for SSH File Transfer Protocol (SFTP) support for Azure Blob Storage](secure-file-transfer-protocol-host-keys.md)
