I have found that meanwhile too. But I do non understand why it should not work with WinSCP. May I have your sshd configuration file and/or logs files showing connection attempt with both allowed and disallowed scp fallback?

martin wrote:

Can you point me to some documentation regarding the new functions?

I guess I understand what ChrootDirectory is. But what is internal-sftp?

https://man.openbsd.org/sshd_config

Read "ForceCommand" & "ChrootDirectory" & "Subsystem" section

Or

Read the source code, search the "internal-sftp" keyword

https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c?rev=1.227&content-type=text/x-cvsweb-markup

Can you point me to some documentation regarding the new functions?

I guess I understand what ChrootDirectory is. But what is internal-sftp?

If you have Allow SCP fallback checked, WinSCP just attempts to start sftp subsystem. If that fails, it falls back to shell/SCP. If you uncheck it, WinSCP after failing to start sftp subsystem, will try to start sftp-server binary directly on common paths.

winscp(4.06) default setting does not work with openssh new function.
"ChrootDirectory & internal-sftp"

until unclick the "Allow SCP fallback" block, even i only use sftp.

i guest the problem, when click the "Allow SCP fallback" block,
winscp will try to exec "login shell OR some command"?

but why?
why use sftp need exec "login shell OR some command"?