openssh new function "ChrootDirectory & internal-sftp"

winscp(4.06) default setting does not work with openssh new function.
"ChrootDirectory & internal-sftp"

until unclick the "Allow SCP fallback" block, even i only use sftp.

i guest the problem, when click the "Allow SCP fallback" block,
winscp will try to exec "login shell OR some command"?

but why?
why use sftp need exec "login shell OR some command"?

Can you point me to some documentation regarding the new functions?

I guess I understand what ChrootDirectory is. But what is internal-sftp?

If you have Allow SCP fallback checked, WinSCP just attempts to start sftp subsystem. If that fails, it falls back to shell/SCP. If you uncheck it, WinSCP after failing to start sftp subsystem, will try to start sftp-server binary directly on common paths.

martin wrote:

Can you point me to some documentation regarding the new functions?

I guess I understand what ChrootDirectory is. But what is internal-sftp?

https://man.openbsd.org/sshd_config

Read "ForceCommand" & "ChrootDirectory" & "Subsystem" section

Or

Read the source code, search the "internal-sftp" keyword

https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c?rev=1.227&content-type=text/x-cvsweb-markup

I have found that meanwhile too. But I do non understand why it should not work with WinSCP. May I have your sshd configuration file and/or logs files showing connection attempt with both allowed and disallowed scp fallback?