sftp server listens on reachable IP addresses by default

[gdt]

The sftp server listens without binding to localhost by default. While the docs advise (see #1175) to specify 127.0.0.1, sftp should default to local because it's the standard approach for FUSE mounting, and mounting a filesystem locally should not cause any globally listening sockets.

Eventually we'll have IPv6, so listening should be on not only 127.0.0.1 but also ::1. Therefore I suggest a variable in the sftpd section "global", defaulting to false, that if false causes listening on localhost only, and if true the current behavior.