Damien, Reading the various articles about https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt have caused me to question the wisdom of using scp. Your observation: > Date: Tue, 22 Jan 2019 13:48:34 +1100 (AEDT) > From: Damien Miller <djm@xxxxxxxxxxx> > Subject: Re: Status of SCP vulnerability > > "Don't use scp with untrusted servers." caught my eye. Do you see any 'advantage' to using sftp with an untrusted server? If so, any thoughts about making an easy way to disable scp both client and server side when doing an installation? Why on the server side? To get folks used to -not- using scp. Thanks in advance! Chris High. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev