Re: Status of SCP vulnerability

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Wed, 2019-01-23 at 18:00 +0000, Colin Watson wrote:
> IMO a complete fix should involve converting scp to use the SFTP
> protocol under the hood.

I've had thought about the same but didn't dare to propose it ;-)


The problem IMO is:
Either such scp would silently fall back to the "old" scp protocol, if
it talks to an "old" server... (in which case the whole thing doesn't
make any sense).

Or compatibility would be broken.

I (personally) wouldn't mind that,... there are too many nice features
one would like to see in scp for long and which are allegedly not
possible because of the protocol... being safe, asking for
confirmation on overwriting, XATTRs, ACLs,...


But whatever it is: most people I know don't like the sftp
interface,... and it shouldn't be assumed that remote servers are
trustworthy (even if they actually are).


Cheers,
Chris.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux