Can't stop people from doing stupid things. And frankly I've come to
realize one shouldn't even try as it is a waste of energy.
I'm sure there is some admin out there still clinging to telnetd and
rlogin/rsh because "it is muscle memory."
Ben
Stuart Henderson wrote on 1/24/19 3:54 PM:
On 2019/01/24 15:38, Ben Lindstrom wrote:
Christoph Anton Mitterer wrote on 1/24/19 3:23 PM:
On Thu, 2019-01-24 at 12:27 -0600, Ben Lindstrom wrote:
I know it isn't a "UI replacement" but it at least provides a more
complete UI for phasing people off of scp.
I don't think this is an ideal solution...
OpenSSH should be "overall" secure (that's what it's meant for), and
especially not be a collection of tools/algos/etc. of which some(!) are
safe to user and others not (with the user having to know which).
Not sure what your arguing against as your comments below this pretty much
re-enforce what I'm stating. Which is:
Scp should die, and we should add "sftp -U [file/path] host" feature as our
recommended replacement.
As no amount of work will fix scp completely. And every other solution
makes it worse and more complex.
If you do that, users will just leave the old scp binary lying
around so that muscle memory and scripts still work. It wouldn't be a
big surprise if some distributions re-added it in a patchset, even.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
