Deprecation of scp protocol and improving sftp client

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hello all,

I believe we all can agree that scp is ugly protocol carried for ages
only for its simplicity of its usage and really no dependencies as it
is installed together with every ssh client. But as we have seen
recently, its simplicity and flexibility comes with security issues
[1], it does not have great performance and there is really no
development in there.

Over the years, we still keep recommending people to use sftp instead,
but its api is not that flexible and simple to be usable as a drop-in
replacement in scripts nor for the occasional ad-hoc transfers of few
files from one server to another.

Before I start hacking, I would like to hear some opinions from others,
whether this is something planned, welcomed or whether there are some
good reasons to keep scp alive.

I have in my mind three things/steps that would make it possible:

 * Update sftp client to be drop-in replacement for scp
   (and/or)
 * Change scp to use sftp internally

 * Modify sshd to use some compatibility "scpd" to support old clients

and some time later

 * Remove scp or replace it with a symlink


[1] http://www.openssh.com/txt/release-8.0

Any ideas/comments/suggestions?


Best regards,
-- 
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux