OpenSSH/scp ->> F-Secure SSH server Problems

Greg A. Woods woods at
Mon Mar 12 14:10:41 EST 2001

[ On Sunday, March 11, 2001 at 13:37:34 (-0800), Roeland Meyer wrote: ]
> Subject: RE: OpenSSH/scp ->> F-Secure SSH server Problems
> I echo your lack of understanding. Sometimes, "if it ain't broke ... don't
> fix it" applies and if you *are* going to muck with it, create an
> enhancement and leave the, working, original alone.

I know that the "rcp" protocol is rather old and rather poorly
documented (outside the source and the various books that have covered
it in more detail, such as those of the late Mr. Stevens).  I don't
quite understand what limitations it might have had w.r.t. SSH though.

It would appear that the sftp stuff is finally documented in the new
IETF secsh draft-ietf-secsh-filexfer-00.txt, published in on or about
Jan 9.

My guess is this is just an excuse to use the "built-in subsystem"
feature bloat in the secsh protocol.

> I also don't understand the
> fascination folks have for FTP. Anything that uses non-deterministic
> dynamically reassigned ports is fundimentally insecurable.

In this case (i.e. in the case of wanting to "ftp" over SSH) the issue
is with the stupid user interface.  Naive users are looking for some SSH
file copying tool that works just like their FTP clients, i.e. where
they can see a list of files on the server and click/drag/whatever them
to effect the copy.

If you've looked at the SSH-2.4.0 sftp client on Unix you can only laugh
at it, but I would guess (not having seen one) that an sftp client on
M$-Winblows (or Mac-OS) would be something more touchy-feely-GUI and it
will no doubt make the users much happier than they would be with the
likes of this:

	ssh remhost ls -l /some/dir
	scp remhost:/some/dir/some.file .

							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods at>      <robohack!woods>
Planix, Inc. <woods at>; Secrets of the Weird <woods at>

More information about the openssh-unix-dev mailing list