OpenSSH/scp ->> F-Secure SSH server Problems

Greg A. Woods woods at weird.com
Thu Mar 15 06:29:00 EST 2001


[ On Wednesday, March 14, 2001 at 09:02:20 (+0100), Mats Andersson wrote: ]
> Subject: Re: OpenSSH/scp ->> F-Secure SSH server Problems
>
> 
> Good, since we're speaking about the protocols here, this is the only
> mention of subsystems in the sftp draft I'm aware of:
> 
> ...
> When used with the Secure Shell protocol suite, this protocol is intended
> to be used from the Secure Shell Connection Protocol as a subsystem, as
> described in [SECSH-CONN], Section ``Starting a Shell or a Command''. The
> subsystem name used with this protocol is "sftp".
> ...
> 
> As you may see this indeed does not state any dependency, it only gives a
> recomendation for intended usage.

Well, for any amount of inter-operabiltiy it certainly does imply
complete dependency.  For example no SSH-v2.x implemention which follows
this recommendation can possibly inter-operate with any other
implementation which does not.

> You might also have noticed (since I
> assume you indeed have read the drafts) that the subsystem feature is not
> part of the transport protocol, it is a (very tiny, one could add) feature
> in the connection protocol.

Yes, but it it a wart none the less which leads to inter-operatibility
problems that have already been seen "in the field."

> You have almost surely also seen that one
> argument was that a subsystem might be built into the ssh server which is
> probably one good reason for having it in the spec.

And I've already countered that argument showing that it is totally bogus.

> Apart from this, you are of course also free to define whatever other
> fancy "independent" protocols you might think of either as subsystems or
> as ordinary "independent" servers running across stdio (one might note
> here that there is no difference in practice as for how these should work
> since both only "see" a stream to its peer).

... leading to even more critical inter-operability problems....

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods at acm.org>      <robohack!woods>
Planix, Inc. <woods at planix.com>; Secrets of the Weird <woods at weird.com>





More information about the openssh-unix-dev mailing list