OpenSSH/scp ->> F-Secure SSH server Problems

[Dan Kaminsky]

> So what? If people want to break there systems, then we shouldn't
> stop them. Unix provides no way to _force_ people not to rename 'rm'
> to 'ls' either and it still works pretty well - people don't do it
> becuase it is _stupid_ to mess with well-known names.

Some people alias rm to move deleted files to a trashcan folder.  Others
alias rm to srm(secure rm), affording them a decent level of protection
against deleted file recovery.

What matter is not the binary actually run, or even what that binary ends up
doing.  What matters is that it speak the protocol correctly, and represents
the will of the sysadmin and user(which hopefully should not be at odds).

Does sftp-server have some mode for capability negotiation, incidentally?

Yours Truly,

    Dan Kaminsky, CISSP
    http://www.doxpara.com