scp not tolerant of extraneous shell messages

Bryan Henderson bryanh at giraffe-data.com
Wed Jul 3 06:13:57 EST 2002


>>    Why should sftp-server have any shell dependancy at all?  I was 
>> under the impression the whole point of the subsystem interface was to 
>> finally gain independance from the vagaries of the shell.
>
>more people think the shell should always be involved.
>
>otherwise you can still sftp if the shell is set
>to /bin/false for example.

I haven't used sftp, but I see the same thing Dan does in the code:
when you use a subsystem such as sftp, there's no shell.  I note that it
is possible to use sftp without a subsystem, though, by specifying the
sftp server program on the sftp command, and in that case the server
program runs under a shell just like scp.  

A system administrator who sets up users for limited system access
(i.e.  sets the "shell" in /etc/passwd for some users to something
besides a full-access shell), does not enable an sftp subsystem.  (He
also doesn't run an ftp or cvs daemon, unless he configures it to
limit access to particular users).

And that's why we have to look at scp even in cases where sftp might
look more appropriate.  Scp doesn't require any special service or
permission on the remote end.  And ideally, it wouldn't require the
remote end to tailor its regular shell to scp-type things either.

-- 
Bryan Henderson                                    Phone 408-621-2000
San Jose, California



More information about the openssh-unix-dev mailing list