Feature request: Discussion.
ewheeler at kaico.com
ewheeler at kaico.com
Tue May 14 02:39:50 EST 2002
> I'd say that the best reason not to add it is lack of a compelling reason
> *to* add it. ssh is not http. I don't see any good reason to make scp or
> ssh try to look like http, and I have to agree with Markus Friedl's
> assessment that url syntax lacks something in the aesthetics
> department. I'd never use it.
Cirtainly, ssh is not http, but neither is telnet, gopher, irc,
ftp, or beer (yes, there is even a beer protocol:
http://cs.eboch.com/beerRun/). The URL was defined to be protocol
independant.
I am no decorator so asthetics don't bother me one way or the other. The
benefit I see would be to add helpers to mozilla/netscape to download
files via scp.
> I don't like the idea of supporting a password in the command line at
> all. I can ignore the url syntax, but the thoughts of enabling my users
> to create rsh like aliases with plaintext passwords embedded in them would
> be unacceptable. You have to know that given the choice, most would opt
> to do that rather than configure public key authentication.
I agree that passwords via the command line should not be supported, and
maybe that could be an option "DisableCommandLinePasswords" or some such
animal to disable it site-wide. (un?)fortunately, commandline passwords
*do* exist -- I saw a patch committed some time ago which would allow
this, which could be scarry in it's own right:
$ echo password | ssh -fd 0 someone at nowhere.com
> 1) Adds useless bload
Bloat? the parser for a url command would only be used with '--url' or
some equivilent, and be very small in size. I don't know that you can
call a url parser's code size or complexity bloated with respect to any pk
based crypto algorithm.
> 2) adds anonying and very poorly thought out GNU style getopts.
Not required. There is no reason you could not use your own system to
read in options. --url is only a suggestion; it could be -X where X is
"somethign"
> 3) Does not provide us with anything we don't already have.
Does the current ssh or scp implentation allow you to click a link and
securely download a file (hopefully after you've entered a password)?
--
Eric Wheeler
Network Administrator
KAICO
20417 SW 70th Ave.
Tualatin, OR 97062
www.kaico.com
Voice: 503.692.5268
More information about the openssh-unix-dev
mailing list