Improving sftp (was Re: BUG: scp -r follows symlinks)

Peter Stuge stuge-openssh-unix-dev at cdy.org
Sun Jan 11 17:22:07 EST 2004


On Sat, Jan 10, 2004 at 01:48:42PM +1100, Darren Tucker wrote:
> Since SFTP is defined by the IETF SECSH Working Group (although I see 
> the last SFTP draft has expired and isn't listed on the web page[1] any 
> more) I would imagine that OpenSSH will always have them.

Ok, yes, I think so too.


> sftp and sftp-server are still being developed (see the CVS logs) and 
> there are other things that haven't been completed yet (eg Ben's sftp 
> readline patch).

Ah, that's one of the things that would be nice to have. There's nothing
in bugzilla[1] since 2003-05-08 - what is the current status?


> If there is something you want that it doesn't have,
> add it and send a patch!

Aye. After readline and completion it needs recursion[2] (is server push
possible?) and resume[3] which both seem to be not quite as far along..

When that's done, I think anonymous access and bandwidth and transfer
count limits is "all" that's needed for sftp to take the place of most
FTP installations. (..that I know about, at least. :)

Also, what would be the best way to only allow users access to a certain
subsystem and not the shell or command execution, and how to go about
creating virtual users that should just be mapped onto some real UID?


> >I don't know of very many file transfer programs that can use the features
> >of ssh/sftp (or even do sftp at all, only sftp and WinSCP2 come to mind)
> >and I'm thinking about the best way to get/make one.
> 
> PuTTY, SecureCRT and ssh.com's Windows client all have sftp clients.  I 
> stongly suspect there are others.

Doh, already knew psftp. I'll check the other two out though.


On Sat, Jan 10, 2004 at 02:46:55PM +0100, Markus Friedl wrote:
> On Sat, Jan 10, 2004 at 02:36:46AM +0100, Peter Stuge wrote:
> > On Fri, Jan 09, 2004 at 06:16:10PM +0100, Markus Friedl wrote:
> > > this does not belong to ssh(1).
> > > just write a ftp-to-sftp proxy.
> > 
> > While on this topic, are there any existing plans for development of
> > sftp and sftp-server in OpenSSH?  Should they eventually be broken-out
> > projects that evolve independently of the core ssh system or will they
> > always be provided with openssh as sftp and/or general subsystem
> > examples?
> 
> no.

I assume no, they shouldn't be broken out. How does everyone feel about the
features I mention above? I'm not sure an ssh implementation should include
all of that code..


//Peter


[1] http://bugzilla.mindrot.org/show_bug.cgi?id=200
[2] http://bugzilla.mindrot.org/show_bug.cgi?id=520
[3] http://bugzilla.mindrot.org/show_bug.cgi?id=626




More information about the openssh-unix-dev mailing list