Feature Suggestion - scp don't decrypt file at destination unecrypt on copy back switch

Damien Miller djm at mindrot.org
Thu Apr 7 07:31:41 EST 2005

Gerard J. Cerchio wrote:
> The idea is this: when this switch is present, the file is encrypted on the
> fly just as always.  However when the file reaches the destination, it
> is emitted onto the disk in the transported encrypted state.  The 
> decryption
> stage is by-passed.  The file name is then  marked with a unique file
> extension to indicate that it is encrypted.

This won't work without drastic changes to scp and ssh. scp doesn't know
that session keys that ssh uses (and shouldn't) - it just treats ssh as
a secure transport.

If you want encryption for backups, this is a good recipe:

tar zcf - /path/to/whatever | gpg --encrypt -r publickey at domain.com | \
     ssh user at backuphost "dd of=backup.tar.gz.pgp"


More information about the openssh-unix-dev mailing list