your mail

Chris Rapier rapier at psc.edu
Thu Oct 11 01:15:39 EST 2007


Peter Stuge wrote:
> On Tue, Oct 09, 2007 at 02:29:37PM -0500, Larry Becke wrote:
>> I understand that that is not how scp works today.
> 
> And it will likely never change.

Which is unfortunate because scp is, based on the logs I have access to, 
  what most users are using to transfer files. As much as it might be 
nice if they moved to sftp I don't see it happening with any real 
rapidity. We can argue all we like that sftp is better or rsync is 
superior but unless the users agree it doesn't matter what we might 
happen to think. I'm not saying that to be snotty or confrontational - 
only as an observation of what I see around me.

>> I am suggesting this will make it trivial to secure one subset of
>> the system.  That subset being scp.
> 
> Moot point unless scp is the only way users can use the system, which
> I don't think is the case all too often.

No but unless you remove scp entirely many users, if not most, will keep 
using it. Now, its possible that through user education you may be able 
to tip the scales and get more of them to use sftp or some other method. 
Of course, if user education really worked well half of us would 
probably be out of work.

> Either you're prepared to make an effort in order to make the system
> secure, or it doesn't matter. Hacking up scp is good for neither. :\

Why not? I mean, we always hear people saying that scp is only in there 
for compatibility reasons but what, precisely, is wrong with scp? If 
there is something wrong with it then doesn't it makes sense to simply 
stop distributing it? If there is nothing wrong with it then doesn't it 
make sense to actually improve it to bring added functionality to users?

Chris


More information about the openssh-unix-dev mailing list