scp local/remote external calls

petesea at bigfoot.com petesea at bigfoot.com
Wed May 14 04:35:27 EST 2008 

On Sat, 10 May 2008, Darren Tucker wrote:

> On Fri, 9 May 2008, petesea at bigfoot.com wrote:
>
>> could someone please outline exactly what happens both local and remote 
>> when scp is run.
>
> Basically, there's 3 cases.  From your example above:
>
> 1) box1$ scp /foo /bar
>    local-to-local
>    cp(box1)
> 2) box1$ scp /foo box2:/bar
>    local-to-remote/remote-to-local
>    scp(box1) -> ssh(box1) -tcp-> sshd(box2) -> scp(box2).
> 3) box1$ scp box2:/foo box3:/bar
>    remote-to-remote
>    scp(box1) -> ssh(box1) -tcp-> sshd(box2) -> scp(box2) -> ssh(box2) -tcp-> sshd(box3) -> scp(box3)
>
> What exact command are you using?  If you add "-v" to the scp command 
> line then you can see what it runs under the covers. What exact command 
> are you using?

I'm doing either:

    box1$ scp /foo box2:/bar
    box1$ scp box2:/foo /bar

So it looks to me, if I run:

    box1$ scp /foo box2:/bar

The following is run ON box2:

    scp -t /bar

And if I run:

    box1$ scp box2:/foo /bar

The following is run ON box2:

    scp -f /foo

Correct?

Can I assume anytime I see 'scp -t' or 'scp -f', it means scp was invoked 
indirectly.. via sshd?  In other words, is there any reason a user would 
directly run 'scp -t' or 'scp -f'?

The '-t' and '-f' flags seem to be internal flags, which leads me to 
believe it's not likely someone would intentionally use them from the 
command line.  So... I should be able to look for these flags in my 
wrapper script (which is also an scp wrapper) and take appropriate action. 
In my case that means don't worry about checking to see if the Kerberos 
credentials cache is valid.

PS. As a side-note, you previously noted scp handles case #1 
(local-to-local copy) simply by invoking 'cp'.  What about any of the 
following:

    box1$ scp foo box1:/bar
    box1$ scp box1:/foo /bar
    box1$ scp box1:/foo box1:/bar

Couldn't scp figure out fairly easily that box1 IS the local box and 
therefore all of the above are actually local-to-local?

Or even:

    box1$ scp box2:/foo box2:/bar

but I assume that would really be the same as the 1st case above after an 
ssh to box2, ie:

    box1$ ssh box2 'scp /foo box2:/bar'

I'm really just curious.  I have no particular need for this behavior, but 
then I don't believe I've ever needed to do "scp /foo /bar" either, so I 
thought perhaps it would be useful to others.

More information about the openssh-unix-dev mailing list