Filter files received on scp server

Darren Tucker dtucker at
Fri Aug 4 14:13:01 AEST 2017

On Fri, Aug 4, 2017 at 1:37 PM, Jon Earle <earlej at> wrote:

> Hey,
> So, I would be looking at type A. Forgive me if my understanding of how
> OpenSSH operates is not reflective of reality. I am assuming that, the file
> transfer is happening somewhat logically, with a name being known, content
> written, blah blah.
> From reading scp.c, it appears that, the client end at least knows the
> file name so I must assume the server end must be given it.

scp merely uses ssh as an 8-bit-clean transport, your copy is two
cooperating scp processes (the remote one having the '-t' flag as you
noted).  For your purposes you can ignore ssh/sshd and just focus on scp.

In scp, the data and control messages are sent over stdin/stdout, anything
on stderr on the remote end will get passed back to the client and shown on
the client's terminal.  A good description of the protocol, such as it is,
is here:

There is no mechanism in the existing scp program to do filtering.  You
could modify your scp to do this; I'd suggest looking at the sink()
function (look for "namebuf") but be aware that the entire thing dates back
to 4.2BSD and it's not the prettiest code ever.  Note the also "sink" will
be used when copying onto a machine when scp is used as the client.

Note that you need to ensure that your users cant create files any other
way (sftp, tar, shell redirection...) otherwise the exercise will be

Darren Tucker (dtucker at
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list