scp, sftp, and special characters in filenames
Jochen Bern
Jochen.Bern at binect.de
Wed Nov 6 20:21:02 AEDT 2019
On 11/04/2019 01:25 PM, Stuart Henderson wrote:
> I'm sure it's already been considered, but from a user perspective it
> would be very convenient if we could have essentially the command-line
> interface of scp(1) (with divergence for filename escaping) but using
> the SFTP protocol.
Agreed, but it essentially means to fix a server-side threat with
changes (that mainly happen) on the client side. In instances of
cross-organization data transfers with established multi-tenant servers,
that might not be a practical option.
On the other hand, if it were possible to set a server account's login
shell or ForceCommand to an "scpd", and thus completely cut out the
normal shell ...
(Yes, I'm aware that that'd likely entail re(?)implementing the entire
server-side wildcard expansion within that executable. Given that
different-OS shells' wildcard expansion is a known source of confusion,
that doesn't seem like the worst idea ever, though, if I may say so.)
Regards,
--
Jochen Bern
Systemingenieur
Binect GmbH
Robert-Koch-Straße 9
64331 Weiterstadt
More information about the openssh-unix-dev
mailing list