Deprecation of scp protocol and improving sftp client

Blumenthal, Uri - 0553 - MITLL uri at
Tue Aug 4 03:06:35 AEST 2020

I hear you - but it seems that the choice is between (a) limiting "scp" functionality to address the security vulnerability, and (b) killing "scp" altogether.

I'd much prefer (a), even if it means I lose "scp remotehost:foo\* .". 

Especially, since (almost always) I have equal privileges on both local and remote hosts, so in that case I just originate that "scp" from that remote. ;-)


On 8/3/20, 11:09, "Thorsten Glaser" <t.glaser at> wrote:

    On Mon, 3 Aug 2020, Blumenthal, Uri - 0553 - MITLL wrote:

    > I conjecture that only few of the existing use cases rely on remote expansion. 

    No, this is used all the time.

    scp remotehost:foo\* .

    (Unless rsync is available, but sadly that’s ⓐ GPLv3 and ⓑ not
    universally installed.)

    tarent solutions GmbH
    Rochusstraße 2-4, D-53123 Bonn •
    Tel: +49 228 54881-393 • Fax: +49 228 54881-235
    HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
    Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5249 bytes
Desc: not available
URL: <>

More information about the openssh-unix-dev mailing list