scp: now using SFTP protocol by default

Dmitry Belyavskiy dbelyavs at redhat.com
Fri Sep 17 01:38:30 AEST 2021


Dear Damien,
Many thanks!

It's a change we are looking forward to.
I'd suggest adding one more minor change: an option to disable the SCP
protocol on a system level.
At least some of our customers sent us such a request.

https://github.com/openssh/openssh-portable/pull/271 is a possible way to
do it.
As scp utility doesn't read the system configuration file, the flag looks
like a best feasible option.


On Thu, Sep 9, 2021 at 4:54 AM Damien Miller <djm at mindrot.org> wrote:

> FYI: the next release will have scp using the SFTP protocol by
> default.
>
> There are two known incompatibilities:
>
> Use of the SFTP protocol avoids interpretation of remote paths by
> the shell. We consider this a feature, but it does change (simplify
> really) necessary quoting of shell characters.
>
> Remote paths with a ~user/ prefix require a SFTP protocol extension
> that was included in OpenSSH 8.7's sftp-server.
>
> The original scp/rcp protocol remains available via "scp -O ..."
>
> If you're in a position to test snapshots/git prior to release
> (ETA October), then it would be appreciated.
>
> -d
>
> ---------- Forwarded message ----------
> Date: Thu, 9 Sep 2021 12:36:31
> From: git+noreply at mindrot.org
> Reply-To: openssh-unix-dev at mindrot.org
> To: openssh-commits at mindrot.org
> Subject: [openssh-commits] [openssh] 01/01: upstream: Use the SFTP
> protocol by
>     default. The original scp/rcp
>
> This is an automated email from the git hooks/post-receive script.
>
> djm pushed a commit to branch master
> in repository openssh.
>
> commit 73050fa38fb36ae3326d768b574806352b97002d
> Author: djm at openbsd.org <djm at openbsd.org>
> Date:   Wed Sep 8 23:31:39 2021 +0000
>
>     upstream: Use the SFTP protocol by default. The original scp/rcp
>
>     protocol remains available via the -O flag.
>
>     Note that ~user/ prefixed paths in SFTP mode require a protocol
> extension
>     that was first shipped in OpenSSH 8.7.
>
>     ok deraadt, after baking in snaps for a while without incident
>
>     OpenBSD-Commit-ID: 23588976e28c281ff5988da0848cb821fec9213c
> ---
>  scp.1 | 42 ++++++++++++++++++++++--------------------
>  scp.c |  6 +++---
>  2 files changed, 25 insertions(+), 23 deletions(-)
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>

-- 
Dmitry Belyavskiy


More information about the openssh-unix-dev mailing list