sftp

[Ben Lindstrom]

On Thu, 20 Jul 2000, Gary E. Miller wrote:

[..]
> IMHO, the world does not need yet another file transfer protocol.
> 
> We should fix OpenSSH to work with the file transfer protocol we have 
> to fix the rough spots.  UNIX works because it does not keep reinventing
> the wheel but instead building on prior work.
> 
This may be a silly idea, but if we are looking to write an "Open
Standard" replacement version of the commerical sftp, and we currently
agree that doing ssh w/ standard ftp would be a pain in the arse.  What
would stop us from using passive ftp?  It survives firewalls very well (in
some cases it's all you can use).  It does not spawn off a data channel.
So everything would be encrypted.

And to boot it's very well documented via current RFCs.  

I don't forsee a sftp replacing anonymous FTP.  So the concept of
requiring accounts does not bother me.  (In some respects if it
would catch on it would simplify anonymous FTP by removing all the
account options and it can focusly just on anonymous security.)

I just get a little concern with bloating OpenSSH binary.  It would be
nice if we could support a single file transfer protocol out of OpenSSH.
Be it scp with some added features to get directory listings and
persistant connections.  Or sftp with a 'single file transfer' mode to
emulate scp (like what the commerical ssh 2.x sounds like it does).

It would be nice to hear what is being proposed for the final draft of
SSH 2.0 suite.  So we know if they have attempted to address this issue.

Ben Lindstrom