sftp Vs scp

Christoph Anton Mitterer calestyo at scientia.net
Fri Jan 25 08:23:30 AEDT 2019


On Thu, 2019-01-24 at 12:27 -0600, Ben Lindstrom wrote:
> I know it isn't a "UI replacement" but it at least provides a more 
> complete UI for phasing people off of scp.

I don't think this is an ideal solution...

OpenSSH should be "overall" secure (that's what it's meant for), and
especially not be a collection of tools/algos/etc. of which some(!) are
safe to user and others not (with the user having to know which).

This is, why upstream took the wise decision to eventually drop things
like SSHv1 support and remove others (questionable algos) from being
used by default.


So with respect to scp (the tool) I see only the following reasonable
ways:
- make it securely usable with the SCP protocol (and IMO this should
  mean the general assumption that a remote server might be hostile)
- let it use another protocol with which it can be made secure, at the
  same time disabling the "accidental" use of an unsafe SCP protocol,
  e.g. by moving all that in another client tool like not-so-scp ;-) or
  by having a switch like --use-legacy-not-so-secure-scp-protocol
  (names are subject to debate :D)
- tossing scp altogether

(of course, one could still try to fix the legacy SCP protocol as much
as possible)


Since it (scp) is used in probably millions of places in scripts and by
users completely unaware of these issues, there should be really a
hard break if it cannot be secured, cause these people assume it's
secure.
Therefore I think it's not enough to just provide a more convenient
command line interface to sftp (as scp would be still there with
issues) … and yes, I personally would really hate having to write that
more character ;-)


If it's possible to just use SFTP behind scp,… great,… maybe that even
allows for more features to come up in the future.


Cheers,
Chris.



More information about the openssh-unix-dev mailing list