Deprecation of scp protocol and improving sftp client

Brian Candler b.candler at pobox.com
Tue Aug 4 05:38:50 AEST 2020


It seems to me that the "exploit" of

scp  /sourcefile remoteserver:'`touch /tmp/exploit.sh`/targetfile'

can be simplified to

ssh remoteservertouch /tmp/exploit.sh

Or are we talking about using ssh in conjunction with some third-party 
tool like "rssh", which claims to be able to grant scp access without 
shell access?  If ssh itself has never claimed that was possible, then 
maybe rssh should stop claiming that it is.

FWIW, I consider scp as a convenient shortcut for "ssh cat". Indeed, I 
sometimes find myself transferring files which are multiple hops away 
exactly like that:

ssh foo ssh bar cat baz >baz

If I want to transfer files to or from untrusted machines, or to offer 
file transfer access without shell access, then that is what sftp is for.

Regards,

Brian.



More information about the openssh-unix-dev mailing list