Deprecation of scp protocol and improving sftp client

rapier rapier at psc.edu
Tue Aug 11 03:33:16 AEST 2020



On 8/5/20 1:23 AM, Ethan Rahn wrote:
> It seems that there are a few camps here:
> 
> * The scp power users - this camp believes that scp supporting backtick
> notation is fine and that running arbitrary commands is a perfectly fine
> thing to do.
> * The restricted shell users - this camp believes that scp supporting
> backtick may not be the best, and there are various restricted shells which
> can prevent this. Power users may belong to this camp.
> * The novice users - this camp is surprised to find that scp can be used to
> run commands. Once they understand that the server runs "scp -t" it makes a
> little more sense.


Sorry to come into this late but there is a very large camp that simply 
doesn't care. They use scp because they have to in order to transfer 
files due to requirements placed on them by admins. They aren't 
concerned about security nearly as much as they just want to get their 
files from A to B so they can do their work. For these people scp is the 
default because that's what all the instructions and examples are based 
on. It's a big part of the reason why I developed hpn-ssh. We couldn't 
get the users to change their behaviour and they kept complaining about 
slow transfers.

In short - for a whole lot of users scp is just a component of their 
workflow. They don't really think about it unless it's causing problems.

So I'm all for getting rid of scp as long as you can get sftp to work in 
exactly the same way. Then you just get replace scp with a symlink to 
sftp. Which is far easier said than done.


More information about the openssh-unix-dev mailing list