[lug] scp tools?
Kevin Fenzi
kevin at scrye.com
Tue Mar 12 17:55:01 MST 2002
>>>>> "D" == D Stimits <stimits at idcomm.com> writes:
D> Hmm, something that put a damper on my enthusiasm. Turns out that
D> sftp requires an sftp server to run on the other end, but scp has
D> no such requirement. The reason my sftp is failing to that server
D> is because the owner doesn't have the sftp server installed. For
D> security reasons, he probably won't. So sftp failure isn't due to a
D> bug in this case, but nonetheless, it is fatal. I upgraded my gftp,
humm... that isn't my understanding of how sftp works. There is a
sftp-server on the remote side, but it's executed on a per connection
basis when an sftp connect is made...
from the sftp-server man page:
sftp-server is a program that speaks the server side of SFTP protocol to
stdout and expects client requests from stdin. sftp-server is not
intended to be called directly, but from sshd(8) using the Subsystem
option. See sshd(8) for more information.
I can't see any security vunerability in this... you have to connect
via sshd before sftp-server will be started. It might be that the
server you are looking at has an older version of openssh? They only
added sftp in the newer ones. (If that is the case, they should
upgrade to 3.1p1 ASAP).
D> to try it (thanks to Jeffrey Siegal for mentioning it), but still
D> can't do ssh transfers because gftp requires sftp server at the
D> other end. Maybe I'll be better off trying to recode part of gftp
D> to work with scp instead of sftp, which would remove the
D> requirement for a remote sftp server.
kevin
--
Kevin Fenzi
MTS, tummy.com, ltd.
http://www.tummy.com/ KRUD - Kevin's Red Hat Uber Distribution
More information about the LUG
mailing list