FYI: the next release will have scp using the SFTP protocol by
default.
There are two known incompatibilities:
Use of the SFTP protocol avoids interpretation of remote paths by
the shell. We consider this a feature, but it does change (simplify
really) necessary quoting of shell characters.
Remote paths with a ~user/ prefix require a SFTP protocol extension
that was included in OpenSSH 8.7's sftp-server.
The original scp/rcp protocol remains available via "scp -O ..."
If you're in a position to test snapshots/git prior to release
(ETA October), then it would be appreciated.
-d
---------- Forwarded message ----------
Date: Thu, 9 Sep 2021 12:36:31
From: git+noreply at mindrot.org
Reply-To: openssh-unix-dev at mindrot.org
To: openssh-commits at mindrot.org
Subject: [openssh-commits] [openssh] 01/01: upstream: Use the SFTP protocol by
default. The original scp/rcp
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 73050fa38fb36ae3326d768b574806352b97002d
Author: djm at openbsd.org <djm at openbsd.org>
Date: Wed Sep 8 23:31:39 2021 +0000
upstream: Use the SFTP protocol by default. The original scp/rcp
protocol remains available via the -O flag.
Note that ~user/ prefixed paths in SFTP mode require a protocol extension
that was first shipped in OpenSSH 8.7.
ok deraadt, after baking in snaps for a while without incident
OpenBSD-Commit-ID: 23588976e28c281ff5988da0848cb821fec9213c
---
scp.1 | 42 ++++++++++++++++++++++--------------------
scp.c | 6 +++---
2 files changed, 25 insertions(+), 23 deletions(-)
Dear Damien, Many thanks! It's a change we are looking forward to. I'd suggest adding one more minor change: an option to disable the SCP protocol on a system level. At least some of our customers sent us such a request. https://github.com/openssh/openssh-portable/pull/271 is a possible way to do it. As scp utility doesn't read the system configuration file, the flag looks like a best feasible option. On Thu, Sep 9, 2021 at 4:54 AM Damien Miller <djm at mindrot.org> wrote:> FYI: the next release will have scp using the SFTP protocol by > default. > > There are two known incompatibilities: > > Use of the SFTP protocol avoids interpretation of remote paths by > the shell. We consider this a feature, but it does change (simplify > really) necessary quoting of shell characters. > > Remote paths with a ~user/ prefix require a SFTP protocol extension > that was included in OpenSSH 8.7's sftp-server. > > The original scp/rcp protocol remains available via "scp -O ..." > > If you're in a position to test snapshots/git prior to release > (ETA October), then it would be appreciated. > > -d > > ---------- Forwarded message ---------- > Date: Thu, 9 Sep 2021 12:36:31 > From: git+noreply at mindrot.org > Reply-To: openssh-unix-dev at mindrot.org > To: openssh-commits at mindrot.org > Subject: [openssh-commits] [openssh] 01/01: upstream: Use the SFTP > protocol by > default. The original scp/rcp > > This is an automated email from the git hooks/post-receive script. > > djm pushed a commit to branch master > in repository openssh. > > commit 73050fa38fb36ae3326d768b574806352b97002d > Author: djm at openbsd.org <djm at openbsd.org> > Date: Wed Sep 8 23:31:39 2021 +0000 > > upstream: Use the SFTP protocol by default. The original scp/rcp > > protocol remains available via the -O flag. > > Note that ~user/ prefixed paths in SFTP mode require a protocol > extension > that was first shipped in OpenSSH 8.7. > > ok deraadt, after baking in snaps for a while without incident > > OpenBSD-Commit-ID: 23588976e28c281ff5988da0848cb821fec9213c > --- > scp.1 | 42 ++++++++++++++++++++++-------------------- > scp.c | 6 +++--- > 2 files changed, 25 insertions(+), 23 deletions(-) > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > >-- Dmitry Belyavskiy
On Thu, 9 Sep 2021, Damien Miller wrote:> FYI: the next release will have scp using the SFTP protocol by > default. > > There are two known incompatibilities: > > Use of the SFTP protocol avoids interpretation of remote paths by > the shell. We consider this a feature, but it does change (simplify > really) necessary quoting of shell characters. > > Remote paths with a ~user/ prefix require a SFTP protocol extension > that was included in OpenSSH 8.7's sftp-server. > > The original scp/rcp protocol remains available via "scp -O ..." > > If you're in a position to test snapshots/git prior to release > (ETA October), then it would be appreciated.FYI, I'm rolling this back for the release that will happen in a few days. We want to give people a bit more time to pick up the sftp-server "expand-path at openssh.com" extension to support ~user paths. If you're an OpenSSH maintainer for an operating system distribution consider either updating your stable OpenSSH to the 8.8 release when it ships or backporting the "expand-path at openssh.com" extension to your stable OpenSSH sftp-server. Attached are some patches to do this for OpenSSH 8.2 and should be fairly easily adaptable to other versions. Removing this backwards-compatibility problem in popular distributions will hasten the time when we can turn scp protocol off by default. -d -------------- next part --------------