similar to: Deprecation of scp protocol and improving sftp client

Displaying 20 results from an estimated 50000 matches similar to: "Deprecation of scp protocol and improving sftp client"

2020 Jul 15
2
Deprecation of scp protocol and improving sftp client
On Tue, 2020-06-23 at 08:06 +0200, Markus Friedl wrote: > I had something in mind like this for years, but with slightly > different steps: > My naive approach would be to keep the scp user interface and switch > to the sftp protocol internally. We could add a -M [scp|sftp] option > to scp and select the internal protocol. Later we switch the default > from scp to sftp. > No
2020 Jun 16
2
Deprecation of scp protocol and improving sftp client
scp may be an ugly protocol, but it works, works nicely from a command line, and is quite convenient. FTP (and, presumably, sftp) is not nearly as convenient. Why do you think your recommendation to "use sftp instead" keeps falling on the deaf ear? Usability, perhaps? Perhaps it's time to stop preaching to people about what they should use, but instead - if you really want a change
2020 Aug 01
2
Deprecation of scp protocol and improving sftp client
Why can the local and remote paths be sanitized? Regards, Uri > On Jul 31, 2020, at 19:57, Ethan Rahn <ethan.rahn at gmail.com> wrote: > > ?I wanted to bring this up again due to: > https://github.com/cpandya2909/CVE-2020-15778/. This showcases a clear > issue with scp which it sounds like cannot be fixed without breaking scp. > This seems like it would lend some impetus
2020 Aug 05
2
Deprecation of scp protocol and improving sftp client
On 2020/08/05 16:17, raf wrote: > The problem is when, for example, you only have > scp/sftp access to a remote server, such as your bank, > and you use WinSCP to transfer transaction files to > them to be actioned (people do this where I work), and > the bank hasn't properly protected themselves from this > "vulnerability". I really hope all banks do take this >
2020 Aug 03
6
Deprecation of scp protocol and improving sftp client
I conjecture that only few of the existing use cases rely on remote expansion. In any case (no pun intended), IMHO it would be better to break a few of the current use cases but leave the majority functional - than kill scp for all. Regards, Uri > On Aug 3, 2020, at 02:50, Jakub Jelen <jjelen at redhat.com> wrote: > > ?On Sat, 2020-08-01 at 00:17 +0000, Blumenthal, Uri - 0553
2017 Dec 18
2
[SFTP] Possibility for Adding "ForceFilePermission" option
Hi Jakub, Sorry for the late reply. I was off from work for a few days. I?ve tried to add the noexec, nosuid and nodev mount options but it seems to have some difficulties to do so with kubernetes nfs-mount. I?ll keep trying to resolve it anyway. The patch you pasted is exactly the thing I wanna have. I think it?s super useful and I definitely vote yes for merging it to master. I was actually
2018 Mar 22
16
Call for testing: OpenSSH 7.7
Hi, OpenSSH 7.7p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at
2019 Jan 30
3
Is sshd supposed to interpret "{a,b}" brace expansions?
Hi, the proposed fix for CVE-2019-6111 [1] adds file name validation to scp to prevent the server from sending files that the client actually did not request. Now, a consequence of that patch is that commands which contain server-side brace expansions such as $ scp remote:'/etc/{passwd,group}' . error: unexpected filename: passwd no longer work. Shell globs such as [abc], ?, *,
2017 Dec 14
4
[SFTP] Possibility for Adding "ForceFilePermission" option
Hi, I understand that if I specify `ForceCommand internal-sftp -u <umask>`, the permission of any files uploaded via sftp will be calculated by `<original permission> & ~umask`. However, this can be bypassed by the `-P` option of `put` command. We are developing a shared hosting platform, therefore we definitely don?t want our users being able to upload any executable files. We
2019 Mar 27
26
Call for testing: OpenSSH 8.0
Hi, OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at
2016 Sep 27
10
[Bug 2619] New: infinite loop, 100% cpu use in ssh if ^Z is pressed at password prompt
https://bugzilla.mindrot.org/show_bug.cgi?id=2619 Bug ID: 2619 Summary: infinite loop, 100% cpu use in ssh if ^Z is pressed at password prompt Product: Portable OpenSSH Version: 7.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component:
2019 Nov 04
4
scp, sftp, and special characters in filenames
On Mon, 4 Nov 2019 at 14:07, David Newall <openssh at davidnewall.com> wrote: > [about scp] That's just awful, and I should have > thought it was not at all necessary. Am I missing something? > If you're saying that the scp protocol is an unfixable mess then the openssh team has been agreeing[0] with you for at least a decade and a half. We fix what we can, but some
2019 Oct 01
9
Call for testing: OpenSSH 8.1
Hi, OpenSSH 8.1p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at
2017 Sep 11
2
No more sessions available' / channels not closing issue
Hi all, We've run into a curious issue. We run CentOS 6.5 with openssh installed (OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 by default). We connect to this server through sftp (Subsystem sftp internal-sftp) using the java JSch library. When opening many sftp channels on a single ssh session OpenSsh does not seem to release the sftp channels closed from the client side when there are
2015 Jul 23
37
[Bug 2434] New: scp can send arbitrary control characters / escape sequences to the terminal
https://bugzilla.mindrot.org/show_bug.cgi?id=2434 Bug ID: 2434 Summary: scp can send arbitrary control characters / escape sequences to the terminal Product: Portable OpenSSH Version: 6.7p1 Hardware: Other OS: Linux Status: NEW Severity: security Priority: P5
2018 Jan 08
3
SFTP chroot: Writable root
On Sun, 2018-01-07 at 18:41 +0000, halfdog wrote: > Hello list, > > I created a page to demonstrate, what would happen when chroot > root directory is writeable. In fact, code execution is possible > already, when only /etc and /bin are writable. I also tried to > escape the chroot jail, but that did not work for non-root users. > > As the 2009 CVE activities mention,
2010 Jun 30
5
Possible feature request: sync_on_close mode for scp/sftp uploads
Hi all, First, my apologies if this is not the right forum for this... if there is a more appropriate place to make OpenSSH feature requests, or if this feature already exists, please let me know. Some background: My company makes an 'embedded' audio server box that runs Debian Linux, and one of the product's features is that users can upload files to the server via SSH, using their
2019 Jul 25
1
[PATCH] v2v: -i vmx: Use scp -T option if available to unbreak scp (RHBZ#1733168).
Tested using: cd v2v LIBGUESTFS_BACKEND=direct ../run virt-v2v -i vmx -it ssh "ssh://localhost/$PWD/test-v2v-i-vmx-1.vmx" -o null -v -x and manually examining the debug output. Thanks: Ming Xie, Jakub Jelen. --- v2v/input_vmx.ml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/v2v/input_vmx.ml b/v2v/input_vmx.ml index 5441bccb9..4a82a867f 100644 ---
2017 Mar 02
64
[Bug 2687] New: Coverity scan fixes
https://bugzilla.mindrot.org/show_bug.cgi?id=2687 Bug ID: 2687 Summary: Coverity scan fixes Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee: unassigned-bugs at mindrot.org
2015 Sep 11
11
[Bug 2463] New: Conflict with openbsd compat glob() function in shared libraries
https://bugzilla.mindrot.org/show_bug.cgi?id=2463 Bug ID: 2463 Summary: Conflict with openbsd compat glob() function in shared libraries Product: Portable OpenSSH Version: 7.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: