similar to: [Bug 831] Allow agent forwarding in sftp & scp

https://bugzilla.mindrot.org/show_bug.cgi?id=831 kl_other+mindrot at icloud.com changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #594 is|0 |1 obsolete| | --- Comment #4 from kl_other+mindrot at icloud.com --- Created attachment

https://bugzilla.mindrot.org/show_bug.cgi?id=831 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3437|ok?(dtucker at dtucker.net) |ok+ Flags| | -- You are receiving this mail because: You are

https://bugzilla.mindrot.org/show_bug.cgi?id=831 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |3162 Resolution|--- |FIXED Status|NEW |RESOLVED

https://bugzilla.mindrot.org/show_bug.cgi?id=831 kl_other+mindrot at icloud.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kl_other+mindrot at icloud.com --- Comment #3 from kl_other+mindrot at icloud.com --- Patch needs to be updated, as it will

https://bugzilla.mindrot.org/show_bug.cgi?id=831 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #9 from Darren Tucker <dtucker at dtucker.net> --- Mass close of all bugs fixed in 8.4

Damien, Reading the various articles about https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt have caused me to question the wisdom of using scp. Your observation: > Date: Tue, 22 Jan 2019 13:48:34 +1100 (AEDT) > From: Damien Miller <djm at mindrot.org> > Subject: Re: Status of SCP vulnerability > > "Don't use scp with untrusted

On Fri, 8 Dec 2023 at 07:39, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote: [...] > Problem is that if their default shell isn't sh, ash, dash, bash, zsh, etc. then things break. > Is there a workaround to allow scp/sftp to continue to work even for non-shell accounts? sftp should work regardless of the user's shell since it is invoked as a ssh subsystem

I almost never use bare 'scp' or 'sftp' anymore; I start with either 'rsync' or, if 'rsync' is not present and not installable on one end or the other, the "tar-over-bare-ssh" approach: ``` tar cf - localpath | ssh remote.host 'cd remotepath && tar xvf -' ``` I'd be in favor of one of the following: 1. 'scp' goes away, and

http://bugzilla.mindrot.org/show_bug.cgi?id=904 Summary: Better support for multi hop ssh/scp/sftp and anonymous port forwarding Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=2621 Bug ID: 2621 Summary: ControlMaster started by scp (non-ssh?) doesn't forward agent Product: Portable OpenSSH Version: 7.3p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: Miscellaneous

On 12.11.23 03:52, Damien Miller wrote: > On Sat, 11 Nov 2023, Bob Proulx wrote: > >> I am supporting a site that allows members to upload release files. I >> have inherited this site which was previously existing. The goal is >> to allow members to file transfer to and from their project area for >> release distribution but not to allow general shell access and not

Hi, On Thu, Jan 24, 2019 at 08:26:39PM +0000, Colin Watson wrote: > On Thu, Jan 24, 2019 at 12:00:48PM -0800, Jim Knoble wrote: > > 3. 'scp' stays, but becomes the CLI for SFTP, and the SCP protocol breaks. > > Why does "scp becomes the CLI for SFTP" necessitate "the SCP protocol > breaks"? The way scp works today is "run ssh to the remote,

scp may be an ugly protocol, but it works, works nicely from a command line, and is quite convenient. FTP (and, presumably, sftp) is not nearly as convenient. Why do you think your recommendation to "use sftp instead" keeps falling on the deaf ear? Usability, perhaps? Perhaps it's time to stop preaching to people about what they should use, but instead - if you really want a change

Hi, I was thinking about the difficulties and complexities of using chroot in scp or sftp-server, in order to limit the user in which files they can access. I've seen a lot of arguments about how it is pointless to try and secure scp or sftp (also from a logging perspective) because if we allow SSH access, the user can simply provide their own scp or sftp binary, that does not do the

I have not been able to get scp(1) to download a file with a newline in its name. I know that scp(1) requires that remote filenames be escaped for the shell, but that leads to protocol errors. I am also unable to get sftp(1) to handle such files. It fails with an ?unterminated quoted argument? error, no matter how I try to quote the newline. Furthermore, the SFTP CLI is not well-suited to

Hello all, I've taken a brief skim of the archives available on theaimsgroup and talked to some others regarding the ideas on chroot SSH/SFTP/SCP functionality. I've also investigated a few of the various patches out for chroot sftp|scp|ssh and am a bit of a loss at finding 'an elegant solution' to the problem. Bearing in mind the excellent starting ground of John Furman's

Works on my netbsd tinkerbox. NetBSD 5.0.2 NetBSD 5.0.2 (GENERIC) It uses rlimit. Privsep sandbox style: rlimit I also get warnings during make. fmt_scaled.c: In function 'scan_scaled': fmt_scaled.c:84: warning: array subscript has type 'char' fmt_scaled.c:111: warning: array subscript has type 'char' fmt_scaled.c:155: warning: array subscript has type 'char'

On Tue, 2020-06-23 at 08:06 +0200, Markus Friedl wrote: > I had something in mind like this for years, but with slightly > different steps: > My naive approach would be to keep the scp user interface and switch > to the sftp protocol internally. We could add a -M [scp|sftp] option > to scp and select the internal protocol. Later we switch the default > from scp to sftp. > No

On 2020/08/05 16:17, raf wrote: > The problem is when, for example, you only have > scp/sftp access to a remote server, such as your bank, > and you use WinSCP to transfer transaction files to > them to be actioned (people do this where I work), and > the bank hasn't properly protected themselves from this > "vulnerability". I really hope all banks do take this >

Hi, I have an HP server with OpenSSH 3.1p1, on which the scp and sftp are giving strange failures. For example: scp, ssh and sftp works fine only for the root user. But for a normal user account only the ssh part works, the scp and sftp fails to connect. I am running UX 11i. Any help wil be appreciated. -- "To learn is a natural pleasure" - Aristotle