|
|
Subscribe / Log in / New account

OpenSSH 9.0 released

OpenSSH 9.0 released

Posted Apr 8, 2022 23:57 UTC (Fri) by cjwatson (subscriber, #7322)
In reply to: OpenSSH 9.0 released by dullfire
Parent article: OpenSSH 9.0 released

I wouldn't get too distracted by the IETF standards status here. The scp "protocol" is a dismal relic of SSH 1, before all the modern SSH protocol work, and because of the way it relied on calling scp on the remote end it was nearly impossible to extend sensibly.

Some may remember the scp security fix from OpenSSH 8.0, which had pretty much no alternative within the traditional protocol but to break some workflows due to that protocol's reliance on wildcard expansion by the remote shell. The mere fact that the remote shell's parsing rules even had to be involved in copying files should give you the willies about how scp used to work ...

PuTTY's pscp has used the SFTP protocol for years, incidentally.

to post comments

OpenSSH 9.0 released

Posted Apr 9, 2022 12:07 UTC (Sat) by dtucker (subscriber, #6575) [Link]

> The scp "protocol" is a dismal relic of SSH 1

It dates back further than that to 4.2BSD's rcp in 1982. In OpenBSD they were almost identical codebases and we used to apply fixes to both scp.c and rcp.c (until rcp was deleted from the tree).

In fact the in the original release of ssh-1.0.0 scp.c still had a CVS Id for rcp.c, which based on the ID seems to have been sourced from FreeBSD.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds