*BSDThis forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Replacing things just because they're "old" is also a rejection of extensively tried/tested and potential replacement of sound with unsound (buggy - and security flaws are just regular bugs that open up potential security risks)
So yet more fragmentation and inconsistencies in the Linux camp. Nice to have a common single OS/consistencies as per the BSD's
scp has been replaced not because it is old but because it contains irreparable design flaws. There have been notices warning of its deprecation for a very long time now. Years. So by now your workflow ought to include rsync or sftp instead.
However, you are right in general about the appeal to novelty being a bad thing. It is the main reason that the systemd infection got established.'
This release contains mitigation for a weakness in the scp(1) tool
and protocol (CVE-2019-6111): when copying files from a remote system
to a local directory, scp(1) did not verify that the filenames that
the server sent matched those requested by the client. This could
allow a hostile server to create or clobber unexpected local files
with attacker-controlled content.
This release adds client-side checking that the filenames sent from
the server match the command-line request,
The scp protocol is outdated, inflexible and not readily fixed. We
recommend the use of more modern protocols like sftp and rsync for
file transfer instead.
IIRC, OpenBSD folks replaced scp by having it somehow use sftp a release or 2 ago. I remember that in the release notes before I moved on from it. So I would think the portable version of ssh also did the same. But to lazy and tired to check
My guess, since Slackware came out recently, scp may not be an issue assuming scp comes in the ssh package.
I cannot check Slackware now since I am testing/configurating my secondary system's new setup.
sshfs mounting is nice, as then a folder on one machine becomes just another folder on another machine and you can use whatever file manager to drag/move files into/from that. Similar to a normal mount
IIRC, OpenBSD folks replaced scp by having it somehow use sftp a release or 2 ago....
The scp(1) utility switched the default protocol back-and-forth, per the commit log for src/usr.bin/ssh/scp.c. There were many protocol-related commits, but these were the ones which noted that they altered the default:
Code:
Author: djm <djm () openbsd ! org>
Date: Wed Sep 8 23:31:39 2021 +0000
Use the SFTP protocol by default. The original scp/rcp protocol remains
available via the -O flag.
Note that ~user/ prefixed paths in SFTP mode require a protocol extension
that was first shipped in OpenSSH 8.7.
ok deraadt, after baking in snaps for a while without incident
Code:
Author: djm <djm () openbsd ! org>
Date: Mon Sep 20 01:55:42 2021 +0000
Switch scp back to use the old protocol by default, ahead of release.
We'll wait a little longer for people to pick up sftp-server(8) that
supports the extension that scp needs for ~user paths to continue
working in SFTP protocol mode. Discussed with deraadt@
Code:
Author: deraadt <deraadt () openbsd ! org>
Date: Fri Oct 15 14:46:46 2021 +0000
openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
protocol for copying. Let's get back to testing the SFTP protocol.
Code:
Author: djm <djm () openbsd ! org>
Date: Thu Feb 10 04:12:38 2022 +0000
revert for imminent OpenSSH release, which wil ship with scp in RCP mode.
> revision 1.106
> date: 2021/10/15 14:46:46; author: deraadt; state: Exp; lines: +13 -9; commitid: w5n9B2RE38tFfggl;
> openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
> protocol for copying. Let's get back to testing the SFTP protocol.
This will be put back once the OpenSSH release is done.
Code:
Author: deraadt <deraadt () openbsd ! org>
Date: Wed Feb 23 19:01:00 2022 +0000
and we go back to testing sftp-scp after the 8.9 release...
Last edited by jggimi; 07-02-2022 at 09:08 AM.
Reason: added jmccue's quote for clarity, obfuscated email addresses to defeat harvesters
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
