LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices


Reply
  Search this Thread
Old 07-02-2022, 03:51 AM   #1
rufwoof
Member
 
Registered: Nov 2017
Distribution: Linux kernel, busybox, fbvnc
Posts: 120

Rep: Reputation: Disabled
Linux replacing scp, ifconfig, netstat ...etc.


Linux looks to be throwing out the likes of scp, ifconfig, netstat and others https://itsfoss.com/deprecated-linux-commands/

Replacing things just because they're "old" is also a rejection of extensively tried/tested and potential replacement of sound with unsound (buggy - and security flaws are just regular bugs that open up potential security risks)

So yet more fragmentation and inconsistencies in the Linux camp. Nice to have a common single OS/consistencies as per the BSD's
 
Old 07-02-2022, 04:08 AM   #2
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 6,414
Blog Entries: 3

Rep: Reputation: 3347Reputation: 3347Reputation: 3347Reputation: 3347Reputation: 3347Reputation: 3347Reputation: 3347Reputation: 3347Reputation: 3347Reputation: 3347Reputation: 3347
scp has been replaced not because it is old but because it contains irreparable design flaws. There have been notices warning of its deprecation for a very long time now. Years. So by now your workflow ought to include rsync or sftp instead.

However, you are right in general about the appeal to novelty being a bad thing. It is the main reason that the systemd infection got established.'

Edit:
Quote:
from OpenSSH 8.0 release notes:

This release contains mitigation for a weakness in the scp(1) tool
and protocol (CVE-2019-6111): when copying files from a remote system
to a local directory, scp(1) did not verify that the filenames that
the server sent matched those requested by the client. This could
allow a hostile server to create or clobber unexpected local files
with attacker-controlled content.

This release adds client-side checking that the filenames sent from
the server match the command-line request,

The scp protocol is outdated, inflexible and not readily fixed. We
recommend the use of more modern protocols like sftp and rsync for
file transfer instead.
and

Quote:
from OpenSSH 8.9 release notes:

A near-future release of OpenSSH will switch scp(1) from using the
legacy scp/rcp protocol to using SFTP by default.
and

Quote:
from OpenSSH 9.0 release notes:

This release switches scp(1) from using the legacy scp/rcp protocol
to using the SFTP protocol by default.

Last edited by Turbocapitalist; 07-02-2022 at 04:27 AM.
 
1 members found this post helpful.
Old 07-02-2022, 07:55 AM   #3
jmccue
Member
 
Registered: Nov 2008
Location: US
Distribution: slackware
Posts: 481
Blog Entries: 1

Rep: Reputation: 264Reputation: 264Reputation: 264
IIRC, OpenBSD folks replaced scp by having it somehow use sftp a release or 2 ago. I remember that in the release notes before I moved on from it. So I would think the portable version of ssh also did the same. But to lazy and tired to check

My guess, since Slackware came out recently, scp may not be an issue assuming scp comes in the ssh package.

I cannot check Slackware now since I am testing/configurating my secondary system's new setup.
 
Old 07-02-2022, 08:48 AM   #4
rufwoof
Member
 
Registered: Nov 2017
Distribution: Linux kernel, busybox, fbvnc
Posts: 120

Original Poster
Rep: Reputation: Disabled
sshfs mounting is nice, as then a folder on one machine becomes just another folder on another machine and you can use whatever file manager to drag/move files into/from that. Similar to a normal mount

mkdir /mnt/server
sshfs 192.168.1.4:/mnt/sda3 /mnt/server

... type syntax. Or set it up in /etc/fstab

I think that still just uses sftp

One aspect I remain unfamilar with is IP6 format as our LAN is still IP4 and fixed IP's old-school style.
 
Old 07-02-2022, 09:01 AM   #5
jggimi
Member
 
Registered: Jan 2016
Distribution: None. Just OpenBSD.
Posts: 270

Rep: Reputation: 140Reputation: 140
Quote:
Originally Posted by jmccue View Post
IIRC, OpenBSD folks replaced scp by having it somehow use sftp a release or 2 ago....
The scp(1) utility switched the default protocol back-and-forth, per the commit log for src/usr.bin/ssh/scp.c. There were many protocol-related commits, but these were the ones which noted that they altered the default:
Code:
Author: djm <djm () openbsd ! org>
Date:   Wed Sep 8 23:31:39 2021 +0000

    Use the SFTP protocol by default. The original scp/rcp protocol remains
    available via the -O flag.
    
    Note that ~user/ prefixed paths in SFTP mode require a protocol extension
    that was first shipped in OpenSSH 8.7.
    
    ok deraadt, after baking in snaps for a while without incident
Code:
Author: djm <djm () openbsd ! org>
Date:   Mon Sep 20 01:55:42 2021 +0000

    Switch scp back to use the old protocol by default, ahead of release.
    We'll wait a little longer for people to pick up sftp-server(8) that
    supports the extension that scp needs for ~user paths to continue
    working in SFTP protocol mode. Discussed with deraadt@
Code:
Author: deraadt <deraadt () openbsd ! org>
Date:   Fri Oct 15 14:46:46 2021 +0000

    openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
    protocol for copying.  Let's get back to testing the SFTP protocol.
Code:
Author: djm <djm () openbsd ! org>
Date:   Thu Feb 10 04:12:38 2022 +0000

    revert for imminent OpenSSH release, which wil ship with scp in RCP mode.
    
    > revision 1.106
    > date: 2021/10/15 14:46:46;  author: deraadt;  state: Exp;  lines: +13 -9;  commitid: w5n9B2RE38tFfggl;
    > openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
    > protocol for copying.  Let's get back to testing the SFTP protocol.
    
    This will be put back once the OpenSSH release is done.
Code:
Author: deraadt <deraadt () openbsd ! org>
Date:   Wed Feb 23 19:01:00 2022 +0000

    and we go back to testing sftp-scp after the 8.9 release...

Last edited by jggimi; 07-02-2022 at 09:08 AM. Reason: added jmccue's quote for clarity, obfuscated email addresses to defeat harvesters
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: NETSTAT Command: Learn to use netstat with examples LXer Syndicated Linux News 0 12-06-2017 12:24 PM
[SOLVED] ifconfig -a sees eth0 ifconfig does not thllgo Linux - Networking 2 05-05-2016 03:38 PM
Why "-bash: ifconfig : command not found" when typing "$ifconfig" dangdtvn Linux - Server 9 09-20-2013 06:01 AM
Trouble connecting to my network on liberte, linux noob, ifconfig/netstat provided nubbin99 Linux - Distributions 3 05-15-2012 03:51 AM
connecting /sbin/ifconfig to bash command ifconfig flammable2 Fedora 4 11-12-2005 07:58 AM

LinuxQuestions.org > Forums > Other *NIX Forums > *BSD

All times are GMT -5. The time now is 02:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration