rpms / openssh

Clone
Source Code
GIT

Blame openssh-8.7p1-sftp-default-protocol.patch

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   640f2450c4466f860502bfad1e14c85160f48927
  2.   openssh-8.7p1-sftp-default-protocol.patch
Blob History Raw
Dmitry Belyavskiy 640f24 
diff --git a/scp.1 b/scp.1
Dmitry Belyavskiy 640f24 
index 68aac04b..a96e95ad 100644
Dmitry Belyavskiy 640f24 
--- a/scp.1
Dmitry Belyavskiy 640f24 
+++ b/scp.1
Dmitry Belyavskiy 640f24 
@@ -8,9 +8,9 @@
Dmitry Belyavskiy 640f24 
 .\"
Dmitry Belyavskiy 640f24 
 .\" Created: Sun May  7 00:14:37 1995 ylo
Dmitry Belyavskiy 640f24 
 .\"
Dmitry Belyavskiy 640f24 
-.\" $OpenBSD: scp.1,v 1.100 2021/08/11 14:07:54 naddy Exp $
Dmitry Belyavskiy 640f24 
+.\" $OpenBSD: scp.1,v 1.101 2021/09/08 23:31:39 djm Exp $
Dmitry Belyavskiy 640f24 
 .\"
Dmitry Belyavskiy 640f24 
-.Dd $Mdocdate: August 11 2021 $
Dmitry Belyavskiy 640f24 
+.Dd $Mdocdate: September 8 2021 $
Dmitry Belyavskiy 640f24 
 .Dt SCP 1
Dmitry Belyavskiy 640f24 
 .Os
Dmitry Belyavskiy 640f24 
 .Sh NAME
Dmitry Belyavskiy 640f24 
@@ -18,7 +18,7 @@
Dmitry Belyavskiy 640f24 
 .Nd OpenSSH secure file copy
Dmitry Belyavskiy 640f24 
 .Sh SYNOPSIS
Dmitry Belyavskiy 640f24 
 .Nm scp
Dmitry Belyavskiy 640f24 
-.Op Fl 346ABCOpqRrsTv
Dmitry Belyavskiy 640f24 
+.Op Fl 346ABCOpqRrTv
Dmitry Belyavskiy 640f24 
 .Op Fl c Ar cipher
Dmitry Belyavskiy 640f24 
 .Op Fl D Ar sftp_server_path
Dmitry Belyavskiy 640f24 
 .Op Fl F Ar ssh_config
Dmitry Belyavskiy 640f24 
@@ -37,9 +37,6 @@ It uses
Dmitry Belyavskiy 640f24 
 .Xr ssh 1
Dmitry Belyavskiy 640f24 
 for data transfer, and uses the same authentication and provides the
Dmitry Belyavskiy 640f24 
 same security as a login session.
Dmitry Belyavskiy 640f24 
-The scp protocol requires execution of the remote user's shell to perform
Dmitry Belyavskiy 640f24 
-.Xr glob 3
Dmitry Belyavskiy 640f24 
-pattern matching.
Dmitry Belyavskiy 640f24 
 .Pp
Dmitry Belyavskiy 640f24 
 .Nm
Dmitry Belyavskiy 640f24 
 will ask for passwords or passphrases if they are needed for
Dmitry Belyavskiy 640f24 
@@ -79,7 +76,9 @@ The options are as follows:
Dmitry Belyavskiy 640f24 
 Copies between two remote hosts are transferred through the local host.
Dmitry Belyavskiy 640f24 
 Without this option the data is copied directly between the two remote
Dmitry Belyavskiy 640f24 
 hosts.
Dmitry Belyavskiy 640f24 
-Note that, when using the legacy SCP protocol (the default), this option
Dmitry Belyavskiy 640f24 
+Note that, when using the legacy SCP protocol (via the
Dmitry Belyavskiy 640f24 
+.Fl O
Dmitry Belyavskiy 640f24 
+flag), this option
Dmitry Belyavskiy 640f24 
 selects batch mode for the second host as
Dmitry Belyavskiy 640f24 
 .Nm
Dmitry Belyavskiy 640f24 
 cannot ask for passwords or passphrases for both hosts.
Dmitry Belyavskiy 640f24 
@@ -146,9 +145,10 @@ Limits the used bandwidth, specified in Kbit/s.
Dmitry Belyavskiy 640f24 
 .It Fl O
Dmitry Belyavskiy 640f24 
 Use the legacy SCP protocol for file transfers instead of the SFTP protocol.
Dmitry Belyavskiy 640f24 
 Forcing the use of the SCP protocol may be necessary for servers that do
Dmitry Belyavskiy 640f24 
-not implement SFTP or for backwards-compatibility for particular filename
Dmitry Belyavskiy 640f24 
-wildcard patterns.
Dmitry Belyavskiy 640f24 
-This mode is the default.
Dmitry Belyavskiy 640f24 
+not implement SFTP, for backwards-compatibility for particular filename
Dmitry Belyavskiy 640f24 
+wildcard patterns and for expanding paths with a
Dmitry Belyavskiy 640f24 
+.Sq ~
Dmitry Belyavskiy 640f24 
+prefix for older SFTP servers.
Dmitry Belyavskiy 640f24 
 .It Fl o Ar ssh_option
Dmitry Belyavskiy 640f24 
 Can be used to pass options to
Dmitry Belyavskiy 640f24 
 .Nm ssh
Dmitry Belyavskiy 640f24 
@@ -258,16 +258,6 @@ to use for the encrypted connection.
Dmitry Belyavskiy 640f24 
 The program must understand
Dmitry Belyavskiy 640f24 
 .Xr ssh 1
Dmitry Belyavskiy 640f24 
 options.
Dmitry Belyavskiy 640f24 
-.It Fl s
Dmitry Belyavskiy 640f24 
-Use the SFTP protocol for file transfers instead of the legacy SCP protocol.
Dmitry Belyavskiy 640f24 
-Using SFTP avoids invoking a shell on the remote side and provides
Dmitry Belyavskiy 640f24 
-more predictable filename handling, as the SCP protocol
Dmitry Belyavskiy 640f24 
-relied on the remote shell for expanding
Dmitry Belyavskiy 640f24 
-.Xr glob 3
Dmitry Belyavskiy 640f24 
-wildcards.
Dmitry Belyavskiy 640f24 
-.Pp
Dmitry Belyavskiy 640f24 
-A near-future release of OpenSSH will make the SFTP protocol the default.
Dmitry Belyavskiy 640f24 
-This option will be deleted before the end of 2022.
Dmitry Belyavskiy 640f24 
 .It Fl T
Dmitry Belyavskiy 640f24 
 Disable strict filename checking.
Dmitry Belyavskiy 640f24 
 By default when copying files from a remote host to a local directory
Dmitry Belyavskiy 640f24 
@@ -299,11 +289,23 @@ debugging connection, authentication, and configuration problems.
Dmitry Belyavskiy 640f24 
 .Xr ssh_config 5 ,
Dmitry Belyavskiy 640f24 
 .Xr sftp-server 8 ,
Dmitry Belyavskiy 640f24 
 .Xr sshd 8
Dmitry Belyavskiy 640f24 
+.Sh CAVEATS
Dmitry Belyavskiy 640f24 
+The original scp protocol (selected by the
Dmitry Belyavskiy 640f24 
+.Fl O
Dmitry Belyavskiy 640f24 
+flag) requires execution of the remote user's shell to perform
Dmitry Belyavskiy 640f24 
+.Xr glob 3
Dmitry Belyavskiy 640f24 
+pattern matching.
Dmitry Belyavskiy 640f24 
+This requires careful quoting of any characters that have special meaning to
Dmitry Belyavskiy 640f24 
+the remote shell, such as quote characters.
Dmitry Belyavskiy 640f24 
 .Sh HISTORY
Dmitry Belyavskiy 640f24 
 .Nm
Dmitry Belyavskiy 640f24 
 is based on the rcp program in
Dmitry Belyavskiy 640f24 
 .Bx
Dmitry Belyavskiy 640f24 
 source code from the Regents of the University of California.
Dmitry Belyavskiy 640f24 
+.Pp
Dmitry Belyavskiy 640f24 
+Since OpenSSH 8.8 (8.7 in Red Hat/Fedora builds),
Dmitry Belyavskiy 640f24 
+.Nm
Dmitry Belyavskiy 640f24 
+has use the SFTP protocol for transfers by default.
Dmitry Belyavskiy 640f24 
 .Sh AUTHORS
Dmitry Belyavskiy 640f24 
 .An Timo Rinne Aq Mt tri@iki.fi
Dmitry Belyavskiy 640f24 
 .An Tatu Ylonen Aq Mt ylo@cs.hut.fi
Dmitry Belyavskiy 640f24 
diff --git a/scp.c b/scp.c
Dmitry Belyavskiy 640f24 
index e039350c..c7cf7529 100644
Dmitry Belyavskiy 640f24 
--- a/scp.c
Dmitry Belyavskiy 640f24 
+++ b/scp.c
Dmitry Belyavskiy 640f24 
@@ -1,4 +1,4 @@
Dmitry Belyavskiy 640f24 
-/* $OpenBSD: scp.c,v 1.232 2021/08/11 14:07:54 naddy Exp $ */
Dmitry Belyavskiy 640f24 
+/* $OpenBSD: scp.c,v 1.233 2021/09/08 23:31:39 djm Exp $ */
Dmitry Belyavskiy 640f24 
 /*
Dmitry Belyavskiy 640f24 
  * scp - secure remote copy.  This is basically patched BSD rcp which
Dmitry Belyavskiy 640f24 
  * uses ssh to do the data transfer (instead of using rcmd).
Dmitry Belyavskiy 640f24 
@@ -448,7 +448,7 @@ main(int argc, char **argv)
Dmitry Belyavskiy 640f24 
 	const char *errstr;
Dmitry Belyavskiy 640f24 
 	extern char *optarg;
Dmitry Belyavskiy 640f24 
 	extern int optind;
Dmitry Belyavskiy 640f24 
-	enum scp_mode_e mode = MODE_SCP;
Dmitry Belyavskiy 640f24 
+	enum scp_mode_e mode = MODE_SFTP;
Dmitry Belyavskiy 640f24 
 	char *sftp_direct = NULL;
Dmitry Belyavskiy 640f24
Dmitry Belyavskiy 640f24 
 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
Dmitry Belyavskiy 640f24 
@@ -1983,7 +1983,7 @@ void
Dmitry Belyavskiy 640f24 
 usage(void)
Dmitry Belyavskiy 640f24 
 {
Dmitry Belyavskiy 640f24 
 	(void) fprintf(stderr,
Dmitry Belyavskiy 640f24 
-	    "usage: scp [-346ABCOpqRrsTv] [-c cipher] [-D sftp_server_path] [-F ssh_config]\n"
Dmitry Belyavskiy 640f24 
+	    "usage: scp [-346ABCOpqRrTv] [-c cipher] [-D sftp_server_path] [-F ssh_config]\n"
Dmitry Belyavskiy 640f24 
 	    "           [-i identity_file] [-J destination] [-l limit]\n"
Dmitry Belyavskiy 640f24 
 	    "           [-o ssh_option] [-P port] [-S program] source ... target\n");
Dmitry Belyavskiy 640f24 
 	exit(1);

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation