|
 |
f32839 |
diff --git a/scp.1 b/scp.1
|
|
|
f32839 |
index 68aac04b..a96e95ad 100644
|
|
|
f32839 |
--- a/scp.1
|
|
|
f32839 |
+++ b/scp.1
|
|
|
f32839 |
@@ -8,9 +8,9 @@
|
|
|
f32839 |
.\"
|
|
|
f32839 |
.\" Created: Sun May 7 00:14:37 1995 ylo
|
|
|
f32839 |
.\"
|
|
|
f32839 |
-.\" $OpenBSD: scp.1,v 1.100 2021/08/11 14:07:54 naddy Exp $
|
|
|
f32839 |
+.\" $OpenBSD: scp.1,v 1.101 2021/09/08 23:31:39 djm Exp $
|
|
|
f32839 |
.\"
|
|
|
f32839 |
-.Dd $Mdocdate: August 11 2021 $
|
|
|
f32839 |
+.Dd $Mdocdate: September 8 2021 $
|
|
|
f32839 |
.Dt SCP 1
|
|
|
f32839 |
.Os
|
|
|
f32839 |
.Sh NAME
|
|
|
f32839 |
@@ -18,7 +18,7 @@
|
|
|
f32839 |
.Nd OpenSSH secure file copy
|
|
|
f32839 |
.Sh SYNOPSIS
|
|
|
f32839 |
.Nm scp
|
|
|
f32839 |
-.Op Fl 346ABCOpqRrsTv
|
|
|
f32839 |
+.Op Fl 346ABCOpqRrTv
|
|
|
f32839 |
.Op Fl c Ar cipher
|
|
|
f32839 |
.Op Fl D Ar sftp_server_path
|
|
|
f32839 |
.Op Fl F Ar ssh_config
|
|
|
f32839 |
@@ -37,9 +37,6 @@ It uses
|
|
|
f32839 |
.Xr ssh 1
|
|
|
f32839 |
for data transfer, and uses the same authentication and provides the
|
|
|
f32839 |
same security as a login session.
|
|
|
f32839 |
-The scp protocol requires execution of the remote user's shell to perform
|
|
|
f32839 |
-.Xr glob 3
|
|
|
f32839 |
-pattern matching.
|
|
|
f32839 |
.Pp
|
|
|
f32839 |
.Nm
|
|
|
f32839 |
will ask for passwords or passphrases if they are needed for
|
|
|
f32839 |
@@ -79,7 +76,9 @@ The options are as follows:
|
|
|
f32839 |
Copies between two remote hosts are transferred through the local host.
|
|
|
f32839 |
Without this option the data is copied directly between the two remote
|
|
|
f32839 |
hosts.
|
|
|
f32839 |
-Note that, when using the legacy SCP protocol (the default), this option
|
|
|
f32839 |
+Note that, when using the legacy SCP protocol (via the
|
|
|
f32839 |
+.Fl O
|
|
|
f32839 |
+flag), this option
|
|
|
f32839 |
selects batch mode for the second host as
|
|
|
f32839 |
.Nm
|
|
|
f32839 |
cannot ask for passwords or passphrases for both hosts.
|
|
|
f32839 |
@@ -146,9 +145,10 @@ Limits the used bandwidth, specified in Kbit/s.
|
|
|
f32839 |
.It Fl O
|
|
|
f32839 |
Use the legacy SCP protocol for file transfers instead of the SFTP protocol.
|
|
|
f32839 |
Forcing the use of the SCP protocol may be necessary for servers that do
|
|
|
f32839 |
-not implement SFTP or for backwards-compatibility for particular filename
|
|
|
f32839 |
-wildcard patterns.
|
|
|
f32839 |
-This mode is the default.
|
|
|
f32839 |
+not implement SFTP, for backwards-compatibility for particular filename
|
|
|
f32839 |
+wildcard patterns and for expanding paths with a
|
|
|
f32839 |
+.Sq ~
|
|
|
f32839 |
+prefix for older SFTP servers.
|
|
|
f32839 |
.It Fl o Ar ssh_option
|
|
|
f32839 |
Can be used to pass options to
|
|
|
f32839 |
.Nm ssh
|
|
|
f32839 |
@@ -258,16 +258,6 @@ to use for the encrypted connection.
|
|
|
f32839 |
The program must understand
|
|
|
f32839 |
.Xr ssh 1
|
|
|
f32839 |
options.
|
|
|
f32839 |
-.It Fl s
|
|
|
f32839 |
-Use the SFTP protocol for file transfers instead of the legacy SCP protocol.
|
|
|
f32839 |
-Using SFTP avoids invoking a shell on the remote side and provides
|
|
|
f32839 |
-more predictable filename handling, as the SCP protocol
|
|
|
f32839 |
-relied on the remote shell for expanding
|
|
|
f32839 |
-.Xr glob 3
|
|
|
f32839 |
-wildcards.
|
|
|
f32839 |
-.Pp
|
|
|
f32839 |
-A near-future release of OpenSSH will make the SFTP protocol the default.
|
|
|
f32839 |
-This option will be deleted before the end of 2022.
|
|
|
f32839 |
.It Fl T
|
|
|
f32839 |
Disable strict filename checking.
|
|
|
f32839 |
By default when copying files from a remote host to a local directory
|
|
|
f32839 |
@@ -299,11 +289,23 @@ debugging connection, authentication, and configuration problems.
|
|
|
f32839 |
.Xr ssh_config 5 ,
|
|
|
f32839 |
.Xr sftp-server 8 ,
|
|
|
f32839 |
.Xr sshd 8
|
|
|
f32839 |
+.Sh CAVEATS
|
|
|
f32839 |
+The original scp protocol (selected by the
|
|
|
f32839 |
+.Fl O
|
|
|
f32839 |
+flag) requires execution of the remote user's shell to perform
|
|
|
f32839 |
+.Xr glob 3
|
|
|
f32839 |
+pattern matching.
|
|
|
f32839 |
+This requires careful quoting of any characters that have special meaning to
|
|
|
f32839 |
+the remote shell, such as quote characters.
|
|
|
f32839 |
.Sh HISTORY
|
|
|
f32839 |
.Nm
|
|
|
f32839 |
is based on the rcp program in
|
|
|
f32839 |
.Bx
|
|
|
f32839 |
source code from the Regents of the University of California.
|
|
|
f32839 |
+.Pp
|
|
|
f32839 |
+Since OpenSSH 8.8 (8.7 in Red Hat/Fedora builds),
|
|
|
f32839 |
+.Nm
|
|
|
f32839 |
+has use the SFTP protocol for transfers by default.
|
|
|
f32839 |
.Sh AUTHORS
|
|
|
f32839 |
.An Timo Rinne Aq Mt tri@iki.fi
|
|
|
f32839 |
.An Tatu Ylonen Aq Mt ylo@cs.hut.fi
|
|
|
f32839 |
diff --git a/scp.c b/scp.c
|
|
|
f32839 |
index e039350c..c7cf7529 100644
|
|
|
f32839 |
--- a/scp.c
|
|
|
f32839 |
+++ b/scp.c
|
|
|
f32839 |
@@ -1,4 +1,4 @@
|
|
|
f32839 |
-/* $OpenBSD: scp.c,v 1.232 2021/08/11 14:07:54 naddy Exp $ */
|
|
|
f32839 |
+/* $OpenBSD: scp.c,v 1.233 2021/09/08 23:31:39 djm Exp $ */
|
|
|
f32839 |
/*
|
|
|
f32839 |
* scp - secure remote copy. This is basically patched BSD rcp which
|
|
|
f32839 |
* uses ssh to do the data transfer (instead of using rcmd).
|
|
|
f32839 |
@@ -448,7 +448,7 @@ main(int argc, char **argv)
|
|
|
f32839 |
const char *errstr;
|
|
|
f32839 |
extern char *optarg;
|
|
|
f32839 |
extern int optind;
|
|
|
f32839 |
- enum scp_mode_e mode = MODE_SCP;
|
|
|
f32839 |
+ enum scp_mode_e mode = MODE_SFTP;
|
|
|
f32839 |
char *sftp_direct = NULL;
|
|
|
f32839 |
|
|
|
f32839 |
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
|
|
|
f32839 |
@@ -1983,7 +1983,7 @@ void
|
|
|
f32839 |
usage(void)
|
|
|
f32839 |
{
|
|
|
f32839 |
(void) fprintf(stderr,
|
|
|
f32839 |
- "usage: scp [-346ABCOpqRrsTv] [-c cipher] [-D sftp_server_path] [-F ssh_config]\n"
|
|
|
f32839 |
+ "usage: scp [-346ABCOpqRrTv] [-c cipher] [-D sftp_server_path] [-F ssh_config]\n"
|
|
|
f32839 |
" [-i identity_file] [-J destination] [-l limit]\n"
|
|
|
f32839 |
" [-o ssh_option] [-P port] [-S program] source ... target\n");
|
|
|
f32839 |
exit(1);
|