 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On 2/22/07, Dan Ritter <dsr at tao.merseine.nu> wrote: > On Wed, Feb 21, 2007 at 11:28:18PM -0500, John Abreau wrote: > > On 2/21/07, Robert La Ferla <robertlaferla at comcast.net> wrote: > > > > I believe scp and sftp both use the same backend on the server; > > it seems odd that one would work and the other not. Any security > > problem would be with the backend, not with the client end, so > > blocking scp and enabling sftp is no more secure than enabling > > both scp and sftp. > > SFTP uses the SSH subsystem facility, which runs an external > binary to accept commands. scp runs a local copy of scp itself > over an SSH link, much like "scp | ssh target scp". I poked around google, and found that it was the F-Secure SSH that implemented scp via the sftp-server facility. Now that I think about it, I recall fighting with my manager in 2000 to hold off on buying a bunch of F-Secure licenses until openssh implemented the sftp-server subsystem. -- John Abreau / Executive Director, Boston Linux & Unix GnuPG KeyID: 0xD5C7B5D9 / Email: abreauj at gmail.com GnuPG FP: 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
