Announcement

Collapse
No announcement yet.

OpenSSH 8.0 Released - Addresses SCP Vulnerability, New SSH Additions

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenSSH 8.0 Released - Addresses SCP Vulnerability, New SSH Additions

    Phoronix: OpenSSH 8.0 Released - Addresses SCP Vulnerability, New SSH Additions

    Theo de Raadt and the OpenBSD developers maintaining OpenSSH today unveiled OpenSSH 8.0...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    Can someone provide a example of how a rsync counterparts would be?

    Like:

    scp -i ~/my_server_key user@my_server:~/my_remote_file.txt ./

    Also, rsync is capable of continuing a previously interrupted download/upload? Be it for a network issue or user hitting ctrl+c

    Comment


    • #3
      Unfortunately SFTP is far harder to automate in scripts than scp or rsync, especially if you have to use password instead of public key authentication because that’s all the receiver can set up.

      Comment


      • #4
        Typo:

        Originally posted by phoronix View Post
        experimental quantum-computing resistant key exechange method,

        Comment


        • #5
          OK, so apparently saying "q u a n t u m" is forbidden.

          Comment


          • #6
            Originally posted by andrei_me View Post
            Can someone provide a example of how a rsync counterparts would be?

            Like:

            scp -i ~/my_server_key user@my_server:~/my_remote_file.txt ./

            Also, rsync is capable of continuing a previously interrupted download/upload? Be it for a network issue or user hitting ctrl+c
            rsync -e "ssh -i ..."

            If you interrupt a recursive copy, just do it again, it will only transfer files that are not equal. If you do have big files to transfer, you might want to:
            rsync --partial
            that will keep a partial transferred file, and it will be updated on next rsync.

            So yeah, it's so much more advanced than scp... You can do anything scp can and so much more than what scp can.
            Unfortunately it can't rsync block devices (with a patch it can though).

            Comment


            • #7
              Originally posted by andrei_me View Post
              Also, rsync is capable of continuing a previously interrupted download/upload? Be it for a network issue or user hitting ctrl+c
              rsync is also atomic in replacing the file.

              Comment


              • #8
                Originally posted by Ardje View Post

                rsync -e "ssh -i ..."

                If you interrupt a recursive copy, just do it again, it will only transfer files that are not equal. If you do have big files to transfer, you might want to:
                rsync --partial
                that will keep a partial transferred file, and it will be updated on next rsync.

                So yeah, it's so much more advanced than scp... You can do anything scp can and so much more than what scp can.
                Unfortunately it can't rsync block devices (with a patch it can though).
                Thanks for that. I was wondering how to replace scp myself. I though the other two alternatives needed extra config in order to work, scp just worked for me whenever whereever

                Comment


                • #9
                  You only need to specify -e "ssh ... with rsync if you have a custom ssh port or non-default key location. Otherwise you can just run

                  rsync -avz ./my_files/* remoteserver.com:some_directory/

                  Just like an scp command.

                  Comment


                  • #10
                    Originally posted by fazalmajid View Post
                    Unfortunately SFTP is far harder to automate in scripts than scp or rsync, especially if you have to use password instead of public key authentication because that’s all the receiver can set up.
                    yes it's a real pain, thankfully we have "expect" so that one can write scripts like this:
                    Code:
                    #!/usr/bin/expect --
                    
                    set timeout 60
                    
                    spawn sftp [email protected]:/$argv $argv
                    
                    expect {
                        "[email protected]'s password:" { send "very-top-secret\n" ; exp_continue }
                        timeout { exit 1 }
                    }
                    
                    wait -i $spawn_id
                    Which unfortunately is way less flexible than what you can do with rsync and/or scp.

                    Comment

                    Working...
                    X