Announcement

Collapse
No announcement yet.

OpenSSH 8.7 Released With Experimental SFTP Support For SCP

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenSSH 8.7 Released With Experimental SFTP Support For SCP

    Phoronix: OpenSSH 8.7 Released With Experimental SFTP Support For SCP

    OpenSSH 8.7 is out today as the newest feature release for this widely-used SSH server/client software...

    https://www.phoronix.com/scan.php?pa...px=OpenSSH-8.7

  • #2
    Nice to see some alternatives to FTP and FTPS since those protocols are awful!

    I think they ought to port OpenSSH to Rust, maybe not all of it, but at least the daemon so that it may be safer against remote exploits.
    Last edited by uid313; 20 August 2021, 02:52 PM.

    Comment


    • #3
      Originally posted by uid313 View Post
      Nice to see some alternatives to FTP and FTP since those protocols are awful!

      I think they ought to port OpenSSH to Rust, maybe not all of it, but at least the daemon so that it may be safer against remote exploits.
      FTP and FTP eh?

      Will NEVER happen. That would destroy the portability of OpenSSH.

      Comment


      • #4
        Originally posted by brad0 View Post

        FTP and FTP eh?

        Will NEVER happen. That would destroy the portability of OpenSSH.
        Sorry, I typed wrong, I meant FTP and FTPS. FTPS is FTP over TLS, like HTTPS is HTTP over TLS.
        FTP is a terrible protocol!
        It is awful!

        Comment


        • #5
          Originally posted by uid313 View Post
          I think they ought to port OpenSSH to Rust, maybe not all of it, but at least the daemon so that it may be safer against remote exploits.
          It seems to be the OpenSSL layer that is the most prone to security issues. It would be better that got a rewrite (Rust is fine but I think I would be happy with *any* rewrite). Rust is basically just a thin dependent layer and doesn't do much on its own. It is the dependencies it pulls in. All written in C.

          So no point OpenSSH in Rust being done when it is built on top of sand and mud anyway.
          Last edited by kpedersen; 20 August 2021, 03:46 PM.

          Comment


          • #6
            Originally posted by kpedersen View Post

            It seems to be the OpenSSL layer that is the most prone to security issues. It would be better that got a rewrite (Rust is fine but I think I would be happy with *any* rewrite). Rust is basically just a thin dependent layer and doesn't do much on its own. It is the dependencies it pulls in. All written in C.

            So no point OpenSSH in Rust being done when it is built on top of sand and mud anyway.
            I think you're right. But there is also LibreSSL and BoringSSL.

            Comment


            • #7
              Originally posted by uid313 View Post
              I think you're right. But there is also LibreSSL and BoringSSL.
              Definitely would NEVER happen with LibreSSL.

              Comment


              • #8
                Originally posted by brad0 View Post

                Definitely would NEVER happen with LibreSSL.
                I do get a few chuckles when guys jump on the OpenBSD mailing lists to recommend such a thing. Certainly a guilty pleasure of mine.

                Comment


                • #9
                  Originally posted by uid313 View Post

                  I think you're right. But there is also LibreSSL and BoringSSL.
                  And GnuTLS

                  Comment


                  • #10
                    Originally posted by S.Pam View Post

                    And GnuTLS
                    I'm quite a fan of BearSSL for my own projects. Though for work I tend to stick to OpenSSL because "its the norm innit!".

                    Comment

                    Working...
                    X