View previous topic :: View next topic |
Author |
Message |
mike155 Advocate
Joined: 17 Sep 2010 Posts: 4438 Location: Frankfurt, Germany
|
Posted: Fri Apr 19, 2019 2:07 am Post subject: scp is ... outdated? |
|
|
I use scp every day to transfer files.
And now they tell me that scp is ... outdated?
https://www.openssh.com/releasenotes.html wrote: | The scp protocol is outdated, inflexible and not readily fixed. We recommend the use of more modern protocols like sftp and rsync for file transfer instead. |
Which programs do you use to transfer files? |
|
Back to top |
|
|
1clue Advocate
Joined: 05 Feb 2006 Posts: 2569
|
Posted: Fri Apr 19, 2019 2:32 am Post subject: |
|
|
That's news to me.
It says use sftp to transfer. Which is a little confusing because scp is sftp with a different syntax.
They also suggest rsync which is IMO a step way backward. |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 22746
|
Posted: Fri Apr 19, 2019 3:25 am Post subject: |
|
|
The wire protocol for scp is a horrid mess inherited from rcp. Abandoning the wire protocol is a decent idea, but I have not seen any technical reasons why the command line tool needs to be retired instead of replaced with a wrapper that provides argument-driven sftp support. In my opinion, replacing scp with a tool that uses the sftp wire protocol is a far easier proposition to the user base than declaring that scp is dead and everyone must convert to use sftp explicitly. |
|
Back to top |
|
|
Muso Veteran
Joined: 22 Oct 2002 Posts: 1052 Location: The Holy city of Honolulu
|
Posted: Fri Apr 19, 2019 5:39 am Post subject: |
|
|
I use scp all the time. It's not the only protocol I use, but it's one in which I still find utility. _________________ "You can lead a horticulture but you can't make her think" ~ Dorothy Parker
2021 is the year of the Linux Desktop! |
|
Back to top |
|
|
Anon-E-moose Watchman
Joined: 23 May 2008 Posts: 6169 Location: Dallas area
|
Posted: Fri Apr 19, 2019 9:37 am Post subject: |
|
|
If I'm just transferring a file or few files, from desktop to laptop I usually use scp. _________________ UM780, 6.1 zen kernel, gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
Back to top |
|
|
Tony0945 Watchman
Joined: 25 Jul 2006 Posts: 5127 Location: Illinois, USA
|
Posted: Fri Apr 19, 2019 12:38 pm Post subject: |
|
|
Quote: | The scp protocol is outdated, inflexible and not readily fixed. We recommend the use of more modern protocols like sftp and rsync for file transfer instead.
| NIH! "New and improved" if you have ever watched '50s television commercials. It all comes down to NIH, so let's f**k with it.
Now another package to freeze before it's horribly maimed, like openrc. |
|
Back to top |
|
|
Syl20 l33t
Joined: 04 Aug 2005 Posts: 621 Location: France
|
Posted: Fri Apr 19, 2019 12:55 pm Post subject: |
|
|
Perhaps this is related ? |
|
Back to top |
|
|
tld Veteran
Joined: 09 Dec 2003 Posts: 1846
|
Posted: Fri Apr 19, 2019 2:13 pm Post subject: |
|
|
Somehow going way back I ended up always using rsync as apposed to scp. I still do and it seems second nature. I always found it t be a bit more flexible especially when it comes to transferring entire directories etc. The single most important thing to understand about rsync...one that will screw you up big time if you're not aware...is the importance of trailing slashes on directory names. That is, for example:
Code: | rsync -rv somedir user@somehost: | ...will recursively send the directory somedir to the users home, whereas: Code: | rsync -rv somedir/ user@somehost: | ...will send the contents of somedir to the home. Obviously doing the latter by mistake can make an unwanted mess...and given how bash completion tends to add the trailing slash, it's an easy mistake to make. Once I understood that, I always found it's syntax to be better.
EDIT: Another thing I've always preferred about rsync is that scp sort of forces the progress on you unless you use -q, which outputs nothing at all, whereas rsync has -v (which displays the files being transferred) and --progress gives you a progress bar.
Tom
Last edited by tld on Fri Apr 19, 2019 2:40 pm; edited 1 time in total |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Fri Apr 19, 2019 2:24 pm Post subject: |
|
|
The sftp protocol is also outdated (22 years), inflexible (it's based on FTP after all, which predates RCP by over a decade) and not readily fixed. But it's at least not packing a gaping security hole.
Use sshfs if you have a lethal allergy to new (or in this case, 50 years old) ideas. |
|
Back to top |
|
|
1clue Advocate
Joined: 05 Feb 2006 Posts: 2569
|
Posted: Fri Apr 19, 2019 2:32 pm Post subject: |
|
|
I have no idea what the inner workings are like, as I've never looked at the code.
That said, it seems to me that a new client could be written to connect to the same server, and solve this?
scp is absolutely the most convenient to use of all the file transfer clients, at least for a quick transfer to a server not specifically set up as a file server.
And what of ssh? Is something outdated about that? |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Fri Apr 19, 2019 2:46 pm Post subject: |
|
|
1clue wrote: | scp is absolutely the most convenient to use of all the file transfer clients, at least for a quick transfer to a server not specifically set up as a file server. |
More convenient than cp, gvfs, kio? |
|
Back to top |
|
|
Naib Watchman
Joined: 21 May 2004 Posts: 6068 Location: Removed by Neddy
|
Posted: Fri Apr 19, 2019 2:56 pm Post subject: |
|
|
Ant P. wrote: | 1clue wrote: | scp is absolutely the most convenient to use of all the file transfer clients, at least for a quick transfer to a server not specifically set up as a file server. |
More convenient than cp, gvfs, kio? | or nc _________________ #define HelloWorld int
#define Int main()
#define Return printf
#define Print return
#include <stdio>
HelloWorld Int {
Return("Hello, world!\n");
Print 0; |
|
Back to top |
|
|
Fitzcarraldo Advocate
Joined: 30 Aug 2008 Posts: 2056 Location: United Kingdom
|
Posted: Fri Apr 19, 2019 5:00 pm Post subject: |
|
|
For one or two files, I use scp. For more, I use rsync.
CVE-2019-6111 wrote: | A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). |
My server is not malicious, and on my home network I'm sure there is no man in the middle, so I'm not losing any sleep. _________________ Clevo W230SS: amd64, VIDEO_CARDS="intel modesetting nvidia".
Compal NBLB2: ~amd64, xf86-video-ati. Dual boot Win 7 Pro 64-bit.
OpenRC systemd-utils[udev] elogind KDE on both.
My blog |
|
Back to top |
|
|
1clue Advocate
Joined: 05 Feb 2006 Posts: 2569
|
Posted: Fri Apr 19, 2019 5:03 pm Post subject: |
|
|
Naib wrote: | Ant P. wrote: | 1clue wrote: | scp is absolutely the most convenient to use of all the file transfer clients, at least for a quick transfer to a server not specifically set up as a file server. |
More convenient than cp, gvfs, kio? | or nc |
You mean transferring to a firewalled non-gui host on the Internet, from the command line? Yes. |
|
Back to top |
|
|
Tony0945 Watchman
Joined: 25 Jul 2006 Posts: 5127 Location: Illinois, USA
|
Posted: Sat Apr 20, 2019 12:37 am Post subject: |
|
|
Fitzcarraldo wrote: |
My server is not malicious, and on my home network I'm sure there is no man in the middle, so I'm not losing any sleep. |
Amen! |
|
Back to top |
|
|
tld Veteran
Joined: 09 Dec 2003 Posts: 1846
|
Posted: Sat Apr 20, 2019 1:01 am Post subject: |
|
|
I hate this recent trend towards getting rid of things because they're "old" or "not maintained" or whatever. A perfect example I ran into recently is rtorrent. I can't tell you how many places I read "oh...don't use that...it's not maintained" etc. I just installed it the other day and frankly it makes every other BT client I tried look like a bloated pile of crap. I love it so far. Considering a staple like scp outdated is right up there.
Having said that however...assuming everyone's referring to the command line scp...I'm genuinely curious as to if/why anyone considers scp to be easier than rsync. As I stated above, I got into using rsync a long time ago and have rarely used anything else whether I'm transferring one file or directories etc. I feel like I must be missing something.
Tom |
|
Back to top |
|
|
Tony0945 Watchman
Joined: 25 Jul 2006 Posts: 5127 Location: Illinois, USA
|
Posted: Sat Apr 20, 2019 2:49 am Post subject: |
|
|
tld wrote: | I'm genuinely curious as to if/why anyone considers scp to be easier than rsync. As I stated above, I got into using rsync a long time ago and have rarely used anything else whether I'm transferring one file or directories etc. I feel like I must be missing something.
Tom |
1. Rsync is great for syncing directories and files. But if you just want to copy, regardless of file date/size, it's overkill.
2. rsync has a bewildering array of options. scp is easy. |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20498
|
Posted: Sat Apr 20, 2019 4:25 am Post subject: |
|
|
Tony0945 wrote: | tld wrote: | I'm genuinely curious as to if/why anyone considers scp to be easier than rsync. As I stated above, I got into using rsync a long time ago and have rarely used anything else whether I'm transferring one file or directories etc. I feel like I must be missing something.
Tom |
1. Rsync is great for syncing directories and files. But if you just want to copy, regardless of file date/size, it's overkill.
2. rsync has a bewildering array of options. scp is easy. | ++
I've never had a problem with scp. I've had "bad results" from trying to figure out the correct command with rsync. rsync does not (or did not) have any secure means of transferring files. So if it has to be done over ssh, why not just use scp? _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
krinn Watchman
Joined: 02 May 2003 Posts: 7470
|
Posted: Sat Apr 20, 2019 8:14 am Post subject: |
|
|
The 2nd problem with rsync is that your server need to run it, while for scp you need a server ready for ssh.
So if i need to ssh to it to activate rsync, well, why not just scp to it?
The problem with todays minds, is that people judge tools by age, not by usage, sure scp and rsync can copy files, but you would be insane to ssh/scp to sync two directories instead of rsync, and it look not sane (for me) to use rsync to copy a file (always scare to fuck up the whole directory while i just want a file copy, not other delete)
What's next? rsync is old, and git can also sync directories -> rsync out?
It always surprise me, because people don't do this silly things in life ; you don't take a ferrari to do off roads, nor you come with a hummer to a speed race.
It remind me a joke from a famous french comic. (yeah sorry, we love joke about belgium)
"How do you know a belgium guy is at a gamecock?"
"He is the only one coming with a duck"
"How do you know the Sicilian mafia is at the game?"
"The duck win" |
|
Back to top |
|
|
tld Veteran
Joined: 09 Dec 2003 Posts: 1846
|
Posted: Sat Apr 20, 2019 9:32 am Post subject: |
|
|
pjp wrote: | I've never had a problem with scp. I've had "bad results" from trying to figure out the correct command with rsync. rsync does not (or did not) have any secure means of transferring files. So if it has to be done over ssh, why not just use scp? |
As far as I know rsync always uses ssh by default. In order to change the ssh behavior (for example specifying a different port, user, RSA key etc) you can use -e "<ssh command>".
krinn wrote: | The 2nd problem with rsync is that your server need to run it, while for scp you need a server ready for ssh.
So if i need to ssh to it to activate rsync, well, why not just scp to it? |
This is true...and you do run into rare cases where a server has no rsyncd support (using xinetd for example).
Tony0945 wrote: | 2. rsync has a bewildering array of options. scp is easy. |
This is true. I guess I just got used to them. As I stated above, the distinction with the trailing slash on the directory / directories that you're sending or receiving is key.
Oddly enough I'll have to look into scp as I've barely ever used it .
Tom |
|
Back to top |
|
|
Syl20 l33t
Joined: 04 Aug 2005 Posts: 621 Location: France
|
Posted: Sat Apr 20, 2019 10:30 am Post subject: |
|
|
krinn wrote: | The 2nd problem with rsync is that your server need to run it, while for scp you need a server ready for ssh. |
Not necessarily, if you use rsync over ssh ( -e).
That said, I use that only in backup scripts. scp is much easier for everyday use. |
|
Back to top |
|
|
Tony0945 Watchman
Joined: 25 Jul 2006 Posts: 5127 Location: Illinois, USA
|
Posted: Sat Apr 20, 2019 12:21 pm Post subject: |
|
|
krinn wrote: | "How do you know a belgium guy is at a gamecock?"
"He is the only one coming with a duck"
"How do you know the Sicilian mafia is at the game?"
"The duck win" |
Krinn, as an American with a Sicilian grandmother, and who grew up in a Chicago suburb noted as home to lower level mafiosi, I laughed out loud when I read that. I don't know about Belgians, but I was amused.
Note, grammar correction: "The duck won" or "The duck wins" .
Present tense: "I win, you win, he wins"
Past tense: "I won, you won, he won"
As a pastiche of Celtic, Old High German, Latin, Norman French, and Norse, the English language has a very inconsistent grammar. |
|
Back to top |
|
|
Tony0945 Watchman
Joined: 25 Jul 2006 Posts: 5127 Location: Illinois, USA
|
Posted: Sat Apr 20, 2019 12:46 pm Post subject: |
|
|
It is possible to drive nails with a screwdriver instead of a hammer. Most carpenters carry both.
Last edited by Tony0945 on Sat Apr 20, 2019 1:31 pm; edited 1 time in total |
|
Back to top |
|
|
Morality124 Tux's lil' helper
Joined: 20 Feb 2018 Posts: 102
|
Posted: Sat Apr 20, 2019 1:23 pm Post subject: |
|
|
1clue wrote: | That's news to me.
It says use sftp to transfer. Which is a little confusing because scp is sftp with a different syntax.
They also suggest rsync which is IMO a step way backward. |
OpenSSH is an OpenBSD project, so I think they are referring to the openrsync fork. |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Sat Apr 20, 2019 1:32 pm Post subject: |
|
|
1clue wrote: | You mean transferring to a firewalled non-gui host on the Internet, from the command line? Yes. |
And again: sshfs and gvfs work fine from a terminal and both let you use standard filesystem tools instead of the journalctl-ish scp. |
|
Back to top |
|
|
|