Re: scp requieres scp1?

From: Simon Tatham (anakin@pobox.com)
Date: 02/11/02 

From: Simon Tatham <anakin@pobox.com>
Date: 11 Feb 2002 12:33:29 +0000 (GMT)

> On Mon, 11 Feb 2002 12:27:16 +0100, Vic Abell wrote:
>> If the server doesn't support SSH1, it doesn't support scp.

Lucas Grijander <oiulkj2002@yahoo.es> wrote:
> If this is right, I don't understand why you have to use ssh1 to use
> scp. Secure Shell can use scp2 with ssh2. I don't want to use ssh1
> because it is known to have some securitye problems.

This is all a bit confusing, but here's a slightly more accurate
summary.

The traditional scp, which I'll refer to as scp1, is a program which
expects to talk to another copy of itself. So it works by opening an
SSH connection to the server using your local SSH client program,
and then invoking the scp1 binary at the other end. Then the two scp
programs talk to each other and transfer files. Hence, scp1 _can_
work over the SSH2 protocol just as easily as SSH1 - it doesn't even
notice the difference when it invokes the SSH client. The reason it
often doesn't work if you're using ssh.com's product is that they
don't ship the scp1 binary with their SSH2 product - so although the
SSH2 connection is made successfully, the transfer then fails
because the scp binary is unavailable at the far end.

There's a second file transfer protocol available in SSH2 called
SFTP. This is a more general protocol and lends itself to proper GUI
clients, FTP-like command-line clients and probably all sorts of
other interesting types of client as well; ssh.com's `scp2' program
has practically nothing to do with scp1 at all, but is a special-
purpose client for the SFTP protocol. Hence you can't use that to
talk to an SSH1 server at all, because there's no way to invoke SFTP
over an SSH1 connection.

OpenSSH support SFTP in their server, but don't use it in their SCP
client. Instead they just continue to run the scp1 program, over an
SSH1 or SSH2 connection whichever is available. So the upshot of all
this is:

 - You can scp from an ssh.com scp2 client to an OpenSSH server, and
   it will use SFTP and work.

 - You can use any scp1 client to talk to an OpenSSH server and it
   will work.

 - If you try to use OpenSSH's scp client to talk to an ssh.com
   server it will fail, unless you've deliberately installed the
   scp1 program at the server end for backwards compatibility. But
   once you do that, you _can_ speak scp1 over SSH2.

I think a proper SCP client should be able to speak both the scp1
and SFTP protocols, and use whichever is available. This is what
PuTTY's one does. 

-- 
Simon Tatham         "What a caterpillar calls the end of the
<anakin@pobox.com>    world, a human calls a butterfly."