Re: scp logged anywhere? (ftp-like logs)

• Previous message: Richard E. Silverman: "Re: scp logged anywhere? (ftp-like logs)"
• Maybe in reply to: goo: "scp logged anywhere? (ftp-like logs)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Simon Tatham <anakin@pobox.com>
Date: 27 Mar 2002 09:21:00 +0000 (GMT)

goo <e@3.com> wrote:
> So I guess ftp sessions _can_ be logged becaseu their connections are
> answered.by the single ftp daemon that I started. Other than watching
> bandwidth and traffic, there's no way to tell what they're doing in detail
> when people use ssh? (without starting up packet analyzers)

That's the whole point of ssh, so pretty much, yes.

> Is sftp the same as scp in this manner then? I've looked around the web
> after checking the man pages and openssh.org and I cna't find anything that
> clearly distinguishes the two in the way they function other than the fact
> that sftp runs an interactive ftp-like dialog.

sftp is pretty similar, yes. A special program is run at the far end
of the SSH connection which your client knows how to talk to. The
details of what the program does are different (hence you get an
interactive session rather than a one-off file-transfer-then-close),
but the principle's pretty much the same. The only other refinement
is that SFTP is typically invoked using a `subsystem' (a server-side
program whose location the SSH server has been told by sysadmin) so
that the user isn't forced to guess where the SFTP program binary
is. Of course this increases the effort required for someone to
bypass a logging SFTP server (they'd have to force their SFTP client
to run a specified program instead of the standard subsystem), but
not by much.

-- 
Simon Tatham         "Thieves respect property; they only wish the property to
<anakin@pobox.com>    be their own, that they may more properly respect it."

• Next message: Peter Boosten: "Re: scp logged anywhere? (ftp-like logs)"
• Previous message: Richard E. Silverman: "Re: scp logged anywhere? (ftp-like logs)"
• Maybe in reply to: goo: "scp logged anywhere? (ftp-like logs)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Batch job to perform sftp transfer ... It relies on copying datasets to temporary HFS files ... I used /bin/cat with ssh so that I could transfer the data and pipe it to ... The IBM version of sftp doesn't support datasets, ... Batch job to perform sftp transfer ... (bit.listserv.ibm-main) Re: SFTP without SSH session access ... suppose I have SSH and SFTP access to my system. ... And I still want to allow them SFTP ... Would it be acceptable to run two secure shell daemons ... and would allow connections from the outside. ... (SSH) Re: SPAM sudden increase ... up ssh for some sftp session and saw something odd... ... Dude was on a tech call with f-secure and the tech asked, "So, are you ... To which the dude replied, "Yeah, I'm ... (alt.2600) Re: SFTP is not working ... When I try to use sftp or scp2, I get a message like this: ... sftp and scp2 both actually work by running ssh in a subprocess, ... The reason the shell startup files are relevant at all, ... (comp.security.ssh) Re: Secure file transfer ... We're talking about SFTP, which is a variant how to use SSH to secure the ... FTP protocol. ... is it better to use AUTH SSL or SSH/SFTP?" ... (comp.security.misc)