Re: ssh version 2 "subsystems"



<pwu@xxxxxxxxxxxxx> wrote:
ssh2 supports "subsystems" which apparently means that you can run a
process on the remote server and interact with that process wihtout
prompts.

Yes. Though note that this is no different in effect from just
running a process using the normal method: doing an SSH2 subsystem
request for "sftp" is identical in semantics to doing an SSH2 "exec"
request for "/usr/lib/sftp-server", except that in the former case
you don't have to worry about whether sftp-server is kept in
/usr/lib, /usr/local/lib, /opt/ssh/lib or DKB200:[SSH.UTILS].

Can someone tell me:
1) What subsystems are supported (Linux and Solaris environment)?

Depends on your installation. Look at /etc/ssh/sshd_config.

2) How do I use this feature?

Typically the program invoked by a subsystem is a server designed to
be talked to be a dedicated client program. You wouldn't generally
invoke the "sftp" subsystem by hand, for example: instead you'd run
an sftp client (such as the one provided by OpenSSH), which would
take care of running ssh with the appropriate -s option and
interpret the resulting communications.

I know for instance there is a sftp "subsystem" under openssh and I
have tried:
ssh remote -s sftp
It does not prompt with anything as expected but when I:
put <file>
I expect <file> to be transfered to the remote side but nothing
happens.

Indeed. The program to which you should be typing commands at that
level is not the remote sftp subsystem: it's the local sftp client.
The subsystem is expecting to receive a stream of carefully
formatted SFTP data packets in accordance with the SFTP
specification, which will tell it to do things along the lines of
'open this file for output', 'write the following 4096 bytes to it
starting at offset 12345', 'close the file', 'retrieve a list of
file names in this directory' and so on.

You certainly shouldn't expect to transfer a file to the server by
typing the name of the file on the client side into a process
running on the server side - how would such a process make use of
that file name, without direct access to the client's filesystem?

So instead, you run your local sftp client, which _can_ access your
local filesystem, and will construct the appropriate stream of SFTP
request packets to implement your 'put' commands.
--
Simon Tatham "I'm cross. I'm going to have a tantrum.
<anakin@xxxxxxxxx> <pause> How do I start?" - my uncle
.