Re: A future for the SSH File Transfer Protocol?

[David Butts <dbutts%maddog.storability.com@localhost>]

Hello, all-

At the risk of making a fool of myself, I'd like to wade in here.

On Sun, Nov 11, 2001 at 11:53:12AM +0100, Markus Friedl wrote:
> On Sun, Nov 11, 2001 at 02:10:59AM -0500, Thor Simon wrote:
> > 1) SCP is a lightweight protocol which is constrained in purpose and
> >    function to be a replacement for traditional Berkeley Unix 'rcp';
> >    SFTP is a much heavier protocol which tries to provide the functionality
> >    of FTP (and perhaps then some) atop the SSHv2 transport layer.
> 
> i don't agree. SFTP fixes the problems in SCP, while FTP
> is much more complex than SFTP. people are just confused
> because of the 3 common letters FTP.

The one advantage I know of that SCP has over SFTP is the ability
to restrict the source/target of a transfer with -f/-t.  That is,
IMHO, invaluable for any kind of batch copy process.  Without it,
it becomes much more difficult to prevent someone who has stolen
a private key from overwriting an authorized_keys file.  If there
is an equivalent means of restricting SFTP, then I'll certainly
use it, but without it, I can't give up SCP.

> > Personally, my taste runs much more to a simple file transfer protocol than
> > to a very rich and complex one, but to date the SSH WG has felt otherwise.
> 
> that's wrong. SFTP is very simple, all it does is
> 	open/read/write/close/opendir/readdir
> 
> SCP might be simpler, but has too many problems.

Again, at the risk of belaboring the point, I actually consider
SCP's lack of flexibility to be a feature, since I use it in
order to restrict access.  The two complement each other nicely,
at least from my perspective as a user, and I would miss SCP if
it went away.

David