ssh version 2 "subsystems"

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
ssh2 supports "subsystems" which apparently means that you can run a
process on the remote server and interact with that process wihtout

Openssh supports subsystems via the -s option.

Can someone tell me:
1) What subsystems are supported (Linux and Solaris environment)?
2) How do I use this feature?

I know for instance there is a sftp "subsystem" under openssh and I
have tried:
ssh remote -s sftp

It does not prompt with anything as expected but when I:
put <file>

I expect <file> to be transfered to the remote side but nothing

Thanks for any insight into this.

Re: ssh version 2 "subsystems"

Quoted text here. Click to load it

Yes. Though note that this is no different in effect from just
running a process using the normal method: doing an SSH2 subsystem
request for "sftp" is identical in semantics to doing an SSH2 "exec"
request for "/usr/lib/sftp-server", except that in the former case
you don't have to worry about whether sftp-server is kept in
/usr/lib, /usr/local/lib, /opt/ssh/lib or DKB200:[SSH.UTILS].

Quoted text here. Click to load it

Depends on your installation. Look at /etc/ssh/sshd_config.

Quoted text here. Click to load it

Typically the program invoked by a subsystem is a server designed to
be talked to be a dedicated client program. You wouldn't generally
invoke the "sftp" subsystem by hand, for example: instead you'd run
an sftp client (such as the one provided by OpenSSH), which would
take care of running ssh with the appropriate -s option and
interpret the resulting communications.

Quoted text here. Click to load it

Indeed. The program to which you should be typing commands at that
level is not the remote sftp subsystem: it's the local sftp client.
The subsystem is expecting to receive a stream of carefully
formatted SFTP data packets in accordance with the SFTP
specification, which will tell it to do things along the lines of
'open this file for output', 'write the following 4096 bytes to it
starting at offset 12345', 'close the file', 'retrieve a list of
file names in this directory' and so on.

You certainly shouldn't expect to transfer a file to the server by
typing the name of the file on the client side into a process
running on the server side - how would such a process make use of
that file name, without direct access to the client's filesystem?

So instead, you run your local sftp client, which _can_ access your
local filesystem, and will construct the appropriate stream of SFTP
request packets to implement your 'put' commands.
Simon Tatham         "I'm cross. I'm going to have a tantrum.

Re: ssh version 2 "subsystems"

SFTP is the most common subsystem, the only other defined subsystem is a
publickey management system used for maintaining the necessary information
for public key authentication between two systems.

In general the subsystems require that a special program be run on the local
end.  This program takes commands from the user, packages them into
subsystem defined packets and sends those packets over SSH2.  When a
response arrives from the subsystem the local program interprets it and
displays necessary information to the user.

Quoted text here. Click to load it

Site Timeline