SSH1 authentication for SFTP

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I would like to use sftp in SSH1 mode. It works fine using "-1" option
but I don't understand why sftp doesn't take into account options in
ssh_config where I put the line "Protocol 1" without any effect (only
used by ssh ?) ?.....



Re: SSH1 authentication for SFTP

Quoted text here. Click to load it

I assume you're referring to OpenSSH.

Short answer: sftp doesn't read ssh_config and friends.

Longer answer:
It has to do with the way sftp is invoked between SSHv1 and SSHv2. (SFTP,
BTW, is defined in the SSH2 protocol and isn't part of SSH1.)

For SSHv2, sftp-server is invoked as a "subsystem" whereas for SSHv1 it's
exec'ed directly.  You end up with sftp running something like this:
ssh -1 servername /path/to/sftp-server, or
ssh -2 servername -s sftp-server

So by the time ssh knows whether or not it's dealing with a v1 or a v2
server, it's too late to change the -s ("subsystem") flag.

There was some talk about changing ssh's flags so it had enough
information to run either run the subsystem or the executable once it
knows if it's dealing with v1 or v2.  The question is: should it be
changed?  SFTP isn't part of SSHv1 and it only works as a kind of hack
(it won't work, for example, if client and server have sftp-server in
different locations).

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Site Timeline