Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- what does ssh(1) mean?
- Wolfgang Meiners
September 10, 2010, 10:33 pm
rate this thread
the man-page of scp says
scp copies files between hosts on a network. It uses ssh(1) for data
transfer, and uses the same authentication and provides the same
security as ssh(1). Unlike rcp(1), scp will ask for passwords or
passphrases if they are needed for authentication. ..."
but what exactly does ssh(1) mean? Is it version 1 of ssh? Is it more
secure to use sftp instead?
Re: what does ssh(1) mean?
ssh(1) orignally meant "read about this use of the term 'ssh' in section 1
of The Unix Manual".
These days, it means "read about this use of the term 'ssh' by executing
the 'man' command, giving it '1' as the section, as in /man 1 ssh/"
Instead of what?
Instead of scp? No, scp and sftp provide the same security; both run within
the security envelope of ssh.
Instead of rcp? Yes, sftp is more secure than rcp as sftp runs within the
ssh security envelope, and all interactions are secured by ssh encryption,
while rcp runs alone, without any encryption to protect it's authentication
and data transfer process.
Master Codewright & JOAT-in-training | Registered Linux User #112576
Me: http://pitcher.digitalfreehold.ca/ | Just Linux: http://justlinux.ca /
---------- Slackware - Because I know what I'm doing. ------
- Nico Kadel-Garcia
September 11, 2010, 2:31 am
Re: what does ssh(1) mean?
It can be, but for other reasons. It's easier to configure an sftp-
only or chroot caged sftp environment than a chroot caged scp
environment. But that's not something the manual page really gets
That's a reasonable, but different question. sftp is significantly
more secure than rcp or ftp, precisely because it can not only
securely handle passwords, but also because it can use public-private
key pairs and have no local password storage on the server whatsoever,
even encrypted password storage, and force the client to have a valid
SSH key or smartcard to authenticate with. There are some ftp-like
tools these days that use SSL tunneling for similar authentication,
but really, they're not FTP anymore, and they tend to be fragile and
confused by ill-informed people with sftp, which is a distinct
protocol that merely has many of the same commands as FTP.
Unfortunately, neither scp or sftp properly handle symlinks or more
sophisticated ACL's such as the NFSv4 ACL's or Windows ACL's, which
makes them unsuitable for mirroring complex structures. Pushing and
pushing simple files, sure, they're great. Mirroring? Not so good.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum