From: djm@openbsd.org Date: Mon, 9 Aug 2021 23:56:36 +0000 (+0000) Subject: upstream: make scp -3 the default for remote-to-remote copies. It X-Git-Tag: V_8_7_P1~28 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bfdd4b722f124a4fa9173d20dd64dd0fc69856be;p=thirdparty%2Fopenssh-portable.git upstream: make scp -3 the default for remote-to-remote copies. It provides a much better and more intuitive user experience and doesn't require exposing credentials to the source host. thanks naddy@ for catching the missing argument in usage() "Yes please!" - markus@ "makes a lot of sense" - deraadt@ "the right thing to do" - dtucker@ OpenBSD-Commit-ID: d0d2af5f0965c5192ba5b2fa461c9f9b130e5dd9 --- diff --git a/scp.1 b/scp.1 index 54285b700..c06ecf68d 100644 --- a/scp.1 +++ b/scp.1 @@ -8,9 +8,9 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.97 2021/08/02 23:38:27 djm Exp $ +.\" $OpenBSD: scp.1,v 1.98 2021/08/09 23:56:36 djm Exp $ .\" -.Dd $Mdocdate: August 2 2021 $ +.Dd $Mdocdate: August 9 2021 $ .Dt SCP 1 .Os .Sh NAME @@ -18,7 +18,7 @@ .Nd OpenSSH secure file copy .Sh SYNOPSIS .Nm scp -.Op Fl 346ABCpqrTv +.Op Fl 346ABCpqRrTv .Op Fl c Ar cipher .Op Fl D Ar sftp_server_path .Op Fl F Ar ssh_config @@ -80,10 +80,11 @@ The options are as follows: Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. -Note that this option disables the progress meter and selects batch mode -for the second host, since +Note that, when using the legacy SCP protocol (the default), this option +selects batch mode for the second host as .Nm cannot ask for passwords or passphrases for both hosts. +This mode is the default. .It Fl 4 Forces .Nm @@ -239,6 +240,15 @@ original file. Quiet mode: disables the progress meter as well as warning and diagnostic messages from .Xr ssh 1 . +.It Fl R +Copies between two remote hosts are performed by connecting to the origin +host and executing +.Nm +there. +This requires that +.Nm +running on the origin host can authenticate to the destination host without +requiring a password. .It Fl r Recursively copy entire directories. Note that diff --git a/scp.c b/scp.c index cb8d049b8..3eda5483d 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.228 2021/08/09 23:49:31 djm Exp $ */ +/* $OpenBSD: scp.c,v 1.229 2021/08/09 23:56:36 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -165,7 +165,7 @@ int showprogress = 1; * This is set to non-zero if remote-remote copy should be piped * through this process. */ -int throughlocal = 0; +int throughlocal = 1; /* Non-standard port to use for the ssh connection or -1. */ int sshport = -1; @@ -482,7 +482,7 @@ main(int argc, char **argv) fflag = Tflag = tflag = 0; while ((ch = getopt(argc, argv, - "12346ABCTdfpqrtvD:F:J:M:P:S:c:i:l:o:")) != -1) { + "12346ABCTdfpqRrtvD:F:J:M:P:S:c:i:l:o:")) != -1) { switch (ch) { /* User-visible flags. */ case '1': @@ -504,6 +504,9 @@ main(int argc, char **argv) case '3': throughlocal = 1; break; + case 'R': + throughlocal = 0; + break; case 'o': case 'c': case 'i': @@ -1984,7 +1987,7 @@ void usage(void) { (void) fprintf(stderr, - "usage: scp [-346ABCpqrTv] [-c cipher] [-D sftp_server_path] [-F ssh_config]\n" + "usage: scp [-346ABCpqRrTv] [-c cipher] [-D sftp_server_path] [-F ssh_config]\n" " [-i identity_file] [-J destination] [-l limit] [-M scp|sftp]\n" " [-o ssh_option] [-P port] [-S program] source ... target\n"); exit(1);