Subject: Re: [Summer of code] Proposal : a Sftp server
To: None <firstname.lastname@example.org>
From: Ben Harris <email@example.com>
Date: 06/16/2005 10:34:14
In article <firstname.lastname@example.org> you write:
>Ben Harris wrote:
>> That's precisely what the "Subsystem sftp /usr/libexec/sftp-server" in
>> sshd_config does. If you want a better sftp server, replace it there.
>It is and it ain't, if I may say so. In contrast to inetd, there's no
>general, open-ended, well defined interface between sshd and sftp-server.
It's general in that any SSH subsystem could be implemented using it. It's
as open-ended as the SSH subsystem model, which is to say "not very". The
interface isn't particularly well-defined, but it hardly needs to be -- the
subsystem gets run in a trio of pipes (or, presumably, a pty if the client
asks for that) connected to the SSH "session" channel. What it does over
this channel is up to the definition of the subsystem.
>Maybe it's just a dearth of documentation, but afaict sftp-server is
>tailor-made to fit sshd's demands. I'm unaware of any other subsystems
sftp-server is indeed written to work with sshd, but that doesn't mean that
you can't replace it easily.
>It would be nice, I think, to write simple programs that use stdio, and
>wire them up to ssh to get authentication and encryption for free.
Um, that's what I use SSH for all the time. In what way is it difficult?