Date: Mon, 4 Sep 2000 01:24:07 +0300 From: Peter Pentchev <roam@orbitel.bg> To: Ali Alaoui El Hassani <961BE653994@stud.alakhawayn.ma> Cc: CrazZzy Slash <slash@krsu.edu.kg>, freebsd-security@FreeBSD.ORG Subject: Re: Ssh2, sftp port Numbers continue..... Message-ID: <20000904012407.B61559@ringwraith.office1.bg> In-Reply-To: <Pine.SOL.3.96.1000903220427.5359A-100000@stud.alakhawayn.ma>; from 961BE653994@stud.alakhawayn.ma on Sun, Sep 03, 2000 at 10:08:49PM %2B0000 References: <20000904005915.A61559@ringwraith.office1.bg> <Pine.SOL.3.96.1000903220427.5359A-100000@stud.alakhawayn.ma>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 03, 2000 at 10:08:49PM +0000, Ali Alaoui El Hassani wrote: > Dear All, > > My wonder is that since sftp and ssh use the same port number 22. > > So how do they get dispatched at the level of tcp to the receiving > applicatons sftp and ssh of remote host ? > Please read again what I wrote before :) I wrote that sftp executes the SSH client - thereby the SSH server is executed on the remote side. sftp passes a command to execute to the client, which passes it to the server - and the remote sshd executes the sftp server. - you invoke sftp hostname; - sftp invokes ssh hostname /path/to/sftpserv; - ssh establishes an SSH connection to hostname; - sshd at hostname is executed; - ssh (local) asks you for a password; - sshd (remote) verifies and acknowledges the password; - ssh (local) asks sshd (remote) to execute /path/to/sftpserv; - sshd (remote) executes sftpserv; - sftp (local) talks to ssh (local), which relays to sshd (remote), which is actually already overlaid by sftpserv (remote); - you have an sftp (local) to sftpserv (remote) connection. As you can see, this requires an sshd on the remote side to verify your password/rhosts/shosts/identity-file, and allow you to execute the sftpserv on the remote side. There is no sftpserv service per se, it is just a program that sshd executes. Maybe what you are missing is that you can use SSH to execute just one program on the remote side, rsh style, without actually allocating a virtual terminal, starting a shell, running startup scripts and such. Just try: ssh someuser@somehostname /usr/bin/w ssh connects to sshd, sshd executes /usr/bin/w, w shows some output and the connection is closed. This is exactly the case with sftpserv, only sftpserv does not 'show some output' and die, rather it communicates with the sftp client at your side to let you transfer files any way you want to. Sorry for the long explanation, hope it helped a bit :) G'luck, Peter -- This sentence every third, but it still comprehensible. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000904012407.B61559>