Date: Mon, 1 Apr 2002 05:38:00 -0500 From: Zvezdan Petkovic <zvezdan@CS.WM.EDU> To: freebsd-security@FreeBSD.ORG Subject: Re: It's time for those 2048-, 3072-, and 4096-bit keys? Message-ID: <20020401053800.A14193@dali.cs.wm.edu> In-Reply-To: <20020401002447.K2704-100000@walter>; from jason@shalott.net on Mon, Apr 01, 2002 at 12:28:30AM -0800 References: <20020330210748.A1609@dali.cs.wm.edu> <20020401002447.K2704-100000@walter>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Apr 01, 2002 at 12:28:30AM -0800, Jason Stone wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > > Well, for one, the fact that you can't copy from one remote host to > > > another. > > > > Wrong, you _CAN_ copy between two remote hosts. > > scp man page says in the second paragraph of DESCRIPTION: > > > > Any file name may contain a host and user specification to indicate that > > the file is to be copied to/from that host. Copies between two remote > > hosts are permitted. > > > > scp my.office.machine:file.pdf my.home.machine: > > Yes, but it's not what you think - when you did this, what actually > happened was that the client on the machine you started from did: > ssh my.office.machine "scp file.pdf my.home.machine:" > That is to say, you really just copied the file from office to home > without it ever touching the machine in the middle. So if the two end > machines can't see each other, this won't work. And if you can't arrange > to get the password/key/passphrase for the home machine from the middle > machine to the office machine, this won't work. > > > -Jason > Correct. Remember though that the original post was that scp man page is not clear enough. I just tried to show that it is quite clear and correct. Setting the keys correctly is another matter, but my opinion is that it is quite clear too for people who read documentation carefully. Also, the first person in the quote above doesn't claim that copy has to be over the middle machine. But again, you pointed correctly that if these two machines do not allow direct connection to each other then the copying wouldn't work. I don't think scp man page wanted to imply that it would. -- Zvezdan Petkovic <zvezdan@cs.wm.edu> http://www.cs.wm.edu/~zvezdan/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020401053800.A14193>