[erlang-questions] scp subsystem

Attila Rajmund Nohl <>
Thu Mar 28 13:25:53 CET 2013


Hello!

There is already an {fd, FD} option in ssh:daemon, so bind first, then
pass the file descriptor.

2013/3/28 Stefan Jahn <>:
> Hello Ingela,
>
> after some experimentation I have an almost completed scpd server
> implementattion at hand.
>
> Some issues still remain:
>
> 1) for privileged ports for ssh:daemon() I suggest to have a callback
>    to the ssh options to obtain listen() handle from e.g. fd_server.
>    What do you think?
>
> 2) save path handling (resolve symlinks); I leave this out, because
>    I've seen in sftpd implementation similar thing.  Probably we should
>    share functions across scpd and sftpd?
>
> 3) fine grained file permissions per user base: r/w for list of
>    directories, I leave it out for now, because not necessery so far
>    for my own purposes
>
> 4) ssh channel flushing/eof/close on the last transferred file in
>    source mode of the scpd server.  needs some more investigations...
>    that why I wrote the "scp eow" topic on the list.
>
> 1) until 3) is not that big problem, but 4) need to be solved.  After
> that I would be happy to contribute if you are interested...
>
> What do you think?
>
> BR, Stefan.
>
> On Tue, March 19, 2013 3:04 pm, Ingela Andin wrote:
>> Hello again,
>>
>> If you do a general scp client/server implementation you should
>> consider contributing it.
>> We would be interested.
>>
>> Regards Ingela Erlang/OTP team - Ericsson AB
>>
>> 2013/3/19, Ingela Andin <>:
>>> Hi!
>>>
>>> 2013/3/19, Stefan Jahn <>:
>>>> dear erlang'ers,
>>>>
>>>> after reading some documentation on ssh otp system I ended up with:
>>>>
>>>>     ssh:daemon({0,0,0,0}, 45678, [{pwdfun, fun auth/2},
>>>> %% create server keys:
>>>> %% ssh-keygen -f /tmp/ssh/ssh_host_rsa_key -N '' -t rsa
>>>> %% ssh-keygen -f /tmp/ssh/ssh_host_dsa_key -N '' -t dsa
>>>>                               {system_dir, "/tmp/ssh"},
>>>>                               {user_dir, "/tmp/ssh"},
>>>> %                             {ssh_cli,{ssh_cli, {ssh_scpd, []}}},
>>>>                               {auth_methods, "keyboard-interactive,password"},
>>>>                               {subsystems, [
>>>>                                             ssh_scpd:subsystem_spec([])
>>>> %                                           ssh_sftpd:subsystem_spec([{vsn, 3}])
>>>>                                            ]}]).
>>>>
>>>> whereas the ssh_scpd module is base on the ssh_sftpd module from otp,
>>>> i.e.
>>>>
>>>> -module(ssh_scpd).
>>>> %-behaviour(ssh_daemon_channel).
>>>> -behaviour(ssh_channel).
>>>>
>>>> -define(UINT32(X), X:32/unsigned-big-integer).
>>>>
>>>> %% External exports
>>>> -export([subsystem_spec/1]).
>>>>
>>>> %% Callbacks
>>>> -export([init/1, handle_ssh_msg/2, handle_msg/2, terminate/2,
>>>> code_change/3]).
>>>>
>>>> implementing the callbacks similar to what we have in ssh_sftpd...
>>>>
>>>> now, when I start
>>>>
>>>> $ scp -P 45678 README :README
>>>>
>>>> authentification works fine as implemented in auth/2, but somehow
>>>> the ssh channel behaviour is not used at all.
>>>>
>>>> 's password:
>>>> {error,{1,erl_parse,["syntax error before: ",[]]}}
>>>> $ Received disconnect from 127.0.0.1: 11: Application shutdown
>>>>
>>>> It seems like scp commands are send into the standard erlang shell
>>>> (which
>>>> I did not specify) and not into the channel.
>>>>
>>>> I am using R15B2.
>>>>
>>>> Could please someone help out here and give me some hint where to
>>>> proceed reading?
>>>>
>>>> Also an abstract description of the difference between the purposes of
>>>> ssh_cli and subsystems options would be appriciated.
>>>
>>> ssh_cli is to customize the shell I do not think you want to use
>>> ssh_cli at all. You should write your scp-deamon as subsystem and then
>>> use an existing scp client to connect to it or
>>> write your own erlang client that opens an ssh connection, requests
>>> the ssh-scp subsystem and then sends scp commands on the channel along
>>> the lines;
>>>
>>> ssh:connect ...
>>> ssh_connection:session_channel...
>>> ssh_connection:subsystem...
>>> ssh_connection:send...
>>>
>>> The client can use the ssh_channel behavior.
>>>
>>> Regards Ingela Erlang/OTP team Ericsson AB
>>>
>>
>
>
> _______________________________________________
> erlang-questions mailing list
> 
> http://erlang.org/mailman/listinfo/erlang-questions



More information about the erlang-questions mailing list