Gap

Advanced
Joined
14.09.20
Messages
137
Reaction score
1,265
Points
93
The transport layer protocol provides algorithm negotiation and key exchange. The key exchange includes server authentication and results in a cryptographically secured connection that provides integrity, confidentiality and optional compression. Forward security is provided through a Diffie-Hellman key agreement. This key agreement results in a shared session key. The rest of the session is encrypted using a symmetric cipher, currently 128-bitAES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. The client selects the encryption algorithm to use from those offered by the server. Additionally, session integrity is provided through a crypto-graphic message authentication code (hmac-md5, hmac-sha1, umac-64 or hmac-ripemd160).

The authentication protocol uses this secure connection provided and supported by the transport layer. It provides several mechanisms for user authentication. Two modes are supported by the OCSBC: traditional password authentication and public-key authentication.


SFTP Operations​

SFTP performs all operations over an encrypted SSH connection. It may also use many features of SSH, such as public key authentication and compression. SFTP connects and logs into the specified host, then enters an interactive command mode. Once in interactive mode, SFTP understands a set of commands similar to those of FTP. Commands are case insensitive and pathnames may be enclosed in quotes if they contain spaces.
The following lists supported SFTP commands:

  • bye—Quit SFTP.
  • cd pathChange—Remote directory to path.
  • lcd pathChange—Local directory to path.
  • chgrp grp path—Change group of file path to group. group must be a numeric GID.
  • chmod mode path—Change permissions of file path to mode.
  • chown own path—Change owner of file path to own. own must be a numeric UID.
  • dir (or ls)—List the files in the current directory.
  • exit—Quit SFTP.
  • get [flags] remote-path [local-path]—Retrieve the remote-path and store it on the local machine. If the local path name is not specified, it is given the same name it has on the remote machine. If the -P flag is specified, then the file's full permission and access time are copied too.
  • help—Display help text.
  • lcd—Change the directory on the local computer.
  • lls—See a list of the files in the current directolls [ls-options [path]Display local directory listing of either path or current directory if path is not specified.
  • lmkdir path—Create local directory specified by path.
  • ln oldpath newpath—Create a symbolic link from oldpath to newpath.
  • lpwd—Print local working directory.
  • ls [path]—Display remote directory listing of either path or current directory if path is not specified.
  • lumask umask—Set local umask to umask.
  • mkdir path—Create remote directory specified by path.
  • put [flags] local-path [local-path]—Upload local-path and store it on the remote machine. If the remote path name is not specified, it is given the same name it has on the local machine. If the -P flag is specified, then the file's full permission and access time are copied too.
  • pwd—Display remote working directory.
  • quit—Quit SFTP.
  • rename oldpath newpath—Rename remote file from oldpath to newpath.
  • rmdir path—Remove remote directory specified by path.
  • rm path—Delete remote file specified by path.
  • symlink oldpath newpath—Create a symbolic link from oldpath to newpath.
  • ! command—Execute command in local shell.
  • !—Escape to local shell.
  • ?—Synonym for help.
 
Top Bottom