Secure Filetransfer using yscp/dmscp

Nowadays the secure copy command scp is the method of choice for secure file transfer, since the passwords as well as the data itself is encryptetd.

But of course the process of encrypting an decrypting the data needs some computational effort, which may limit the transferrates to a value well below those achieved by the ftp-command

On the other hand, in many cases the encryption of the transmitted data itself is not necessarry, which makes it desirable to have a method, which is secure in the sense of encrypting the passwords but fast, since it does not encrypt the data to be transfered.

Such a method is provided by the yscp/dmscp package developed at Konrad-Zuse-Institut (ZIB), Berlin. We adopted this package to the LRZ machines Hitatchi SR8000, Siemens/Fujitsu VPP, SGI holovis and the Sun-Cluster.

The dmscp program installed at the LRZ uses the Ports 1030 to 1040. If these ports are already occupied by other services on your local machine, please contact us to discuss alternatives.

In the original (ZIB) version, the files to be transferred by yscp/dmscp are piped to the dmscp deamon via the "tar" command. Since the tar command is another bottleneck on the SR8000, this has been changed. Now single files are piped via the cat command, while directories (yscp –r) are still transfered using the tar command.

You can invoke any other program you like for gathering and distributing your data by the environmet variables $TAR and $CAT. (e.g., for using a compressing tar: setenv TAR gtar –Z)

The yscp (perl-)script will start up the dmscp deamon via ssh on the source as well as on the destination site. (It's possible that you will be asked for your password twice. The transfer of the password will be encrypted.) Afterwards your data will be piped by the cat (or tar) command to the dmscp deamon on the source site, tranfered to dmscp deamon running on the destination site, and here it will be written to disk by cat (or tar) again.

Using the yscp/dmscp package you will reach the transfer rates similar to the ftp command, with the additional benefit that the passwords are not sent over the net unencrypted.