Explanation for SCP protocol implementation in JSch library

Question

I am contemplating over an example of JSch library usage which can be found here:
http://www.jcraft.com/jsch/examples/ScpFrom.java.html

I cannot understand several code patterns from this example. Here they are:

1. Is there any reasons to prefer SCP over SFTP, which can be ran using the same library?

2. Why we run scp -f <remote file> on remote host instead of running simply scp source_file_path destination_file_path? Why execution on remote host is better?

3. In the beginning of the transfer there is a line

   while(true){
   int c=checkAck(in);
   if(c!='C'){
       break;
   }
   ...
   

   what is the meaning of this magical C letter? Why C?

4. Why to send this signal all the time?

   // send '\0'
   buf[0]=0; out.write(buf, 0, 1); out.flush();
   

5. how this can read filesize?

   long filesize=0L;
   while(true){
       if(in.read(buf, 0, 1)<0){
           // error
           break; 
       }
       if(buf[0]==' ')break;
       filesize=filesize*10L+(long)(buf[0]-'0'); //What is this??
   }
   

Answer 1

1. Is there any reasons to prefer SCP over SFTP, which can be ran using the same library?

No, the SCP protocol is obsolete. You should always use SFTP nowadays.

Though trivial implementations of the SFTP protocol tend to have slower transfers than SCP (it's not easy to implement the SFTP transfer efficiently due to its packet nature).

2. Why we run scp -f <remote file> on remote host instead of running simply scp source_file_path destination_file_path? Why execution on remote host is better?

It's how SCP protocol works. The OpenSSH scp binary works both as a server and a client. So when you run scp locally, it connects over SSH and runs scp on the server. Then the two instances communicate with each other. The JSch replaces the local instance of the scp. But it still needs the remote instance to complete the transfer.

If you were running scp locally, you would have to have OpenSSH installed on the machine. What is maybe common on Unix, but definitely not on Windows. Also there's no easy/standardized way to capture results from the scp program, to translate them to JSch Java interface. It's the same reason why JSch (or any other SFTP library) implements SFTP protocol on its own, instead of using sftp program.

3. what is the meaning of this magical C letter? Why C?

Every command of the SCP protocol is identified by a single character. The C stands for "file transfer", D stands for "directory transfer", T before file transfer indicates modification time of the next transferred file, etc. I do not know why it's C and not for example F.

4. Why to send this signal all the time?

The NULL (\0) character command is confirmation/response to the other site that the received command was completed.

5. how this can read filesize?

The C command has syntax (it's a human-readable string):

C permissions size filename

For example:

C 0644 153634 index.php

The loop in the code translates the string "153634" to a number 153634. It looks like a bit too complicated implementation, but it works.

---

See also How is SCP (secure copy protocol) file transfer working?