Issues with using Jump Host - linux

How do I transfer a file from my local machine to a remote host to which I need to get through a jump host? These are the steps I follow to connect to the remote host
1. ssh myname#jump-host
2. enter password
3. sudo su - another-random-name
4. ssh name#remote-host
Now I want to transfer a file from my local machine to the remote-host. How would I achieve this? I have already tried scp -oProxyCommand but I don't quite know where I should include step 3 as part of this command?

Use port forwarding to get third host ssh port on your localhost, in this way:
ssh -L 2222:remote-host:22 myname#jump-host
then (on another tab/shell on first host):
scp -P 2222 file myname#localhost:
will copy directly to remote host.

On the jump host under another-random-name run
ssh -L 2222:remote-host:22 myname#jump-host
then on your local computer you can run
scp -P 2222 file name#jump-host:
SCP will try to connect to jump-host, while in fact this connection will be forwarded to jump-host. And will use name as it is connecting to remote-host.
You are probably still facing problem with certificate for another-random-user. You can either create certificate on your machine for your-local-user and put public key on remote-host in user allowed keys.

Related

How do I access a remote (local gitlab instance on remote server) repository over SSH?

The setup is as follows:
remote private server far far away
remote private server has private gitlab instance on port XXXX
remote private server is configured to allow SSH sign-on via SSH key
gitlab instance on port XXXX of remote private server requires SSH key authentication using different SSH key
How can I clone that repository onto my local machine, and push/pull data remotely given that setup?
This is how I access it locally when I am not far, far away from remote private server:
git clone git#XXX.XXX.XX.X:REPODIR/repo_name.git
In this case, XXX.XXX.XX.X is the IP of the local git-lab instance on the remote network.
Is there anyway to tunnel into the remote network and access the gitlab instance by proxy (forgive me for using the word wrong likely).
Thank you.
Ok, mostly thanks to #o11c for this, although here are my findings that led me to be able to clone my repo remotely.
Disclaimer: ProxyJump (-J see ssh manpage) is the shorthand, more modern, version of this but I couldn't get it working -- if anyone wants to update with their implementation of ProxyJump that would be useful!
SSH into your remote account to the main server with port to your gitlab or other application instance, using your main identity (this can be in ~/.ssh or you can manually reference it with -i)
ssh -ND 3131 nkunes#XXX.XXX.1.146 -i ../../keys/XXX-ssh &
I then source this bash script in the shell I intend to run git commands (notice the ProxyCommand usage instead of ProxyJump, this is the old method of doing this yet it works well for me. also notice the 127.0.0.1:PORT should be swapped with your application's port)
alias ssh="ssh -o ProxyCommand='/usr/bin/nc -X 4 -x 127.0.0.1:3131 %h %p'"
export GIT_SSH=~/Desktop/XXX-eng/ssh-access/ssh-proxy.sh
export PRE_SSH_ALIAS_PROMPT="$PS1"
export PS1="<< SSH ALIAS >>$PS1"
Where ssh-proxy.sh is defined as follows: (again, swap the port out for your application, and possibly use ProxyJump if want modern implementation)
ssh -o ProxyCommand='/usr/bin/nc -X 4 -x 127.0.0.1:3131 %h %p' "$#"
Then, you can clone normally using:
git clone git#XXX.XXX.XX.X:REPODIR/repo_name.git

Unable to transfer local file wsl ubuntu terminal to remote server using windows subsystem

I have a file called test1.zip in /mnt/c/Users/test/ folder of my local laptop [in which ubuntu windows subsystem for linux is installed]. Local ubuntu terminal WSL name is lauda
Now, I would like to transfer this zip file called test1.zip to my remote server named stuff.
PLEASE NOTE THAT ALL COMMANDS ARE TRIED FROM MY LOCAL LAPTOP WSL SCREEN [ubuntu screen]
So, I tried the below command from my WSL [local laptop ubuntu WSL terminal]
scp user1#lauda:/mnt/c/Users/test/test1.zip user1#stuff:/home/test/codes/test1
and got the error ssh: Could not resolve hostname lauda: Name or service not known
So I tried the below [replacing the lauda local laptop ubuntu terminal hostname with its IP]
scp user1#172.xx.xxx.xxx:/mnt/c/Users/test/test1.zip user1#stuff:/home/test/codes/test1
this resulted in error as ssh: connect to host 172.xx.xxx.xxx port 22: Connection refused
Now I tried the same command as above but in opposite way as shown below
scp user1#stuff:/home/test/codes/ user1#lauda:/mnt/c/Users/test/test1.zip
and got the below error
ssh: Could not resolve hostname lauda: Temporary failure in name resolution
Later, I tried with IP address
scp user1#stuff:/home/test/codes/ user1#172.xx.xxx.xxx:/mnt/c/Users/test/test1.zip
And I got the below error
ssh: connect to host 172.xx.xxx.xxx port 22: No route to host lost connection
Later, I tried the below commands as well
scp /mnt/c/Users/test/test1.zip user1#stuff:/home/test/codes/
and got an error scp: /home/test/codes/test1.zip: Permission denied
So, I again tried like below
scp user1#stuff:/home/test/codes/ /mnt/c/Users/test/test1.zip
and got an error scp: /home/test/codes: not a regular file
PLEASE NOTE THAT ALL COMMANDS ARE TRIED FROM MY LOCAL LAPTOP WSL SCREEN [ubuntu screen]
How can I transfer local files/folders from my local ubuntu WSL terminal to remote server?
scp /mnt/c/Users/test/test1.zip user1#stuff:/home/test/codes/ is the closest attempt to working. The error you get could be due to one of two reasons:
Firstly user1 does not have permissions to write to /home/test on stuff - makes sense as usually only the test user would be able to write there. (Note that the test user on your WSL instance is not the same profile the test user on the remote.)
Secondly the /home/test/codes/ folder may not even exist yet.
Instead (if you know test's password) copy as the test user :
scp /mnt/c/Users/test/test1.zip test#stuff:/home/test/codes/
Or copy to user1's home directory (after ensuring you have created /home/user1/codes/
scp /mnt/c/Users/test/test1.zip user1#stuff:/home/user1/codes/

Git pull a repository to local computer from a remote computer

I have setup an ssh connection on computer B and I am connecting to it properly via ssh. I want to execute a git pull command so that it would pull the repo to computer A instead of B. Is that too much of a hassle or maybe is there an alternative?
I basically need to copy whatever git pull pulled on computer B to my computer A. The only thing I have is just an ssh connection between the two and the repo is only reachable from computer B.
If I understand correctly, you want to use Git over an SSH tunnel so that computer A can access the repository REPO.git on computer C via computer B
On computer A, open the SSH tunnel:
ssh -L3333:compC:22 compB
From a second console on computer A:
git clone ssh://git#localhost:3333/REPO.git
It's possible to run git commands over double ssh tunnel. The accepted answer there is a bit outdated, ssh currently can construct a tunnel without external commands like netcat or socat.
Configure in your ~/.ssh/config:
Host server
HostName git-server
ProxyCommand ssh -W %h:%p B
This configures ssh to start a connection to the host B and opens a
tunnel over that connection to the host git-server. Run
git pull ssh://server/path/to/repository
Another possible solution is to use ext:: remote helper. See the second answer at the linked question. Run
git pull "ext::ssh -t B ssh git-server %S '/path/to/repository'"
I'm not sure it will answer your question, but if it's only for pulling, you can use the scp command after pulling on B:
scp <source> <destination>
It will copy as the cp command but through your ssh connection.
An other solution,(and the most straightforward solution in my opinion) is to just :
Connect to the remote machine via SSH
Push the remote changes to a git branch
Pull the changes from the remote branch from your local machine

is it posible to SCP remote server to remote server to local in one command line?

I am connected to a bridge server and from there I am connected to another server, so I wanted to know if it's possible to use SCP command to copy files or folders in just one line, without having to stand on the bridge and scp from remote to bridge and then scp from bridge to local.
If its not possible I will understand.
Thank you for any response.
Yes, if your first server supports IO redirect:
scp -oProxyCommand="ssh -W %h:%p user1#server1" user2#server2:/path/to/remote.file local.file

How do I remove default ssh host from ssh configuration?

I used to connect to Amazon web services using ssh command and application.pem key. Now when I try to connect to other platforms such as Github my ssh client looks for same application.pem key and tries to connect to AWS. How do I connect to Github or change the default host and key configuration.I am using a Ubuntu 13.10 system and following is my ssh output.
pranav#pranav-SVF15318SNW:~/.ssh$ ssh
Warning: Identity file application.pem not accessible: No such file or directory.
You need the identity file to login to the box. Use the command:
ssh -i (identity_file) username#hostname"
This worked for me. Write just the filename (without any slashes), unlike Amazon EC2 tutorial which asks you to enter:
ssh -i /path/key_pair.pem ec2-user#public_dns_name
and also check the permission

Resources