Closed. This question is off-topic. It is not currently accepting answers.
Closed 10 years ago.
Locked. This question and its answers are locked because the question is off-topic but has historical significance. It is not currently accepting new answers or interactions.
I need to download a file from server to my desktop. (UBUNTU 10.04) I don't have a web access to the server, just ssh.
If it helps, my OS is Mac OS X and iTerm 2 as a terminal.
In your terminal, type:
scp your_username#remotehost.edu:foobar.txt /local/dir
replacing the username, host, remote filename, and local directory as appropriate.
If you want to access EC2 (or other service that requires authenticating with a private key), use the -i option:
scp -i key_file.pem your_username#remotehost.edu:/remote/dir/foobar.txt /local/dir
From: http://www.hypexr.org/linux_scp_help.php
You can do this with the scp command. scp uses the SSH protocol to copy files across system by extending the syntax of cp.
Copy something from another system to this system:
scp username#hostname:/path/to/remote/file /path/to/local/file
Copy something from this system to some other system:
scp /path/to/local/file username#hostname:/path/to/remote/file
Copy something from some system to some other system:
scp username1#hostname1:/path/to/file username2#hostname2:/path/to/other/file
scp is certainly the way to go, but for completeness you can also do:
$ ssh host 'cat /path/on/remote' > /path/on/local
or
$ cat /path/on/local | ssh host 'cat > /path/on/remote'
Note, this is UUOC, but < /path/on/local ssh host 'cat > /path' could cause unnecessary confusion.
And to proxy between two hosts:
$ ssh host1 'cat /path/on/host1' | ssh host2 'cat > /path/on/host2'
If the SSH server support SFTP subsystem (this is part of SSH, and unrelated to FTP), use sftp. If it don't, try scp.
CyberDuck support all of them.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I have an alias for ssh'ing to my linux box from my mac machine.
But I am noticing something very weird, or may be I am being stupid.
When I use the alias it works, but when I use what the alias stands for it does not work. For example
bos-mp9ps:~ xyz$ alias ssh
alias ssh='ssh -A xyz#bos-lpaw1'
bos-mp9ps:~ xyz$ ssh -A xyz#bos-lpaw1
bash: xyz#bos-lpaw1: command not found
bos-mp9ps:~ xyz$ ssh
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-65-generic x86_64)
* Documentation: https://help.ubuntu.com/
429 packages can be updated.
0 updates are security updates.
New release '16.04.1 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
You have new mail.
Last login: Tue Jan 3 10:29:27 2017 from 172.19.37.47
xyz#bos-lpaw1:~$
Also I am able to ssh into my linux box from private home networks, but not from public networks such as starbucks etc. Do you know if I have to change anything for this ?
My /etc/hosts on linux machine looks like this:
bos-mp9ps:~ xyz$ cat /etc/hosts
# BEGIN hosts added by Pulse
23.79.238.45 vpn.company.com
# END hosts added by Pulse
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
When I use my linux's box's IP address to login it does not help and it brings me to same position
bos-mp9ps:~ xyz$ command ssh xyz#172.19.37.47
The authenticity of host '172.19.37.47 (172.19.37.47)' can't be established.
ECDSA key fingerprint is SHA256:MQwHj9JTw5d2Vzbz5h5hw2KxmhKmREVGIcrY+PrBxQc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.19.37.47' (ECDSA) to the list of known hosts.
Password:
Last login: Thu Dec 29 15:18:10 2016
Agent pid 971
bos-mp9ps:~ xyz$
Thank you for reading
The others have answered how do fix your alias, but I think the best way of doing this is actually to dispense with aliases altogether and use the ssh configuration file, which is usually in ~/.ssh/config. To match what your alias does, you would put something like this in it (assuming it's using OpenSSH or something similar):
Host linux
User xyz
HostName bos-lpaw1
ForwardAgent yes
With this in place, you would log in to the computer like this:
$ ssh linux
(you can give it any host alias you want, it doesn't have to be "linux").
Why should you do it this way? There are several advantages:
Since you're not hardcoding which host you're logging into like your original alias did, you are free to log into multiple different computers (but you can get this by making one alias for each target computer, so the alias method can also support this).
Host aliases described in .ssh/config are also recognized by rsync and scp. So you are automatically able to do stuff like rsync a.txt linux:b.txt to copy a.txt to the linux computer and naming it b.txt.
To be able to ssh into your computer from public networks, you need a way to get the IP address of your computer. You can either try to set this up using DNS (though that can be a hassle) or if your IP doesn't change very often you can just hard-code it. Of course, if you use Network Adress Translation you will probably need to set up port forwarding on your modem/router, so that incoming connections to your global address get forwarded to the correct local computer.
Problem
ssh is aliased to 'ssh -A xyz#bos-lpaw1'
so
ssh -A xyz#bos-lpaw1
is converted to
ssh -A xyz#bos-lpaw1 -A xyz#bos-lpaw1
So this command is trying to execute the "command" xyz#bos-lpaw1 by the user xyz on the server bos-lpaw1.
Solution
Another alias
Replace
alias ssh='ssh -A xyz#bos-lpaw1'
with
alias sshlpaw='ssh -A xyz#bos-lpaw1'
ssh is a very important program, overriding it with an alias isn't a good idea.
Prevent alias with command
For the cases where you need the usual ssh without alias, you can type :
command ssh -A xyz#bos-lpaw1
in your terminal.
use .ssh/config
see #amaurea's excellent answer.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 1 year ago.
Improve this question
I want to run a command on local system while I have ssh'd to a remote system in bash. Is there a way to do this? This is what I want:
#!/bin/bash
ssh mysystem#ip <<'SSH'
#Do something
#Run a command here on local machine and not on machine I have sshed to
#Do Something
exit
SSH
Edit: I want to echo some message and since echo command output won't show from remote machine, I want to run from local.
WHen you are using SSH, the key sequence <enter>~ is a escape prefix that allows you to pause SSH and send key sequences to the ssh client on the host-side.
The sequence <enter>~<ctrl + z> will pause (stop) the ssh-client job and drop you to a prompt in the calling system. Typing fg (if ou are on a Unix shell) will resume your ssh session afterwards.
You can see other ssh escape sequences avaiable by typing <enter>~?.
The sequence <enter>~. will terminate the connection and is very handy when your session is locked on the remote machine.
(Users with non-US keyboard layouts that use ~ as a dead-key to compose accents and digrams have, obviously, to type ~ twice in all of these sequences)
These sequences are of use from when you are operating the SSH session an d typign commands yourself, not for scripting.
Since you seem to want a way to that in scripts, the straightforward solution is to include an ssh command back to the originating host.
I have an approach which is pretty hacky, but it works.
Overview and security caveats
In brief, you use reverse SSH tunnelling to SSH back to your local machine and run a single command, and you connect back using your SSH keys so that no password is required.
NB This approach involves agent forwarding, which comes with a risk:
anyone with root access on the remote host can discreetly access your local SSH agent through the socket. They can use your keys to impersonate you on other machines on the network.
The risk is lessened in your case because the SSH session is only open for the duration of the command. But I'm not a security expert so can't comment further.
An alternative would be to generate a specific keypair just for this connection and use that, but I'm not sure how scriptable this would be.
The second security caveat is that this approach involves running an SSH server on your local machine. See my notes at the end of this answer for more on that.
Details
First of all, your SSH command needs some extra parameters:
ssh mysystem#ip -A -R 2900:localhost:22
-A forwards your credentials (detailed article on agent forwarding). You'll use them when connecting back to your local machine.
-R 2900:localhost:22 sets up the reverse tunnel. This means that on the remote machine you can run ssh -p2900 yourlocaluser#localhost and it'll SSH back to your local machine. Replace yourlocaluser with the user from your host machine (not the machine you're SSHing into). I picked 2900 as an arbitrary port. It needs to be higher than 1024, I think.
To avoid typing these every time, you can set them in your SSH config (~/.ssh/config) on your local machine. These are the relevant properties:
ForwardAgent yes
RemoteForward 2900 localhost:22
Also, you need to tell your local machine that SSH connections are allowed to connect to it using its own key pair(!) To do this, add the contents of your public key file (e.g. ~/.ssh/id_rsa.pub) to ~/.ssh/authorized_keys.
You can now connect to your remote machine and run a command like this to connect back to your local one:
ssh -t -p2900 yourlocaluser#localhost <command here>
Note, however, that the first time you connect back from the remote machine to your local one using the key, you'll get a warning that the host you're connecting to is unknown. Once you say that you want to continue connecting, it'll save the relevant details to ~/.ssh/known_hosts on the remote machine and not ask again.
You could log in and manually do an SSH to get the details saved. Alternatively, you can update the SSH command that you run on the remote machine, but it comes with an additional security caveat.
Here's the updated command:
ssh -o StrictHostKeyChecking=accept-new -t -p2900 yourlocaluser#localhost <command here>
The security risk is that you're accepting the key without reviewing it and making sure that it's what you're expecting, so you're vulnerable to man-in-the-middle attacks. Again, I'm no security expert, but given that you're connecting using an SSH tunnel rather than a regular SSH connection, I believe that this reduces the risk. If the known hosts file on the remote machine only contains the entry for your local machine, you could update your SSH config to replace the contents of that file with your local machine's key fingerprint from your local machine on login, and then remove -o StrictHostKeyChecking=accept-new from the above.
Note: If you're prompted for your password when trying to SSH back, that suggests that agent forwarding hasn't worked. You probably need to run ssh-add on your local machine or update your local SSH config for the host in question to include AddKeysToAgent yes.
Note about running sshd on your local machine
The above assumes that you're running sshd on your local machine, and thus accepting SSH connections to that machine. That's a security risk in itself. One way of reducing that risk is to specify that SSH is only allowed from localhost, which will work in this case because you're tunnelling back. You can find instructions on how to configure your local SSH server for this here: https://askubuntu.com/questions/179325/accepting-ssh-connections-only-from-localhost
You could also adapt the answer here and use netcat rather than SSH: https://superuser.com/a/1274810/126533
If you can change the script, you can use an expect script for that - expect_example_and_tips
This allows you to start an "ssh process" to which can send commands to the remote machine, while still running on the local machine.
Much easier in python though in my opinion - example:
#!/usr/bin/env python
import pexpect
PROMPT = "\$|\%|\>"
ssh_cmd = "ssh user#192.168.1.1"
try:
ssh = pexpect.spawn(ssh_cmd)
ssh.sendline("echo hello on remote")
ssh.expect(PROMPT)
print "hello on local machine"
ssh.close()
except Exception as e:
print e
sys.exit(2)
If you want to (for argument's sake) run date locally, just don't quote the here document, and any command substitution will be executed locally.
ssh mysystem#ip <<SSH # notice absence of quotes
echo I am logged in from $(uname -n) since $(date)
SSH
Here, the uname and date commands will be executed locally, before the ssh command runs, whereas the echo in the here document will then execute remotely.
(As an aside, there is no need to explicitly exit at the end; the shell will exit when it reaches the end of input. It's hard to imagine a scenario where anything else would make any sense whatsoever.)
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
How do I copy a file using ssh from my test server to my production server, how do I do this for a single file and how do I do this for multiple files?
From Window to Linux
Download https://cygwin.com/ this will give you a proper terminal which will then allow you to run the linux commands as listed below in the From Linux to Linux section.
From Linux to Linux
The essential command is this
The command
scp [ssh login to remote server]:[filepath] [local filepath]
To copy a single file example
scp user#your.server.example.com:/path/to/foo/[filename] /home/user/Desktop/[filename]
To copy a directory example
scp -r user#your.server.example.com:/path/to/foo /home/user/Desktop/
To use full power of scp you need to go through next steps:
Setup public key authentication
Create ssh aliases
Then, for example if you'll have this ~/.ssh/config:
Host test
User testuser
HostName test-site.com
Port 22022
Host prod
User produser
HostName production-site.com
Port 22022
you'll save yourself from password entry and simplify scp syntax like this:
scp -r prod:/path/foo /home/user/Desktop # copy to local
scp -r prod:/path/foo test:/tmp # copy from remote prod to remote test
More over, you will be able to use remote path-completion:
scp test:/var/log/ # press tab twice
Display all 151 possibilities? (y or n)
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
Is it possible to do the following via an SSH tunnel...
Host-1 establishes an SSH connection to a Remote Server
I wish to log into the Remote Server and execute commands over SSH back on Host-1
Host-1 is a device that I will not have access to directly. Host-1 is set up to automatically establish an SSH connection to a remote server via cron. At any point while Host-1 has established an SSH connection to the Remote Server, I wish to log into the Remote Server in order to perform maintenance on Host-1 via SSH.
I am looking for an example of how this would work if its possible.
Like this:
host1$ ssh -N -R 8822:localhost:22 remote.host.com
The optional -N says "don't execute a command" (helpful to prevent accidents caused by leaving remote shells laying around.)
Now from remote, you can SSH to host1 like this: (The remote port 8822 forwards to host1, but only on the loopback interface.)
remote$ ssh -p 8822 localhost
For extra credit, you can export the forwarding to the whole world, allowing anyone get to host1 by hitting remote's port 8822. (Note the extra initial colon)
host1$ ssh -N -R :8822:localhost:22 remote.host.com
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I want to send a file from one Linux machine with IP suppose "192.168.2.25" to other Linux machine that's a server "192.168.2.110"
how can i do that by using Telnet command??
A simple option is to use netcat (nc). This is particularly useful on stripped down Linux systems where services like ssh and ftp are turned off.
On destination machine run the following command: nc -l -p 1234 > out.file
On source machine run the following command: nc -w 3 <dest-ip-adr> 1234 < out.file
For more details look, for example, here.
There are also netcat implementations for Windows, e.g. ncat.
While it may not be possible with only telnet, it is possible with telnet and netcat. Some of the examples above just referenced using netcat, but there have been times when I was on an old machine that was still in production that had telnet but not netcat. In this case, you can set netcat to listen on a newer, remote machine and telnet the file to it.
On the newer remote machine:
netcat -l <PORT> > OUTPUT.FILE
On the older telnet only machine:
cat FILE | telnet REMOTE-HOST PORT
Note that this works with text files. If you have a binary file of some sort you would need to do further manipulation on both ends.
Telnet just gives you a remote terminal session. The best you could do is telnet, open a new file in an editor and copy/paste the text from the local machine.
To copy files use something like rsync, scp, rcp or ftp.