Try the answers on ServerFault : https://serverfault.com/questions/37629/how-do-i-do-multihop-scp-transfers.
The answers cover a variety of flavours of ssh.
Question
Say I SSH into a server Server1
and from there SSH into server Server2
which is only accessible from a connection to Server1
. Below simulates the example terminal commands for this behaviour:
[name@mylaptop]$ ssh user@Server1
user@Server1's password:
*** Welcome to Server1! ***
[user@Server1]$ ssh user2@Server2
user2@Server2's password:
*** Welcome to Server2! ***
[user2@Server2]$
Now I have a file, named file.txt
in my home directory on Server2
:
[user2@Server2]$ ls
file.txt
[user2@Server2]$
Is it possible to use scp
to copy file.txt
from Server2
onto mylaptop
with a single command (i.e. not needing to first copy the file to Server1
)?
In other words, can this be done easier than the following:
[name@mylaptop]$ ssh user@Server1
user@Server1's password:
*** Welcome to Server1! ***
[user@Server1]$ scp user2@Server2:~/file.txt .
user2@Server2's password:
file.txt 100% 690 0.7KB/s 00:00
[user@Server1]$ logout
Connection to Server1 closed.
[name@mylaptop]$ scp user1@Server1:~/file.txt .
user@Server1's password:
file.txt 100% 690 0.7KB/s 00:00
[name@mylaptop]$ ls
file.txt
La solution 3
Try the answers on ServerFault : https://serverfault.com/questions/37629/how-do-i-do-multihop-scp-transfers.
The answers cover a variety of flavours of ssh.
Autres conseils
It's possible and relatively easy, even when you need to use certificates for authentication (typical in AWS environments).
The command below will copy files from a remotePath
on server2
directly into your machine at localPath
. Internally the scp request is proxied via server1
.
scp -i user2-cert.pem -o ProxyCommand="ssh -i user1-cert.pem -W %h:%p user1@server1" user2@server2:/<remotePath> <localpath>
If you use password authentication instead, try with
scp -o ProxyCommand="ssh -W %h:%p user1@server1" user2@server2:/<remotePath> <localpath>
If you use the same user credentials in both servers:
scp -o ProxyCommand="ssh -W %h:%p commonuser@server1" commonuser@server2:/<remotePath> <localpath>
You can use port forwarding: Execute
ssh -L60000:Server2:22 user@Server1
in one terminal and keep this process open.
Then in another terminal run
scp -P 60000 user2@localhost:file.txt .
(You can replace 60000 by your favourite port number)