How to SCP a file from a 2-deep connection

StackOverflow https://stackoverflow.com/questions/21614383

  •  08-10-2022
  •  | 
  •  

Question

Say I SSH into a server Server1 and from there SSH into server Server2 which is only accessible from a connection to Server1. Below simulates the example terminal commands for this behaviour:

[name@mylaptop]$ ssh user@Server1
user@Server1's password:
*** Welcome to Server1! ***
[user@Server1]$ ssh user2@Server2
user2@Server2's password:
*** Welcome to Server2! ***
[user2@Server2]$

Now I have a file, named file.txt in my home directory on Server2:

[user2@Server2]$ ls
file.txt
[user2@Server2]$

Is it possible to use scp to copy file.txt from Server2 onto mylaptop with a single command (i.e. not needing to first copy the file to Server1)?

In other words, can this be done easier than the following:

[name@mylaptop]$ ssh user@Server1
user@Server1's password:
*** Welcome to Server1! ***
[user@Server1]$ scp user2@Server2:~/file.txt .
user2@Server2's password:
file.txt                                            100%  690     0.7KB/s   00:00
[user@Server1]$ logout
Connection to Server1 closed.
[name@mylaptop]$ scp user1@Server1:~/file.txt .
user@Server1's password:
file.txt                                            100%  690     0.7KB/s   00:00
[name@mylaptop]$ ls
file.txt
Était-ce utile?

La solution 3

Try the answers on ServerFault : https://serverfault.com/questions/37629/how-do-i-do-multihop-scp-transfers.

The answers cover a variety of flavours of ssh.

Autres conseils

It's possible and relatively easy, even when you need to use certificates for authentication (typical in AWS environments).

The command below will copy files from a remotePath on server2 directly into your machine at localPath. Internally the scp request is proxied via server1.

scp -i user2-cert.pem -o ProxyCommand="ssh -i user1-cert.pem -W %h:%p user1@server1" user2@server2:/<remotePath> <localpath>

If you use password authentication instead, try with 

scp -o ProxyCommand="ssh -W %h:%p user1@server1" user2@server2:/<remotePath> <localpath>

If you use the same user credentials in both servers:

scp -o ProxyCommand="ssh -W %h:%p commonuser@server1" commonuser@server2:/<remotePath> <localpath>

You can use port forwarding: Execute

ssh  -L60000:Server2:22 user@Server1

in one terminal and keep this process open.

Then in another terminal run

scp -P 60000 user2@localhost:file.txt .

(You can replace 60000 by your favourite port number)

Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
scroll top