1
I need to set up file transfer for which I've received the following access info. But I'm not sure how to connect, having hardly used SSH before. The instructions I got are:
First: ssh user1@domain1.com, password: password1
then: ssh user2@domain2.com, password: password2
I'm on a Mac. What client and settings should I use?
Nimbuz
Posted 2009-10-02T03:20:17.670
Reputation: 575
3
Ok, apparently you said the first server is just a relay, so let's use a SSH Tunnel. Here is what you can do in Terminal:
ssh -N -t -x -L 45454:domain2.com:22 user1@domain1.net
After entering the password you will not see anything happen. (Alternatively: remove the -N to actually see the command prompt of domain1.net.) And then in Transmit, you ask to connect to:
User: user2
Domain (server): localhost
Port: 45454
Protocol: SFTP (SSH)
This should normally allow you to use Transmit to connect to the second server, through the relay of the first one.
When done, stop Transmit, and then in Terminal hit Ctrl-C to stop ssh as well. (Or, if you started ssh without the -N parameter, then type exit instead of using Ctrl-C.)
Thibault Martin-Lagardette
Posted 2009-10-02T03:20:17.670
Reputation: 174
Stuck at user1@domain1.com's password: since last 20 mins although I entered the correct pass; – Nimbuz – 2009-10-02T05:16:50.100
3You're not stuck, you're probably logged in, and should now continue with Transmit, and when done hit Ctrl-C in Terminal to stop ssh as well. (Or, in Terminal, hit Ctrl-C to stop your first attempt. Then try again without the -N. After entering the first password, you will see the command prompt of the first server. Leave that alone, and do your thing using Transmit. When done, go back to Terminal and type exit.) – Arjan – 2009-10-02T08:33:58.843
As Arjan stated, you're not stuck. You can add the -v argument to see that it is just "idling". This is due to the -N argument, that says "Tunnel only", so it creates the tunnel, and do nothing else, until you quit (which will destroy the tunnel).
So once the password is entered, you can just go over Transmit and login :) – Thibault Martin-Lagardette – 2009-10-02T18:33:22.197
Perfect, worked! :) – Nimbuz – 2009-10-12T11:56:43.497
4
The reason that there will be two logins is that domain2.com will be hidden behind domain1.com, and only accessible from within. This is often done for security reasons, or simply because domain2.com is on a different piece of network not accessible from the outside.
Peter
Posted 2009-10-02T03:20:17.670
Reputation: 338
1Good deduction, Sherlock! :-) – Arjan – 2009-10-02T09:05:17.110
3
try this on a terminal window
ssh username@domain.com
it will ask for your password later
if you don't know what a terminal is, search the spotlight for "terminal"
phunehehe
Posted 2009-10-02T03:20:17.670
Reputation: 777
FYI, the spotlight is at the top right corner of the screen, with a search icon :) – phunehehe – 2009-10-02T03:27:23.997
I've used terminal numerous times, just don't know why two logins. – None – 2009-10-02T03:58:16.797
This question is about transferring files via another system. a <- b <- c – Peter Jenkins – 2013-03-31T11:22:04.287
2
It depends on what you need to do on these machines. Ususally, the best way is to use the command line. To do that, you simply open Terminal (/Applications/Utilities/Terminal.app), where you will be able to enter these commands.
If the only thing you need to do is copy files, then you can use Cyberduck or Transmit. It's an FTP client, but you can use the SFTP mode, which will be a sort of FTP over SSH :). (All servers might no support this mode, in which case you will have to use the scp command)
Thibault Martin-Lagardette
Posted 2009-10-02T03:20:17.670
Reputation: 174
Yes, but here I've two logins and no "server" info? – None – 2009-10-02T03:26:43.617
If you have user1@domain1.com, your username is user1 and your server is domain1.com – Matthew Scharley – 2009-10-02T03:28:59.337
@Nimbuz: The "server" is the part after the @.
This means you'd have: Server: domain1.com, User: user1, Password: password1 – None – 2009-10-02T03:30:17.207
Thanks, I'm able to get pass through the first login, but the directory is empty as its just a relay. Where do I use the second login info? – None – 2009-10-02T03:34:00.200
If I use the second login info directly in 'Transmit', it tries for a couple of mins and returns "Permission Denied" – None – 2009-10-02T04:05:07.657
2
From a purely command line perspective, you would do something like this:
In terminal window #1:
$ ssh -L 2122:domain2.com:22 user1@domain1.com
enter the password when asked (password1). In terminal window #2:
$ scp -P 2122 -o HostKeyAlias=domain2.com user2@localhost:/path/to/remote/file /local/file
entering the password when asked (password2).
The port number 2122 can be anything you'd like (above 1024 and below whatever the max port number is). The port number 22 should not be changed.
HostKeyAlias is set so that the host name can be looked up properly in the known_hosts file.
Joe Casadonte
Posted 2009-10-02T03:20:17.670
Reputation: 3 945
The scp example is unclear, but the rest looks right. 1) HostAliasKey should be HostKeyAlias, but you need to explain why it's necessary/useful or remove it as extraneous. 2) file destination is very unclear (easy to misread), so show an explicit local filename or swap the example so local is source: "scp -P 2122 /file/to/copy user2@localhost:/path/to/destination" or "scp -P 2122 user2@localhost:/path/to/remotefile ./localfile" – quack quixote – 2009-10-02T12:18:46.350
1
Open Terminal (in your Applications/Utilities folder), and type the commands as given. OS X comes with an SSH program.
There are GUI ssh programs, but the command line stuff seems like it's going to be more appropriate for this, since they're giving you the command lines already.
Warren Young
Posted 2009-10-02T03:20:17.670
Reputation: 2 587
I have 'Transmit' app, can I use that? What do I choose - SFTP? – None – 2009-10-02T03:25:20.857
SFTP is an extension to SSH providing file transfer, but is not itself SSH. If all you need is file transfer, SFTP does what you want. If you need to log into the remote server and use its command line, you need a proper SSH program, either the command-line one that comes with OS X, or a GUI one like Fugu. – None – 2009-10-02T03:30:27.057
Yes, I'll only need file transfer. – None – 2009-10-02T03:34:39.840
0
Only if you need to access the files quite often, and only recommended after the procedures using Cyberduck or Transmit have been successful (to ensure your credentials and all are fine):
Mount the domain2.com resources locally using SSHFS with FUSE for OS X (formerly packaged in MacFUSE, but that does not support 10.6 and up).
ssh -L -N 45454:domain2.com:22 user1@domain1.com
sshfs user2@localhost:/ ~/project -oport=45454,follow_symlinks,volname=Project
The second line can also be done through a GUI, using Macfusion, but then be sure to read the SSHFS notes about that.
Arjan
Posted 2009-10-02T03:20:17.670
Reputation: 29 084
0
What you are tying to do is quick tricky for a newcomer to SSH. Several of the answers here don't even understand what you are asking for!
I've found this guide really good to explain the process of connecting via another host. The diagrams really help.
Peter Jenkins
Posted 2009-10-02T03:20:17.670
Reputation: 438
1
To actually login to the second server, see also "How to (S)FTP to hidden server?" at http://superuser.com/questions/51783/how-to-sftp-to-hidden-server/51790#51790 for a solution using
– Arjan – 2009-10-06T21:18:30.870ProxyCommandin.ssh/config.