Creating a ssh tunnel to transfer files?

2

For me, networks are a very "opaque" thing, and even with reading a lot of tutorial about SSH, I do not understand how to create a basic tunnel to transfer my files.

The configuration is the following :

My Computer --[Internet]--> Bridge Machine --[Local Network]--> Final Machine

Currently I do the following :

1) Connect to the Bridge Machine with :
ssh -X username@bridgemachine.something.fr

2) Connect to the Final Machine with :
ssh -X username@finalmachine

3) I copy the address of files I need (for example .../mydirectory)

4) Then I deconnect from the finalmachine with :
exit

5) I copy the files to the bridge :
scp -r username@finalmachine:/.../mydirectory .

6) I deconnect from the bridge with :
exit

7) I copy the files to my machine :
scp -r username@bridgemachine.something.fr:/.../mydirectory .

Which is quite complicated. My question is basic : how to simplify this using a SSH tunnel ?

(and please explain me the signification of each command line you write, to understand what each line really do and to avoid to use it like a magical thing. Furthermore if some ports number are used, explain me if I can pick a completely random number or if I have to choose a specific one.)

Vincent

Posted 2012-11-11T06:01:09.093

Reputation: 275

1

Google on "ssh tunnel tuorial" gives http://www.popcornfarmer.com/2009/01/ssh-tunneling-tutorial/ & http://www.revsys.com/writings/quicktips/ssh-tunnel.html & http://aperiodic.net/phil/ssh/ and many others references

– Basile Starynkevitch – 2012-11-11T07:17:44.127

You could also just run your local ssh to run scp on the bridge machine (give it the scp command to run), then run scp on the local machine, then wrap that all in a shell script. You could easily make one command out of it that way. – Keith – 2012-11-11T14:59:58.173

Answers

3

Set up an ssh config file:

~/.ssh/config

This file will help in a number of ways, but ultimately will allow you to do all this with one step.

First, set up aliases for each machine

Host bridge
User username

Host final
User username

Now you can use "ssh -X bridge" to connect with the first machine.

For this next step you'll need netcat on each machine (try "which nc") to check. Then, use a ProxyCommand with your 'final' machines config so it reads:

Host final
User username
ProxyCommand ssh -CAYq bridge exec nc %h %p

This command sends whatever you want through the central machine to host %h on port %p (meaning if you want to send other app data through on different ports you can - so long as this connection is open)

If you have keys set up there will be no password prompts either, if not: you'll be prompted for bridge's first, then final's.

Now "ssh final" should work, as well as:

scp -r final:/.../directory .

Geodesic

Posted 2012-11-11T06:01:09.093

Reputation: 198

Asked: 2012-11-11T06:01:09.093

Viewed: 3 186 times

Active: 2012-12-01T06:51:13.847