How to Copy Files With Secure Shell
Use the scp command to copy encrypted files between hosts. You can copy encrypted files between either a local and remote host, or between two remote hosts. The command operates similarly to the rcp command except that it prompts for passwords. See scp(1) for more information.
Start the secure copy program.
Specify the source file, user name at remote destination, and destination directory.
myLocalHost% scp myfile.1 johndoe@myRemoteHost:~
Type the Secure Shell passphrase when prompted.
Enter passphrase for key '/home/johndoe/.ssh/id_rsa': <Return> myfile.1 25% |******* | 640 KB 0:20 ETA myfile.1
After you type the passphrase, the progress meter is displayed. See the second line in the preceeding output. The progress meter displays:
the file name
the percentage of the file that has been transferred at this point
a series of asterisks that are analogous to the percentage transferred
the quantity of data transferred
the estimated time of arrival (ETA) of the complete file (that is, the remaining amount of time)
Transferring Files Remotely Using sftp
The sftp command works similarly to ftp but uses a different set of commands. The following table lists some representative commands.
Table 4-3 Interactive sftp Subcommands
How to Set Up Default Connections to Hosts Outside a Firewall
You can use Secure Shell to make a connection from a host inside a firewall to a host on the other side of the firewall. This task is done by specifying a proxy command for ssh either in a configuration file or as an option on the command line. For more information see "Example -- Connecting to Hosts Outside a Firewall From the Command Line".
In general, you can customize your ssh interactions through a configuration file, either your own personal file $HOME/.ssh/config or an administrative configuration file in /etc/ssh/ssh_config. See ssh_config(4). There are two types of proxy commands. One proxy command is for HTTP connections. The other proxy command is for SOCKS5 connections.
Specify the proxy commands and hosts in a configuration file.
Use the following syntax to add as many lines as you need:
[Host outside_host] ProxyCommand proxy_command [-h proxy_server] \ [-p proxy_port] outside_host|%h outside_port|%p
Use the Host outside_host option to limit this proxy command specification to instances when this host (or hosts if a wildcard is used) is specified on the command line.
The designation proxy_command can be replaced by either of the following:
/usr/lib/ssh/ssh-http-proxy-connect for HTTP connections
/usr/lib/ssh/ssh-socks5-proxy-connect for SOCKS5 connections
The -h proxy_server and -p proxy_port options specify a proxy server and a proxy port, respectively. If present, they override any environment variables that specify proxy servers and ports, such as HTTPPROXY, HTTPPROXYPORT, http_proxy (for specifying a URL), SOCKS5_SERVER, and SOCKS5_PORT. If the options are not used, then the relevant environment variables must be set. See ssh-socks5-proxy-connect(1) and ssh-http-proxy-connect(1).
Use outside_host to designate a specific host to connect to or use %h to specify the host on the command line. Use outside_port or %p to specify the port. Specifying %h and %p without using the Host outside_host option has the effect of applying the proxy command to the host argument whenever ssh is invoked.
Run Secure Shell, specifying the outside host.
For example, type:
myLocalHost% ssh myOutsideHost
This command looks for a proxy command specification for myOutsideHost in your personal configuration file. If not found, then the command looks in the system-wide configuration file, ssh_config. The proxy command is substituted for ssh.
Example -- Connecting to Hosts Outside a Firewall From the Command Line
The -o option for ssh lets you type any line that is permitted in an ssh configuration file. In this case the proxy command specification from the previous task is used.
Specify the proxy commands and hosts in a configuration file.
Run ssh and include a proxy command specification as a -o option. For example, type:
% ssh -o'Proxycommand=/usr/lib/ssh/ssh-http-proxy-connect \ -h myProxyServer -p 8080 myOutsideHost 22' myOutsideHost |
This command substitutes the HTTP proxy command for ssh, uses port 8080 and myProxyServer as the proxy server, and connects to port 22 on myOutsideHost.