How to copy a file between two remote SSH servers

SSH has a lot of tricks up its sleeve, including the ability to copy files between two remote servers.

How to copy a file between two remote SSH servers

If you administer enough Linux servers you are probably familiar with transferring files between machines, with the help of the SSH command scp. The process is simple:

  1. You log into the server containing the file to be copied.
  2. You copy the file in question with the command scp FILE USER@SERVER_IP:/DIRECTORY

Where FILE is the file to be copied, USER is a remote username, SERVER_IP is the IP address of the remote server, and DIRECTORY is the destination directory that will house the remote file. The process is as second nature as any other Linux command, but what happens when you're spending a good deal of time transferring files from one machine to another? This could turn into a situation where you constantly have to:

  • Log into one machine.
  • Transfer files to another.
  • Log out of the original machine.
  • Log into a different machine.
  • Transfer files to yet another machine.

SEE: Information security policy template download (Tech Pro Research)

What if you could make that process significantly more efficient, by sending files from MACHINE1, to MACHINE2, from MACHINE3? In other words, you can log into one Linux machine and then start transferring files between remote machines, without logging in and out of different servers. What if there was a tool to handle such a task?

There is!

Said tool is, believe it or not, SSH itself.

Let me show you how this is done.

What we're doing

We're going to copy the file /home/jack/techrepublic, from IP address into the /home/jack/techrepublic folder on IP address, working on a machine at IP address

Before we do this, there is a one-time task to undertake: Copying SSH keys to and from these machines (I am assuming you already have your SSH keys generated on all machines.). To do this, execute the following commands:

  • From issue the command ssh-copy-id jack@
  • From issue the command ssh-copy-id jack@
  • From issue the command ssh-copy-id jack@
  • From issue the command ssh-copy-id jack@

Now that all the necessary SSH keys have been copied, log into each machine to test that the SSH key authentication is working. Once you verify that process, you are ready to send the techrepublic file on .53 to .51 from .162. Confused? Don't worry, the command itself will clear things up.

Here's the command to copy the techrepublic file (again, on .53 to .51). Make sure you're logged into .153 and the techrepublic file exists on .53. With that in place, issue the command:

scp -3 jack@ jack@

Since we set up SSH key authentication, you shouldn't be prompted for a password. The file will copy from .53 to .51, and you're finished. You've successfully copied a file between two remote servers, using a secure SSH tunnel.

If you do not add the -3 option, the copy process will fail with an authentication error (Figure A).

Figure A

Figure A: Our copy failed without the -3 option.

Confusing but efficient

Although this process might seem confusing at first, once you get the hang of it, you'll find it far more efficient than using the standard method. This also has the benefit of forcing you into making use of SSH key authentication--an added security layer you should use anyway.

Also see

Image: iStock

By Jack Wallen

Jack Wallen is an award-winning writer for TechRepublic, The New Stack, and Linux New Media. He's covered a variety of topics for over twenty years and is an avid promoter of open source. For more news about Jack Wallen, visit his website jackwallen....