Find out how to work some SSH magic, by transferring a file from one machine to another from a third.
SSH is an incredibly flexible tool that most every Linux administrator depends upon. SSH has a lot of tricks up its sleeve, one of which allows you to copy files with the scp command. But even that trick has a trick of its own: The ability to copy a file from Server A to Server B from Client C. This comes in handy when you have a lot of work to do and don't want to have to constantly be SSH'ing into a plethora of servers.
What you'll need
To make this happen, you'll need three Linux machines, all of which accept SSH connections. You'll also need SSH keys for authentication.
The first thing that must be done is copying SSH keys to the servers. Here's our server layout:
- Server A - 192.168.1.15
- Server B - 192.168.1.160
- Client C - 192.168.1.7
What we need to do is copy the SSH Keys back and forth to each machine. This is done with the following command:
Where USER is the remote user and IP is the IP address of the machine in question. Make sure to do this from A to B, from A to C, from B to A, from B to C, from C to A, and from C to B.
You should now be able to SSH from Client C to Server A and then from Server A to Server B using SSH key authentication.
How to configure SSH
We now need to map our servers in the ~/.ssh/config file. It used to be that you could simply issue the command:
scp USER@192.168.1.15:/home/USER/test.txt USER@192.168.1.160:/home/USER/test.txt
This is no longer the case. Now you must rely on the ~/.ssh/config file. Open that file with the command:
In that file, you must create new configurations for SERVERA and SERVERB. Those configuration blocks will look like:
Host SERVERA HostName 192.168.1.16 ControlMaster auto ControlPath ~/.ssh/ssh-%r@%h:%p ControlPersist 30m Host SERVERB HostName 192.168.1.22 ControlMaster auto ControlPath ~/.ssh/ssh-%r@%h:%p ControlPersist 30m
Make sure to change the IP addresses to suit your setup.
Save and close the file. You are now ready to copy the file.
How to copy the test file
First we need to copy our test file from Client C to Server A with the command:
scp test.txt USER@192.168.1.15:/home/USER/test.txt
Where USER is the remote username.
Our test.txt file is now on Server A. Now we can copy the test.txt file from Server A to Server B from Client C. To do that, the command is:
scp -3 USER@SERVERA:/home/USER/test.txt USER@SERVERB:/home/USER/test.txt
Where USER is a remote username.
The -3 option instructs the scp command to route traffic through the issuing machine (in our case, Client C), even though a third party will do the actual transfer. By issuing the command this way, authorization credentials must reside only on the issuing PC (Client C) and not the third party.
And that's all there is to copying a file from one server to another, from a third. This is just one of the many tricks SSH has up its sleeve.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Mastermind con man behind Catch Me If You Can talks cybersecurity (TechRepublic download)
- Windows 10 security: A guide for business leaders (TechRepublic Premium)
- How to block SSH attacks on Linux with denyhosts (TechRepublic)
- How to create an SSH jailed user on Debian 9 (TechRepublic)
- How to enable SSH session recording in CentOS 8 (TechRepublic)
- How to run a command that requires sudo via SSH (TechRepublic)
- This aggressive IoT malware is forcing Wi-Fi routers to join its botnet army (ZDNet)
- The best password managers of 2019 (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)