SSH & SCP

What is SSH

SSH (Secure SHell) is a network protocol which provides a replacement for insecure remote login

and command execution facilities, such as telnet, rlogin and rsh. SSH encrypts traffic in both

directions, preventing traffic sniffing and password theft. SSH also offers several additional useful

features:

Compression: traffic may be optionally compressed at the stream level.

Public key authentication: optionally replacing password authentication.

Authentication of the server: making ”man-in-the-middle” attack more difficult

Port forwarding: arbitrary TCP sessions can be forwarded over an SSH connection.

X11 forwarding: SSH can forward your X11 sessions too.

File transfer: the SSH protocol family includes two file transfer protocols.

Basic SSH usage

Remote login

The basic syntax to log into a remote host is:

ssh hostname

If you want to specify a username, you may do it using an rlogin-compatible format:

ssh -l user hostname

or a slightly more simple syntax:

ssh user@hostname

If you are running your sshd on a non-stand


--------------------------------------------------------------------------

SCP

scp is the original SSH file transfer mechanism. It is modeled on BSD rcp, a protocol with a 15+

year history which has no RFC. Its syntax is very simple:

scp [user@]host:/path/to/source/file /path/to/destination/file

Will copy a remote file to a local destination. To copy a local file to a remote destination, one

uses the opposite syntax:

scp /path/to/source/file [user@]host:/path/to/destination/file

In either of these cases, the source file may be a wild-card matching multiple files. If a patch is

left off the destination file specification, the remote user’s home directory is assumed. E.g.:

scp /home/djm/*.diff hachi:

scp does not support copying between two remote destinations very well. It is possible using the

following syntax:

scp [user@]host1:/path [user@]host2:/path

For this to work, host1 must be configured for password less access to host2 (see section 4). Also

little feedback is given to the user on whether the operation succeeded.

scp can also copy files recursively:

scp -r source-path [user@]host:/destination-path

scp -r [user@]host:/source-path /destination-path

While it is useful for simple file transfer tasks, it has a number of limitations. The most annoying

of these is poor handling of file which contain characters which may be interpreted by the shell

(e.g. spaces). For example:

[djm@roku djm]$ scp "hachi:/mp3/J.S Bach/Matthaus Passion 0101.ogg" /tmp

cp: cannot stat ‘/mp3/J.S.’: No such file or directory

cp: cannot stat ‘Bach/Matthaus’: No such file or directory

cp: cannot stat ‘Passion’: No such file or directory

cp: cannot stat ‘0101.ogg’: No such file or directory

In these cases you need to double-escape the characters in question:

scp "hachi:/mp3/J.S.\ Bach/Matthaus\ Passion\ 0101.ogg" /tmp

Another problem inherent to scp is that it needs to be able to find a scp binary at the remote end.

Usually such commands are correctly installed in the remote systems $PATH, but if they are not

then transfers will fail:

[djm@roku djm]$ scp hachi:/tmp/foo /tmp

bash: scp: command not found

Comments

Post a Comment

Popular posts from this blog

Is a Google Talk Contact Invisible?

Image
Is a Google Talk Contact Invisible? Sometimes error messages can reveal more than they were supposed to. Rahul Bansal writes about a simple trick that helps you find out if one of your Google Talk contacts is offline or uses the invisible mode. The trick takes advantage of Google's off the record feature which lets you chat with your contacts without saving the conversations in Gmail. "Chats that have been taken off the record aren't stored in your Gmail chat history, or in the Gmail chat history of your contact. You and the person you're talking to can both see when a chat is taken off the record, and you'll be notified if off the record mode is disabled. Your off the record settings will apply whenever you chat with this person, until one of you makes a change." Let's say you want to know if your co-worker Michael is really offline. If you start a chat when he is online and select "go off the record", none of your messages will be saved in Mi
Read more

How Web Works

Inside This Article 1. Introduction to How Web Servers Work 2.The Basic Process 3.Behind the Scenes 4.The Internet 5.Clients and Servers 6.IP Addresses 7.Domain Names 8.Name Servers 9.Ports 10.Protocols 11.Putting It All Together 12.Extras: Security 13.Extras: Dynamic Pages 14.Lots More Information 15.See all Internet articles Basic Process Your browser formed a connection to a Web server, requested a page and received it. Behind the Scenes If you want to get into a bit more detail on the process of getting a Web page onto your computer screen, here are the basic steps that occurred behind the scenes: • The browser broke the URL into three parts: 1. The protocol ("http") 2. The server name ("www.howstuffworks.com") 3. The file name ("web-server.htm") • The browser communicated with a name server to translate the server name "www.howstuffworks.com" into an IP Address, which it uses to connect to the server machine. • The browser then formed a conn
Read more