|SSH File Transfers|
|Written by Scott Ostrander|
|Thursday, 02 February 2006 08:11|
Though FTP has been commonly used in the School of Computing and by many other sites across the globe, it suffers a severe lack of security by passing a user's login information, including their password, via plain text across the network. In order to avoid such a blatent security hole, we are using the encrypted SSH protocol for logins and file transfers. (See A Quick Guide to SSH for more information.) This document is meant to be a quick guide on using SSH/SFTP for file transfers on UNIX and Windows machines.Note:
Note: To use SSH/SFTP from an SoC Facility UNIX machine, You will need /uusoc/bin in your PATHenvironment variable to access the programs mentioned in this guide.
Unix - UnixTransferring files between two Unix systems using SSH is handled by two simple command line programs, scp and sftp.
As the name might imply, sftp works much like a regular ftp client, but transfers are all made across an encrypted channel. To establish a secure ftp connection to a machine, simply use:
Navigation through directories is that same as with a standard shell, ls, cd, rm, et cetera. cd will change your working directory on the remote machine and lcd will change your working directory on your local system.
The actual file transfer process is handled with the get and put commands.
For our example, lets say that you want to grab a couple of files off of a remote Unix machine, which are located in /server/homework. Once you have connected and entered your password, you would simple use:
to reach the desired directory. Using the ls command will show you the files within.
In order to transfer these files to your local machine, you would use get and then the names of the files you wish to transfer. Standard Unix wildcards apply. For example:
sftp> get *.txtsftp will show you the size of the files transfered and how long it took for each file. The put command will transfer files from your local machine to the remote system in much the same way.
Users familiar with standard ftp clients might be a little confused about selecting "binary" or "ASCII" transfer mode. Don't worry about it, binary mode is the only mode that sftp supports, the commands are simply there as legacy.
SCPIf you only have a few files to transfer, you can save a little time using the scp command instead of sftp.
scp works much like rcp, for those who are familiar with the remote shell tools. All interaction is handled on the command line. File transfers can be done in either direction. Using the same files from our example above, transferring them using scp would work like this:
> scp "remotemachine:/server/homework/*.txt" .
Notice that the wildcard listing for the remote machine must be in double quote marks for the string to be passed correctly. The period at the end of the line tells scp to copy the files to the current directory of the local machine. Of course, you can specify any local directory that you can write to, like /tmp or/tmp/mydir or ./mydir.
Transferring files to a remote machine is done in much the same way:
> scp *.txt remotemachine:.Note that the wildcard string does not need quotes when specifying files on the local machine. Also, the remotemachine:." tells scp to use your home directory on the remote system. Again, you can use any directory you can write to, like remotemachine:/tmp.
Please refer to the man pages for sftp and scp references beyond the scope of this guide.
Unix - Windows (with SecureCRT)
The School of Computing uses SecureCRT for our ssh client on Windows machines. Because the standard scp and sftp tools are not available through SecureCRT, file transfers are handled using the Zmodem protocol which runs across the encrypted channel. Like most Windows programs, dialog boxes are used to select files for transfer.
To send files to a remote Unix machine using SecureCRT, you first need to create a file list. Select "Zmodem Upload List..." from the "Transfer" menu. The following dialog will appear. Simply select the files you wish to transfer with the mouse and click on the "Add" button.
You can add any number of files to the transfer list that you wish. Selecting files can be done by dragging the mouse cursor, and specific files can be added by holding down the Control key while clicking on individual items. When all the files you wish to transfer are shown in the "Files to send" box at the bottom of the dialog, click on the "Close" button.
The last step is the start the transfer itself. Go back to the "Transfer" menu and select "Start Zmodem Upload". "rz" will automatically be started on the remote Unix machine and your files will be transfered to it.
Transferring files from a remote Unix system to your local Windows machine is much less complicated to accomplish. At the shell prompt type:> sz <my_filelist>
Where <my_filelist> is either a list of individual files or a wildcard completion, such as "*.txt". SecureCRT will automatically start the file transfer once you start the "sz" command.