SSH File Transfers
Written by Scott Ostrander   
Thursday, 02 February 2006 08:11

Though FTP has been commonly used in the School of Computing and by many other sites across the globe, it suffers a severe lack of security by passing a user's login information, including their password, via plain text across the network. In order to avoid such a blatent security hole, we are using the encrypted SSH protocol for logins and file transfers. (See A Quick Guide to SSH for more information.) This document is meant to be a quick guide on using SSH/SFTP for file transfers on UNIX and Windows machines.

Note: 
      MacOSX users, via the 
Terminal
       application, can use the command line to perform file transfers, as UNIX systems are described below. In addition, you may use the 
Fugu
     program for a graphical interface to SFTP.

Note: To use SSH/SFTP from an SoC Facility UNIX machine, You will need /uusoc/bin in your PATHenvironment variable to access the programs mentioned in this guide.

 

Unix - Unix

Transferring files between two Unix systems using SSH is handled by two simple command line programs, scp and sftp.

SFTP

As the name might imply, sftp works much like a regular ftp client, but transfers are all made across an encrypted channel. To establish a secure ftp connection to a machine, simply use:

 sftp <hostname>

You will be prompted for your password/passphrase and then dropped into an ftp-like prompt. Typing a "?" at the prompt will show you supported commands.
sftp> ?
Available commands:
cd path Change remote directory to 'path'
lcd path Change local directory to 'path'
chgrp grp path Change group of file 'path' to 'grp'
chmod mode path Change permissions of file 'path' to
'mode'
chown own path Change owner of file 'path' to 'own'
help Display this help text
get remote-path [local-path] Download file
lls [ls-options [path]] Display local directory listing
ln oldpath newpath Symlink remote file
lmkdir path Create local directory
lpwd Print local working directory
ls [path] Display remote directory listing
lumask umask Set local umask to 'umask'
mkdir path Create remote directory
put local-path [remote-path] Upload file
pwd Display remote working directory
exit Quit sftp
quit Quit sftp
rename oldpath newpath Rename remote file
rmdir path Remove remote directory
rm path Delete remote file
symlink oldpath newpath Symlink remote file
version Show SFTP version
!command Execute 'command' in local shell
! Escape to local shell
? Synonym for help
sftp>

Navigation through directories is that same as with a standard shell, lscdrm, et cetera. cd will change your working directory on the remote machine and lcd will change your working directory on your local system.

The actual file transfer process is handled with the get and put commands.

For our example, lets say that you want to grab a couple of files off of a remote Unix machine, which are located in /server/homework. Once you have connected and entered your password, you would simple use: 

cd /server/homework

to reach the desired directory. Using the ls command will show you the files within. 

sftp> ls
myfile1.txt
myfile2.txt
myfile3.txt
sftp>

In order to transfer these files to your local machine, you would use get and then the names of the files you wish to transfer. Standard Unix wildcards apply. For example: 

sftp> get *.txt
myfile1.txt:..................................................................
3397 bytes received in 0.03 secs, 104.90 K/s
myfile2.txt:..................................................................
791 bytes received in 0.01 secs, 56.70 K/s
myfile3.txt:..................................................................
6441 bytes received in 0.02 secs, 219.65 K/s
sftp>
sftp will show you the size of the files transfered and how long it took for each file. The put command will transfer files from your local machine to the remote system in much the same way.

Users familiar with standard ftp clients might be a little confused about selecting "binary" or "ASCII" transfer mode. Don't worry about it, binary mode is the only mode that sftp supports, the commands are simply there as legacy.

SCP

If you only have a few files to transfer, you can save a little time using the scp command instead of sftp.

scp works much like rcp, for those who are familiar with the remote shell tools. All interaction is handled on the command line. File transfers can be done in either direction. Using the same files from our example above, transferring them using scp would work like this: 

> scp "remotemachine:/server/homework/*.txt" .
myfile1.txt | 3 KB | 3.3 kB/s | ETA: 00:00:00 | 100%
myfile2.txt | 0 KB | 0.8 kB/s | ETA: 00:00:00 | 100%
myfile3.txt | 6 KB | 6.3 kB/s | ETA: 00:00:00 | 100%
>

Notice that the wildcard listing for the remote machine must be in double quote marks for the string to be passed correctly. The period at the end of the line tells scp to copy the files to the current directory of the local machine. Of course, you can specify any local directory that you can write to, like /tmp or/tmp/mydir or ./mydir.

Transferring files to a remote machine is done in much the same way: 

> scp *.txt remotemachine:.
myfile1.txt | 3 KB | 3.3 kB/s | ETA: 00:00:00 | 100%
myfile2.txt | 0 KB | 0.8 kB/s | ETA: 00:00:00 | 100%
myfile3.txt | 6 KB | 6.3 kB/s | ETA: 00:00:00 | 100%
>
Note that the wildcard string does not need quotes when specifying files on the local machine. Also, the remotemachine:." tells scp to use your home directory on the remote system. Again, you can use any directory you can write to, like remotemachine:/tmp.

Please refer to the man pages for sftp and scp references beyond the scope of this guide. 

Unix - Windows (with SecureCRT)

The School of Computing uses SecureCRT for our ssh client on Windows machines. Because the standard scp and sftp tools are not available through SecureCRT, file transfers are handled using the Zmodem protocol which runs across the encrypted channel. Like most Windows programs, dialog boxes are used to select files for transfer.

To send files to a remote Unix machine using SecureCRT, you first need to create a file list. Select "Zmodem Upload List..." from the "Transfer" menu. The following dialog will appear. Simply select the files you wish to transfer with the mouse and click on the "Add" button.

You can add any number of files to the transfer list that you wish. Selecting files can be done by dragging the mouse cursor, and specific files can be added by holding down the Control key while clicking on individual items. When all the files you wish to transfer are shown in the "Files to send" box at the bottom of the dialog, click on the "Close" button.

The last step is the start the transfer itself. Go back to the "Transfer" menu and select "Start Zmodem Upload". "rz" will automatically be started on the remote Unix machine and your files will be transfered to it.

Transferring files from a remote Unix system to your local Windows machine is much less complicated to accomplish. At the shell prompt type: 

> sz <my_filelist>

Where <my_filelist> is either a list of individual files or a wildcard completion, such as "*.txt". SecureCRT will automatically start the file transfer once you start the "sz" command.