So, there exists the first SSH server, called A for simplicity, and the files and workspace I want to get to are on another SSH server, called B. Problem is, B is only accessible by SSH'ing to it from A.
So if I were to do this normally, I'd ssh into A, and from there ssh into B, or just ssh -t A "ssh B" which becomes mildly inefficient, if I were to code in B using vim.
So I don't know exactly how to sshfs B onto my local machine, but I can sshfs A. Sshfs'ing B onto A isn't possible, as A doesn't have it installed. Is there a way to sshfs B?
A and B are both Ubuntu Ubuntu 18.04.3 LTS and my computer is a Macbook Pro 2015.
I've tried the SSH-FS extension with VSCode. It only connects to A.
I also tried the Remote-SSH extension, and again, only gets as far as A. I even used -t for the connection command, but it doesn't seem to make any changes to the Remote-SSH config file.
I also tried ssh-fs while tunneled into A. No results there either.
Sorry for the trouble. This is a really niche problem.
You must use .ssh/config to have the ability to connect to B in on command from your Macbook Pro .
a example :
Host serverb.via.servera
HostKeyAlias serverb
User account_on_b
ProxyCommand ssh account_on_a#servera -W serverb:22
before using sshfs , you must test the setting by running :
ssh serverb.via.servera
and if you have your shell , so you can run
sshfs serverb.via.servera:/yourdir/ /tmp/localdir/
remarks:
serverb.via.servera is a arbritrary string , that you must use instead of the host
account_on_a and account_on_b must be replace by the login you use on each servers
Related
I was wondering if it is possible to edit a file with Sublime Text 3 through multi-hop SSH tunnel. In my particular case I have my Mac (let's call it A) and two Linux Machines: B and C. The files are located in C, and I access them with my machine like this:
A -> B -> C
I found these articles that can help but they only talk about editing files in B.
How to open remote files in sublime text 3
Editing files remotely via SSH on SublimeText 3
According to these articles, I can edit files in B installing rsub in the remote machine and a plugin in Sublime at A. I tried to do that in C (yes, i know it is not so useful, but who knows) but I got the error:
user#remote-C:~$ rsub
/usr/local/bin/rsub: connect: Connection refused
/usr/local/bin/rsub: line 327: /dev/tcp/localhost/52698: Connection refused
Unable to connect to TextMate on localhost:52698
I would be happy to know if there is a way to achieve this. Thanks in advance.
I will answer to myself. The solution is to do a SSH tunnelling from A to C with B in between using the ProxyCommand in the ssh config file at ~/.ssh/config.
I added these lines:
Host myMachineC
HostName NAME_OF_MACHINE_C
ProxyCommand ssh USER_IN_B#NAME_OF_MACHINE_B nc %h %p
User USER_IN_C
RemoteForward 52698 localhost:52698 # this is required by rsub
Host defines an alias for the real hostname which is written after the HostName directive. ProxyCommand is a command that is executed when you try to log in myMachineC. nc is a command that...
...by default creates a TCP socket either in listening mode (server socket) or a socket that is used in order to connect to a server (client mode) [1]
Now the machine C is accessible from A by only typing:
$ ssh myMachineC
It is recommendable that you already allowed password-less logins. To achieve this you need to have installed the public key from your home computer into the ~/.ssh/authorized_keys of each host along the way. [2]
In conclusion: With all this procedure, there will be a normal SSH connection to the intermediary machine B and then nc will be used to extend the connection to C. Using this tunnelling, the client can act as if the connection were direct using ssh. That will be useful to use with rsub.
Then, you should install and use rsub as normal and it will work like a charm.
I tried this in OSX Yosemite, but should run in almost any *nix system. I hope it will be useful for you.
Netcat Explanation and Examples
Transparent Multihop in SSH
The accepted solution didn't work for me because I use Host B as a SSH server where my SSH keys are stored. Also my SSH keys have passwords so the ProxyCommand command won't work.
But There's an easier way to do this.
You can add the following to the .ssh/config file on Host B;
Host *
RemoteForward 52698 localhost:52698
You can define a specific host or give the * wildcard for all hosts. This will forward port 52698 for all SSH sessions from Host B.
I need to transfer around 4.2 GB of files from my local computer to a server B. However to ssh into server B, I need to ssh into server A.
Currently I'm copying files from my local computer to server A and then from server A to server B.
So the flow goes like this:
rsync -avz --del ~/Desktop/abc/ <my-user-name>#<server-A>:~/abc
rsync -avz --del ~/Desktop/abc/ <my-user-name>#<server-B>:~/abc
This is slow and copies 4.2 gb of data two times instead of one!
Can I transfer files with rsync from my local computer to directly server B ?
You can always use ssh with proxy command, which allows you to transfer files transparently. Using this config (~/.ssh/config):
Host <server-A>
User <user-A>
Host <server-B>
User <user-B>
ProxyCommand ssh <server-A> -W %h:%p
You can call your rsync:
rsync -avz --del ~/Desktop/abc/ <server-B>:~/abc
The data will be only "routed" over the middle host.
What you want is to use port-forwarding to forward the ssh/rsync port (generally port 22) from server B to alternate ports on server A so when you call rsync -e "ssh -p altport" serverA:/sourcedir /destdir, you are actually invoking rsync from serverB.
There are many good howtos available on StackExchange and other sites. For example:
How to forward a port from one machine to
another?
or
How To Forward Ports through a Linux Gateway with
Iptables
will get you started. Using port-forwarding, you are essentially using serverA as a pass-through host so you will only have to transfer your 4.2G once.
Yes, you can copy the files (and even folders) directly without making any intermediate copies on the contact/login server, which is by default the machine known to the outside world, or contacted to get access to a specific local network.
Below is a simple demonstration using scp without any unnecessary complications. On the local machine, simply do the following:
$ scp -r -o ProxyCommand="ssh -W %h:%p your_username#contact-server.de" your_username#machine_name:/file/path/on/this/machine ~/destination/path/to/save/the/copied/folder
-r option instructs scp to copy the contents of the entire folder.
your_username need not be the same on both machines.
If it is successful, you'll be asked for your passwords on both machines for authentication.
In the above command it is assumed that the typical way to access the machine named as "machine_name" would be via the contact server.
Note:
The above command also works for transferring data from a source remote machine (e.g. s) to a target remote machine (say t). In such a scenario, first ssh to the source remote machine (s) and navigate to the path where the data resides. After that you can simply think of/treat that remote machine as a local/source machine and then simply use the same scp command listed above for copying folders.
For copying individual files, just remove the -r option and provide the path to the specific file that you want to copy.
I regularly have to connect to several systems via ssh using multiple hops. It also happens often that I then want to copy a file from either the destination system to my local system or the other way around in a simple way (my current work flow is copy the file to an external location both machines can see so that it saves me a few hops or if the file is not binary cat it and copy/paste it to the other terminal window).
Is there an easy way to do such a thing?
I am using OSX and iterm2 (obviously I woudn't mind changing the latter).
So the connection is something like (local machine) -> (portal A) -> (machine B) -> (portal C) -> (machine D)
So I would like to copy files from machine A to machine D in a simple way (without copying the file via all hops or creating four tunnels).
It's not quite what you're asking for, but there are some tricks you can play with SSH proxying that simplify this sort of thing enormously. The first thing to get familiar with is proxying multihop SSH connections over netcat. If you have OpenSSH version 5.4 or later on the various hosts, add something like this to your ~/.ssh/config:
Host B
ProxyCommand ssh A -W %h:%p
Host C
ProxyCommand ssh B -W %h:%p
Host D
ProxyCommand ssh D -W %h:%p
If any of the intermediates don't have a new enough version, but do have netcat (nc), you can use something like this instead:
Host D
ProxyCommand ssh C nc %h %p
This'll make ssh D automatically open a tunnel to C to run the connection over, which will automatically open a tunnel to B, ... You'll have to authenticate 4 times (to A, then B, etc) (unless you have public-key authentication set up), but other than that it's transparent. Which means you can use it with sftp D, scp D:/path/to/file, etc.
Now, there's one significant limitation on this for what you describe. You can certainly copy files from e.g. A to D like this:
scp A:/path/to/file D:/path/to/file
...but the file's contents will travel the path A -> your computer -> A -> B -> C -> D. They won't be stored anywhere on that path, but if the network link between you and A is slow (e.g. you're working from home), this'll be a bottleneck. In this case, it'd be best to copy the ~/.ssh/config entries for C and D onto computer A, ssh into A normally, then use scp /path/to/file D:/path/to/file and cut out the extra hops.
BTW, if you want to get fancy, you can add this to your ~/.ssh/config:
Host */*
ProxyCommand ssh $(dirname %h) -W $(basename %h):%p
And then use ssh A/B/C/D etc to built the tunnel path on the spot. See the OpenSSH cookbook for details.
I had to think about this for some time, but if you have set up passwordless authentication using keys, it is possible to do the thing like this:
$ cat test | ssh f21 "tee | ssh f20 \"tee test\""
encrypted ssh key doesn't matter. For transferring through one hop it is quite straightforward, for more hops it can get messy ...
I have a fancy prompt working well on my local machine. However, I'm logging to multiple machines, on different accounts via ssh. I would love to have my prompt synchronized everywhere by ssh command itself.
Any idea how to get that? In many cases I'm accessing machines using root account and I can't change permanently any settings there. I want the prompt synchronized.
In principle this is just setting variable PS1.
Try this :
ssh -l root host -t "bash --rcfile /path/to/special/bashrc"
maybe /path/to/special/bashrc can be /tmp/myrc by example
I am running a local bootstrap.sh script from OSX on a remote Ubuntu server which does some "if else then" stuff to load a specific subscript.sh when a specific condition is met.
I am running that local script with:
ssh user#host "bash -s" <~/projects/projectname/bootstrap.sh
I am having issues with getting the subscript.sh sourced (loaded/included).
You can't. You're only sending the contents of bootstrap.sh to the remote shell. It's attempting to source subscript.sh on the remote machine, and it isn't there.
You'll need to either copy subscript.sh (or both scripts!) to the remote machine, or insert the contents of subscript.sh into bootstrap.sh in place of the source command.
What I would recommend is to rsync your 'bootstrap.sh' from your local computer to your server. You should be able to do this with your ssh credentials.
A very cool utility is Transmit. It is $25 and allows you to cleanly mount your server as if it were a portable hard drive (Transmit can also do synchronizations). All you need is ssh credentials and is very user friendly.
If you are allowed to install on your server, then I would install qsub on it. (Actually just check to see if it is installed.) Then just mount your computer's drive and you can submit scrips with qsub (I actually would just make a small server on your mac). This is what I use for using a linux cluster from my OSX computer.
Alternatively you can make a small server from your osx and have it mounted on your linux server.