I normally go through the process once a month from my MacBook Pro laptop running the OS X operating system when I need to place a monthly newsletter on the web server. I use an SSH command similar to the following to log into the bastion host where gold.example.com is the fully qualified domain name (FQDN) of the web server and bastion1.example.com is the bastion host.

ssh -L 22001:gold.example.com:22 jasmith1@bastion1.example.com

The -L option specifies I want to tunnel a local port on my laptop, in this case I chose 22001, to port 22 on the web server, gold.example.com. A tunnel is set up from my laptop to the web server through the bastion host by using that option once my login is completed to the bastion host.

Then, to transfer a file via secure copy from my laptop to the web server, I can use a command like the following one to transfer a file named July.txt from the laptop to the web server:

$ scp -P 22001 July.txt jasmith1@127.0.0.1:/data/htdocs/clubs/groot/newsletter/2015/.
jasmith1@127.0.0.1's password:

The -P option to the scp command specifies I want to use TCP port 22001, since that is the port for the end of the tunnel on my laptop. The 127.0.0.1 address I'm specifying is the localhost, aka "loopback", address on my laptop. I.e., I'm connecting to port 22001 on the laptop itself. The tunnel I set up earlier results in any connection to that port being forwared through the tunnel to the web server, so I'm specifying my userid for the web server and the password prompt I receive is for the web server. The file July.txt will thus be placed in the directory /data/htdocs/clubs/groot/newsletter/2015 on the web server with the same name, July.txt.

If I wanted to pull a file from the webserver via the tunnel, I could use a command such as the following:

scp -P 22001 jasmith1@127.0.0.1:/data/htdocs/clubs/groot/July.html .

That command would retrieve the file July.html from the web server and place it on the laptop with the same name.

[/network/ssh] permanent link