scp
The scp tool is used to copy files from one computer to another while encrypting the data.
Example 1 – Below command will copy myfile.txt securely to a remote machine:
[root@RHEL04 ~]# scp myfile.txt tintin@192.168.1.106:
The authenticity of host '192.168.1.106 (192.168.1.106)' can't be established.
RSA key fingerprint is 88:8e:46:35:ac:dc:5e:73:f2:ce:9a:29:41:f5:73:fb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.106' (RSA) to the list of known hosts.
tintin@192.168.1.106's password:
myfile.txt 100% 48KB 47.9KB/s 00:00
Example 2 – Below command will copy mynewfile.txt securely from a remote machine to your machine:
[root@RHEL04 ~]# scp tintin@192.168.1.106:mynewfile.txt mylocalfile.txt
tintin@192.168.1.106's password:
mynewfile.txt 100% 575KB 575.1KB/s 00:00
Note: To see more details about the status of command, use the verbose mode (-v).
sftp
The sftp tool is an FTP like command-line tool, which can be used to securely transfer files from one system to another.
Exmple:
[root@RHEL04 ~]# sftp root@192.168.1.105
Connecting to 192.168.1.105...
root@192.168.1.105's password:
sftp>
help
Available commands:
cd path Change remote directory to 'path'
lcd path Change local directory to 'path'
chgrp grp path Change group of file 'path' to 'grp'
chmod mode path Change permissions of file 'path' to 'mode'
chown own path Change owner of file 'path' to 'own'
help Display this help text
get remote-path [local-path] Download file
lls [ls-options [path]] Display local directory listing
ln oldpath newpath Symlink remote file
lmkdir path Create local directory
lpwd Print local working directory
ls [path] Display remote directory listing
lumask umask Set local umask to 'umask'
mkdir path Create remote directory
progress Toggle display of progress meter
put local-path [remote-path] Upload file
pwd Display remote working directory
exit Quit sftp
quit Quit sftp
rename oldpath newpath Rename remote file
rmdir path Remove remote directory
rm path Delete remote file
symlink oldpath newpath Symlink remote file
version Show SFTP version
!command Execute 'command' in local shell
! Escape to local shell
? Synonym for help
sftp>
ssh
The ssh command is used to securely log in to a remote system or execute a command on a remote system.
The most important OpenSSH utility is ssh, which is a secure alternative for rlogin, rsh, and telnet. The ssh command allows users to remotely log in to a system from another system using an encrypted transfer protocol. Every transfer starting with the username and password sent for authentication is encrypted so it can’t be easily read if intercepted. The system being connected to is considered the server. The system being connected from is called the client.
To log in to a system with ssh, use the following command, where
The following example shows how to use ssh command.
[root@RHEL04 ~]# ssh root@RHEL05
The authenticity of host 'rhel05 (192.168.1.105)' can't be established.
RSA key fingerprint is 60:7f:ec:a0:6f:c4:cd:54:5c:53:06:61:53:4f:47:25.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'rhel05' (RSA) to the list of known hosts.
root@rhel05's password:
Last login: Fri Aug 7 12:38:51 2009 from 192.168.1.104
[root@RHEL05 ~]# hostname
RHEL05.mynet.com
If you want only to execute one command on a remote machine and view the output, you can pass the command as an argument as shown below.
[root@RHEL01 ~]# ssh root@RHEL03.omnisecu.com "hostname"
root@rhel03.omnisecu.com's password:
RHEL03.omnisecu.com
ssh-keygen
Generates SSH DSA/RSA public/private key pairs. ssh-keygen can create RSA keys for use by SSH protocol version 1 and RSA or DSA keys for use by SSH protocol version 2. The type of key to be generated is specified with the -t option. If invoked without any arguments, ssh-keygen will generate an RSA key for use in SSH protocol 2 connections.
[root@RHEL04 .ssh]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
1d:6e:09:e3:60:b2:4f:08:ac:e2:33:47:c1:c8:24:a7 root@RHEL04.mynet.com
ssh-copy-id
The ssh-copy-id tool is used to install your key in a remote machine’s authorized_keys
[root@RHEL04 .ssh]# ssh-copy-id -i id_rsa.pub root@192.168.1.105
10
The authenticity of host '192.168.1.105 (192.168.1.105)' can't be established.
RSA key fingerprint is 60:7f:ec:a0:6f:c4:cd:54:5c:53:06:61:53:4f:47:25.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.105' (RSA) to the list of known hosts.
root@192.168.1.105's password:
Now try logging into the machine, with "ssh 'root@192.168.1.105'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.