Reputation: 55
How to: scp over Jumphost, each with privatekeys
I want to have an scp command over a Jumphost to the targetserver. Both, the Jumphost and the targetserver, require an key for the login.
If there would be no key required, I think this command would work:
scp -o ProxyJump=usernameJumpserver@ipJumpserver filename usernameTargetserver@ipTargetserver:/path/filename
So, including a key, I get to this command:
scp -i /pathOnMyClient/key -o ProxyJump=usernameJumpserver@ipJumpserver filename usernameTargetserver@ipTargetserver:/path/filename
Then I get the error "usernameTargetServer@ipTargetserver: Permission denied (publickey)."
I can't add the (probably?) required -i /pathJumpserver/key to it. How does it work?
Upvotes: 5
Views: 15939
Answers (5)
Reputation: 351
That worked for me:
scp -o [email protected] local-File.txt 10.1.2.3:~/
Upvotes: 1
Reputation: 1311
I could not get this working with ProxyJump, so I fell back to the more verbose ProxyCommand instead. This works for me for copying from A to C through B:
scp -i <path on A to key for C> \
-oProxyCommand="ssh -i <path on A to key for B> -W %h:%p <user>@B" \
/path/to/my/file <user>@C:~/
Upvotes: 4
Reputation: 1308
So we have:
- LocalHost
- JumpHost
- DestinationHost
On LocalHost, in ~/.ssh/config add:
Host JumpHost
User JumpHostUser
IdentityFile ~/.ssh/id_rsa
# other optional settings:
# Port 2222
# HostName 192.168.0.1
Host DestinationHost
User DestinationHostUser
IdentityFile ~/.ssh/id_rsa_jumphost
And you can use what @StefanKaerst suggested:
scp -o ProxyJump=JumpHost DestinationHost:/file /LocalFile
scp -o ProxyJump=JumpHost /Localile DestinationHost:/File
I have it aliased as
scpj='scp -o ProxyJump=JumpHost'
So I only type:
scpj DestinationHost:/file /LocalFile
You need to have all the keys in place though, both from local to jump, from jump to destination and from local to destination.
Upvotes: 6
Reputation: 719
Advanced ssh from windows, not much fun at all.
I've found this working.
Create a C:\Users\u.username\.ssh\config file like:
Host jumphost.server
HostName jumphost.server
User u.username
ForwardAgent yes
IdentityFile C:\Users\u.username\.ssh\id_rsa
Host * !jumphost.server
ProxyCommand ssh.exe [email protected] -W %h:%p
IdentityFile C:\Users\u.username\.ssh\id_rsa
(replace your data for jumphost.server, as well as your username and path to ssh private key)
Then scp from final target.server is working that way (from powershell):
scp -F .\.ssh\config [email protected]:/path/to/file C:\Users\u.username\
or from local windows to target linux:
scp -F .\.ssh\config C:\Users\u.username\file [email protected]:/path/to/file
The flag -F is loading predefined config.
Upvotes: 1
Reputation: 419
as you cannot enter the password of your ssh key at the jumphost I suggest to load your key into your local ssh-agent and then use one of:
> scp -o [email protected] localfile [email protected]:
> scp -o [email protected] [email protected]:file localdir
this works for me!
HTH Stefan K.
Upvotes: 7
Related Questions
- using ssh keys with scp and ssh
- SSH multiple HOP
- How to SSH tunnel from jump server to another server without directly logging in to the jump server
- How to do ssh jump over two jump hosts in command line
- SSH tunnel via multiple hops
- How to copy files to a remote machine through a jumping machine by scp command
- JSch multiple tunnels/jumphosts
- SSH tunnel to Database from two level of jump server with different keys
- Create a SSH tunnel from a Jump host to a Database and access the database on Jump Host Port
- Scp through ssh tunnel opened