How to transfer files over an SSH connection
This HOWTO focuses on the situation where the user connects from a Windows machine using TeraTerm with the SSH extension. The server is assumed be a Unix-like machine which will only accept SSH connections from the client.
In most of the examples, the server is assumed to be named "remote," the local machine to be named "local," and the file to be named "foo."
Samba
This ducks the entire issue. For a permanent installation, Samba is the way to go. Samba is a fantastically useful program which allows files residing on a unix machine to be shared with Windows machines. The Unix machine will appear in the Network Neighborhood, and fine-grained control is available to select which files are available to which users. Printing support is also provided. Samba has to be installed by the system administrator. Be sure to run NT service pack 3 or above, Windows 98, or recent upgrades to Windows 95, otherwise your password will be leaked to the network. Also, be sure to enable encrypted passwords in Samba, otherwise it will not be able to talk to the Windows clients. Samba can be installed by your system administratorSCP
If you're connecting from a unix-like machine to a unix-like machine, this HOWTO is not for you. Your situation is much easier. Use the command "scp" which is analogous to the more common "rcp." If you want to copy the file "foo" to the machine "remote" you would issue the following command: scp foo remote:Note the colon at the end of the line. If you omit the colon, you will just make a local copy of the file named "remote."
See the man page on scp for more information.
Modem-Style Transfer Programs
One way to transfer files over an SSH connection is to use modem-to-modem transfer protocols like kermit or xmodem. This is probably the easiest to set up. All the communication which would normally take place between two modems is piped through the SSH connection. There's a lot of extra overhead to this technique, so it may not be the best for large files over slow connections. Of the available options, ZModem is probably the easiest to use.ZModem: Uploading Local to Remote
- From the command line on the remote machine, type "sz filename" You can specify multiple filenames on the same command line. You will see some garbage appear on the screen. This is the sz program waiting to hear the correct response. Your screen will look approximately like this:
- From the File menu in TeraTerm, select Transfer|ZMODEM|Receive. The file transfer should begin.
[zager@marge zager]$ sz foo
Š*B00000000000000
ZModem: Downloading Remote to Local
- From the command line, type "rz" You do not need to specify a filename. rz will produce some garbage on the screen. Your screen will look approximately like this.
- From the File menu in TeraTerm, select Transfer|ZMODEM|Send... You should see a standard Windows file selection dialog. Select the file(s) you would like to send, click the "Open" button. The transfer should start
[zager@marge zager]$ rz
Šz waiting to receive.**B0100000023be50
FTP
It is much harder to configure FTP to work over an SSH connection. The reason to do this is that you have some nifty graphical FTP clients on your PC which you enjoy using, and use often. That will make it worth the setup. Otherwise, you are encouraged to take a second look at the section above.Overview
The SSH protocol includes a feature known as "port-forwarding." This allows a network connection which looks like it begins at one end of the SSH connection to be sent through SSH to the remote end, and passed on elsewhere. We will tell the LOCAL machine to listen for an ftp connection, then forward that connection to the REMOTE machine. Then, to make use of this new link, we will tell our FTP client to connect to the LOCAL machine instead of the REMOTE one.Preconditions
- The remote server must be configured to allow ftp connections from itself, even though it does not allow connections from the outside world. The system administrator will have to do this. It may also be possible for you to run your own renegade ftp server on a non-priviledged port.
- Your ftp client must support passive mode. The default ftp clients in Windows 95 and Windows NT do not support passive mode. The fancier ftp programs generally do. Internet Neighborhood, available at http://www.knoware.com is a nice ftp program which does support passive mode.
- You must have the SSH plug-in version 1.4 or higher. Maybe version 1.3 would work, I never saw it. But version 1.2 does not support port forwarding.
Configuring TeraTerm-SSH
- Select the TeraTerm menu option Setup|SSH Forwarding... If you do not have an option "SSH Forwarding..." under your Setup menu, then you need to upgrade your version of the SSH plugin.
- Click on the Add button
- Forward from the local port "ftp" to the remote machine "remote" , port "ftp."
- Click on the Ok button
- The "Port Forwarding" list should now have one entry: "Local 21 (ftp) to remote "remote" port 21 (ftp)."
- Click on the Ok button
- Select the menu option Setup|Save Setup... to make your changes permanent.
Configuring your FTP Client
The particulars of how to do this will vary with your FTP client. But there are two major steps:- Tell your ftp client that you want to connect to "localhost" This is counterintuitive. Remember, the port forwarding is going to magically transmit this connection to the other end, so it's ok.
- Tell your ftp client to use passive mode. This may be under settings labeled "advanced" or "firewall." If you are able to log in with your username and password, but are not able to transmit any data, then you have not enabled passive mode.
Special Case: Running an FTP server on the Client
If you are already running an FTP server on the client, then you have a couple extra steps to do. SSH will not be able to set up its port forwarding since your ftp server will already have control of the ftp port. The solution is to use a non-standard port for the ftp connection.When configuring Tera-Term SSH, instead of forwarding from the port "ftp," pick a free port. You really should check what ports are free, but a number like 54321 might be safe. The number should be over 1000 and less than 65536.
When configuring the FTP client, look for a "port" option and set that to the same port as you set for SSH. This is likely be be near where you set the name of the machine to which you connect. (Which you set to "localhost," right?) There is also probably a "port" option near firewall settings, but this is probably not what you're after.
沒有留言:
張貼留言