2

I need to set up file transfer for which I've received the following access info. But I'm not sure how to connect, having hardly used SSH before. The instructions I got are:

First: ssh [email protected], password: password1
then: ssh [email protected], password: password2

I'm on a Mac. What client and settings should I use?

Arjan
  • 30,974
  • 14
  • 75
  • 112
Nimbuz
  • 655
  • 5
  • 12
  • 23
  • 1
    To actually login to the second server, see also "How to (S)FTP to hidden server?" at http://superuser.com/questions/51783/how-to-sftp-to-hidden-server/51790#51790 for a solution using `ProxyCommand` in `.ssh/config`. – Arjan Oct 06 '09 at 21:18

8 Answers8

4

The reason that there will be two logins is that domain2.com will be hidden behind domain1.com, and only accessible from within. This is often done for security reasons, or simply because domain2.com is on a different piece of network not accessible from the outside.

Peter
  • 348
  • 2
  • 11
4

Ok, apparently you said the first server is just a relay, so let's use a SSH Tunnel. Here is what you can do in Terminal:

ssh -N -t -x -L 45454:domain2.com:22 [email protected]

After entering the password you will not see anything happen. (Alternatively: remove the -N to actually see the command prompt of domain1.net.) And then in Transmit, you ask to connect to:

User: user2

Domain (server): localhost

Port: 45454

Protocol: SFTP (SSH)

This should normally allow you to use Transmit to connect to the second server, through the relay of the first one.

When done, stop Transmit, and then in Terminal hit Ctrl-C to stop ssh as well. (Or, if you started ssh without the -N parameter, then type exit instead of using Ctrl-C.)

Community
  • 1
Thibault Martin-Lagardette
  • 184
  • 2
  • Stuck at [email protected]'s password: since last 20 mins although I entered the correct pass; – Nimbuz Oct 02 '09 at 05:16
  • 3
    You're not stuck, you're probably logged in, and should now continue with Transmit, and when done hit Ctrl-C in Terminal to stop `ssh` as well. (Or, in Terminal, hit Ctrl-C to stop your first attempt. Then try again without the `-N`. After entering the first password, you will see the command prompt of the first server. Leave that alone, and do your thing using Transmit. When done, go back to Terminal and type `exit`.) – Arjan Oct 02 '09 at 08:33
  • As Arjan stated, you're not stuck. You can add the -v argument to see that it is just "idling". This is due to the `-N` argument, that says "Tunnel only", so it creates the tunnel, and do nothing else, until you quit (which will destroy the tunnel). So once the password is entered, you can just go over Transmit and login :) – Thibault Martin-Lagardette Oct 02 '09 at 18:33
  • Perfect, worked! :) – Nimbuz Oct 12 '09 at 11:56
3

try this on a terminal window
ssh [email protected]
it will ask for your password later
if you don't know what a terminal is, search the spotlight for "terminal"

phunehehe
  • 805
  • 2
  • 11
  • 24
2

It depends on what you need to do on these machines. Ususally, the best way is to use the command line. To do that, you simply open Terminal (/Applications/Utilities/Terminal.app), where you will be able to enter these commands.

If the only thing you need to do is copy files, then you can use Cyberduck or Transmit. It's an FTP client, but you can use the SFTP mode, which will be a sort of FTP over SSH :). (All servers might no support this mode, in which case you will have to use the scp command)

Thibault Martin-Lagardette
  • 184
  • 2
  • Yes, but here I've two logins and no "server" info? –  Oct 02 '09 at 03:26
  • If you have `[email protected]`, your username is `user1` and your server is `domain1.com` – Matthew Scharley Oct 02 '09 at 03:28
  • @Nimbuz: The "server" is the part after the @. This means you'd have: Server: domain1.com, User: user1, Password: password1 –  Oct 02 '09 at 03:30
  • Thanks, I'm able to get pass through the first login, but the directory is empty as its just a relay. Where do I use the second login info? –  Oct 02 '09 at 03:34
  • If I use the second login info directly in 'Transmit', it tries for a couple of mins and returns "Permission Denied" –  Oct 02 '09 at 04:05
2

From a purely command line perspective, you would do something like this:

In terminal window #1:

$ ssh -L 2122:domain2.com:22 [email protected]

enter the password when asked (password1). In terminal window #2:

$ scp -P 2122 -o HostKeyAlias=domain2.com user2@localhost:/path/to/remote/file /local/file

entering the password when asked (password2).

The port number 2122 can be anything you'd like (above 1024 and below whatever the max port number is). The port number 22 should not be changed.

HostKeyAlias is set so that the host name can be looked up properly in the known_hosts file.

Joe Casadonte
  • 5,373
  • 5
  • 25
  • 38
  • The scp example is unclear, but the rest looks right. 1) HostAliasKey should be HostKeyAlias, but you need to explain why it's necessary/useful or remove it as extraneous. 2) file destination is very unclear (easy to misread), so show an explicit local filename or swap the example so local is source: "scp -P 2122 /file/to/copy user2@localhost:/path/to/destination" or "scp -P 2122 user2@localhost:/path/to/remotefile ./localfile" – quack quixote Oct 02 '09 at 12:18
1

Open Terminal (in your Applications/Utilities folder), and type the commands as given. OS X comes with an SSH program.

There are GUI ssh programs, but the command line stuff seems like it's going to be more appropriate for this, since they're giving you the command lines already.

Warren Young
  • 3,665
  • 3
  • 19
  • 28
  • I have 'Transmit' app, can I use that? What do I choose - SFTP? –  Oct 02 '09 at 03:25
  • SFTP is an extension to SSH providing file transfer, but is not itself SSH. If all you need is file transfer, SFTP does what you want. If you need to log into the remote server and use its command line, you need a proper SSH program, either the command-line one that comes with OS X, or a GUI one like Fugu. –  Oct 02 '09 at 03:30
  • Yes, I'll only need file transfer. –  Oct 02 '09 at 03:34
0

Only if you need to access the files quite often, and only recommended after the procedures using Cyberduck or Transmit have been successful (to ensure your credentials and all are fine):

Mount the domain2.com resources locally using SSHFS with FUSE for OS X (formerly packaged in MacFUSE, but that does not support 10.6 and up).

ssh -L -N 45454:domain2.com:22 [email protected]
sshfs user2@localhost:/ ~/project -oport=45454,follow_symlinks,volname=Project

The second line can also be done through a GUI, using Macfusion, but then be sure to read the SSHFS notes about that.

Arjan
  • 30,974
  • 14
  • 75
  • 112
0

What you are tying to do is quick tricky for a newcomer to SSH. Several of the answers here don't even understand what you are asking for!

I've found this guide really good to explain the process of connecting via another host. The diagrams really help.

Peter Jenkins
  • 448
  • 2
  • 15