LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 07-03-2006, 07:15 PM   #1
jdwilder
Member
 
Registered: Jul 2003
Location: United States
Distribution: Fedora Core 7 and older, Knoppix, Ubuntu
Posts: 121

Rep: Reputation: 15
Using SCP behind a router


Hi, I need help using scp.
I do not know how to transfer from a different machine to mine.

My computer is connected to a router, which is connected the my school's network. I can get my computer's IP from doing ifconfig, but that is a different IP than what it is on the network, which is also a different IP from what the outside world sees (all computers on my school's network appear to have the same IP).

If I am sitting on my computer and have sshed to another machine what would I type to transfer a file from that machine to the local one.

If I am on a machine at my lab (on the school network) would the command change?
If I am at my parents house (outside of the school network) would the same command work?
In order to scp when I am not at my machine what do I need to have listening for a connection.

I also want to confirm the structure of the command. Normally if I have a file (foo.txt) in the current directory that I want to transfer to a machine called maple.computing the command would look like this, right?

scp foo.txt myUser@maple.computing:/home/myUser

Thanks for the help
 
Old 07-03-2006, 09:21 PM   #2
chadl
Member
 
Registered: Sep 2005
Location: US
Distribution: Gentoo AMD64 Testing
Posts: 129

Rep: Reputation: 16
The computer that you want to put the file on or get the file from must be running an SSH server (protocol version 2). If you can connect to the system by using SSH, then there is a good chance that you have this OK. If you have a firewall that you need to open ports on, SSH, SFTP, and SCP, all work on port 22 TCP.

Note that you do not need to have an SSH connection to the system in question. When you run SCP, it will open the required SSH connection in order to send the file (and actually, if SSH works, then SCP should work with the same host and usernames).

Assuming that the hostname/IP address of the target computer does not change, then the command required to put or get a file should not change. SCP only makes an outgoing connection from the computer you are on to port 22 on the host that you tell it.

The syntax of the command that you have is valid and will work as expected. There is a shortcut if you are using your home directory, however. As SCP does everything in relation to your home directory, running scp foo.txt myUser@maple.computing:foo.txt will get you the same result.

Let me know if you have any questions... as I was just working with SCP at work today, so I still have the man page fresh on my mind.

Last edited by chadl; 07-03-2006 at 09:28 PM.
 
Old 07-03-2006, 09:35 PM   #3
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
You need to have port 22 open for ssh on your local router to scp to your machine, and that might be the problem with connecting to the others.

Each router and firewall in in the chain between your computers has to know to forward requests to the WAN side of their connection to the correct machine on the inside (LAN). Most home routers can forward port 22 (for ssh and scp) from the outside to a specific address inside, but not to every address inside, and that is what makes it tough. If a router/firewall isn't set to allow SSH connections to the specific address that the server sits at, then you won't get scp to work. Whatever address you use to connect through SSH is the same address you'd use for scp.

Your command has a few issues as well. You have an incomplete domain name, and if you used that command, you might overwrite your home directory. Unless maple.computing resolves to something on your machine, you'll need a complete domain name, or the maple.computing's IP address. I would do it like this, assuming the directory you start in has foo.txt, if it doesn't, you need a full path:

Code:
scp foo.txt myuser@W.X.Y.Z:/home/myuser/
Do not take the final trailing slash off of /home/myuser/ or that is what might overwrite your home, or you'll just fail on permissions, because usually your myuser account can't write to /home, just /home/myuser/.

You can use scp from anywhere to anywhere else, and all that changes is the details. If both hosts are on the school network, then they could connect by private IP address within the network. There can also be different issues because of firewalls. They may pass traffic within the school network that would be blocked from the public internet. There is no way to know without just trying it. I wouldn't be at all suprised to see trying to connect from your parents fails, but it works within school network. It may be wide open though.

Connection the other way (from lab to your machine) should be easier, assuming you can control that router. You are correct in what you said about different addresses. Every router/firewall you pass through can translate your address. What you need to know is the WAN side address of your local router. What is probably the case, is that each device is translating addresses. The one public IP everybody gets is real world, then behind that are a large subnet of private addresses (usually a class B or A network), and each of those addresses are actually often routers giving out another layer of addresses to the client computers. That way your machine claims to be 192.168.1.13, your router claims you are 172.18.1.3(WAN side of your local router), and the school connection gives everybody on campus the same external real world IP.

Now, if you are in the lab, here is how you would connect to your router. First, you need the WAN address of your local router. You also need to set your router to forward all traffic on port 22 to your desktop. Say from my previous example, that your machine claims its IP is 192.168.1.13. Then you need to create a rule in the local router to forward all traffic to the WAN side at port 22 to 192.168.1.13 at port 22. Then from the lab machine, you would scp back home with this command:
Code:
scp bar.txt user@WAN.IP.ADDRESS.ROUTER:/home/user/
If the connection can be made, it will ask you for your home machine user's password, and the file(s) will move.

Peace,
JimBass
 
Old 07-03-2006, 09:35 PM   #4
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Both networks, your home network and your school network are behind routers. If the school uses a private address space, and is behind a NAT router as well, then you may not be able to connect from home to school using ssh because the school's router won't forward ssh to the computer you want to connect to. That is assuming that the host at school that you wish to connect to isn't assigned an internet IP address. Unless the gateway/router is a computer that you have ssh access to and can build a tunnel from the gateway to the host that you want to.

If you are going the other way however, then since you control the NAT router in your home, you will be able to connect from school to home provided that you have access to the internet.
 
Old 07-03-2006, 09:36 PM   #5
spooon
Senior Member
 
Registered: Aug 2005
Posts: 1,755

Rep: Reputation: 48
Quote:
Originally Posted by jdwilder
My computer is connected to a router, which is connected the my school's network. I can get my computer's IP from doing ifconfig, but that is a different IP than what it is on the network, which is also a different IP from what the outside world sees (all computers on my school's network appear to have the same IP).
You will need to get them to forward incoming port 22 (or some other port) to your machine in order for anything on the Internet to connect to your machine's SSH.

Also, keep in mind that file transfers work both ways. So even if you cannot get your school to forward incoming SSH connections to your computer, as long as you can SSH to the remote computer, you can still transfer files to and from it.

So to transfer foo.txt to the home directory on the remote computer, you can do
Code:
scp foo.txt myUser@maple.computing:
And for example if you want to transfer ~/foo.txt on the remote computer to the current directory on the local computer, you can do:
Code:
scp myUser@maple.computing:foo.txt .
 
Old 07-03-2006, 09:44 PM   #6
jdwilder
Member
 
Registered: Jul 2003
Location: United States
Distribution: Fedora Core 7 and older, Knoppix, Ubuntu
Posts: 121

Original Poster
Rep: Reputation: 15
Okay, thanks, I will check my SElinux to make sure I have all the correct ports open.

So if I run an ssh server which IP should I use to connect to it? I don't know if it is possible from outside the network because our whole network is routed through one IP and I do not know how it would be able to direct it to my system.

But in the network if I use SCP (or ssh for that matter) and try to connect to the IP of my router will my router automatically forward the request to the correct computer of the two I have connected? Or how do I tell scp to transfer my file to the correct machine since the network sees the routers IP and not my machines (at least I think it does, because I was told that each student is assigned one IP and if we had multiple machines we needed to use a router and have it installed before we register so that our IP gets assigned to it instead of one of our machines)?

Thanks again, your last post was technical enough to answer many question, but still easy to follow.
 
Old 07-03-2006, 09:45 PM   #7
jdwilder
Member
 
Registered: Jul 2003
Location: United States
Distribution: Fedora Core 7 and older, Knoppix, Ubuntu
Posts: 121

Original Poster
Rep: Reputation: 15
ooh, I didn't see all those responses, they showed up while I was writting my last response, so maybe you can disregard it.
 
Old 07-03-2006, 09:52 PM   #8
jdwilder
Member
 
Registered: Jul 2003
Location: United States
Distribution: Fedora Core 7 and older, Knoppix, Ubuntu
Posts: 121

Original Poster
Rep: Reputation: 15
Thanks for all the help I think I can get it working.

PS I like the Eliza quote, I have always had fun laughing at its responses.
 
Old 07-04-2006, 03:06 PM   #9
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
In case anyone wants to try it themselves, here is a link to instructions on how to get Eliza to analyze Zippy the Pinhead in Emacs:
http://www.osxfaq.com/dailytips/11-2002/11-11.ws
 
  


Reply

Tags
scp


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
scp does not work and gives the following error message: scp: FATAL: Executing ssh1 i akay Linux - Networking 16 09-28-2008 11:41 PM
How can I use scp Jzarecta Linux - Networking 6 04-15-2006 02:52 AM
SCP how to the_rhino Linux - Newbie 5 02-11-2005 07:50 PM
What is SCP? radam Linux - Software 2 07-20-2004 07:07 PM
Help with SCP lfindle Linux - Newbie 14 07-09-2002 02:08 PM


All times are GMT -5. The time now is 06:12 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration