在ssh上进行多跳之后从服务器传输文件,net cat不可用
[英]Transfer Files from server after multiple hops over ssh , net cat not available
问题描述
I'm looking to automate retrieval of files from a bunch of servers via SSH. 
我正在寻找通过SSH自动从一堆服务器中检索文件的方法。 The problem is the servers are on separate networks and I need to go through 2 intermediary servers and these servers provide limited privileges ,limited ssh and no netcat or connect. 问题是服务器位于单独的网络上,我需要经过2个中间服务器,并且这些服务器提供有限的特权,有限的ssh且没有netcat或connect。
Env - 环保-
localhost --> GW1 --> GW2 --> (server1, server2,server3) 本地主机-> GW1-> GW2->(服务器1,服务器2,服务器3)
GW1,GW2 and even some servers have restricted shells .. GW1,GW2甚至某些服务器都具有受限制的外壳。
Currently the method being used is , A dynamic tunnel is created to GW1 using putty, GW1 has a config stored to connect to GW2 ..ssh to GW 2. Configure filezilla to use the tunnel , connect to server X , download a file via sftp 当前使用的方法是,使用腻子创建到GW1的动态隧道,GW1存储有配置以连接到GW2 ..ssh到GW2。配置filezilla以使用隧道,连接到服务器X,通过sftp下载文件
Any way it can be automated ? 有什么办法可以自动化吗? Even just the file transfer part be automated using the tunnel to connect and transfer would be helpful. 使用隧道连接和传输,即使只是文件传输部分也可以自动执行。 I vaguely recall succeeding to retrieve files via scp using the tunnel but can't remember how I managed it. 我隐约记得曾经成功使用隧道通过scp检索文件,但不记得我是如何管理文件的。
1 个解决方案
解决方案1
0 2014-09-09 22:41:17
This link goes to an article on transparent multihop ssh. 此链接转到有关透明多跳ssh的文章。 It gives a solution that works for me in a similar situation. 它提供了在类似情况下对我有效的解决方案。 I just tested this going from MacOS X through a linux box to another linux box and it worked. 我刚刚测试了从MacOS X到一个Linux盒子到另一个Linux盒子的过程,它确实起作用。 Your mileage may vary with other environments. 您的里程可能会因其他环境而异。
Using the names you gave above, put this in $HOME/.ssh/config . 使用上面提供的名称,将其放在$HOME/.ssh/config 。
Host GW2
ProxyCommand ssh -q GW1 nc GW2 22
Host server1
ProxyCommand ssh -q GW2 nc server1 22
I've used scp over this type of setup and it works fine. 我已经在这种类型的设置上使用了scp ,并且效果很好。 The referenced article gives more details, but the proxy command directive gives it a pre-configured way to access that host that's transparent to the end user. 所引用的文章提供了更多详细信息,但是proxy命令指令为它提供了一种预配置的方式来访问对最终用户透明的主机。
One thing to note, the article specifies using nc -q0 , but that option isn't available on the stock nc on my ubuntu VM or my mac. 需要注意的是,本文指定使用nc -q0 ,但是该选项在ubuntu VM或mac上的普通nc上不可用。 It seems to work fine without it and a few minutes of searching left me no closer to figuring out what -q0 is supposed to do. 没有它似乎可以正常工作,几分钟的搜索使我几乎无法弄清-q0应该做什么。
If anyone knows and wants to include it here, I'll happily update my answer. 如果有人知道并且想在这里包括它,我会很乐意更新我的答案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.