How can I use scp to aquire a file from a server via a bastion with ssh forwarding?
up vote
0
down vote
favorite
I'm wondering how to copy a file with scp (or a better way if possible) and allow ssh key forwarding. I've read a lot of posts on how to do this closely, but not with ssh forwarding, or the -A equivalent we get with ssh.
Backstory - I have keys added with the method-
ssh-add mkey.pem
so that I can ssh into a bastion host with those stored keys like so...
[localhost]$ ssh -A user@bastion
...and then ssh into the server from the bastion, which will automatically use the ssh keys added from the localhost.
[bastion]$ ssh -A user@server
However, scp doesn't have an equivalent -A function to use a stored key from the localhost, which prevents you from having to store the key on the bastion.
What is the ideal approach to copying a file from a server via a bastion host that requires ssh keys for access?
ssh scp forwarding ssh-tunnel
add a comment |
up vote
0
down vote
favorite
I'm wondering how to copy a file with scp (or a better way if possible) and allow ssh key forwarding. I've read a lot of posts on how to do this closely, but not with ssh forwarding, or the -A equivalent we get with ssh.
Backstory - I have keys added with the method-
ssh-add mkey.pem
so that I can ssh into a bastion host with those stored keys like so...
[localhost]$ ssh -A user@bastion
...and then ssh into the server from the bastion, which will automatically use the ssh keys added from the localhost.
[bastion]$ ssh -A user@server
However, scp doesn't have an equivalent -A function to use a stored key from the localhost, which prevents you from having to store the key on the bastion.
What is the ideal approach to copying a file from a server via a bastion host that requires ssh keys for access?
ssh scp forwarding ssh-tunnel
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I'm wondering how to copy a file with scp (or a better way if possible) and allow ssh key forwarding. I've read a lot of posts on how to do this closely, but not with ssh forwarding, or the -A equivalent we get with ssh.
Backstory - I have keys added with the method-
ssh-add mkey.pem
so that I can ssh into a bastion host with those stored keys like so...
[localhost]$ ssh -A user@bastion
...and then ssh into the server from the bastion, which will automatically use the ssh keys added from the localhost.
[bastion]$ ssh -A user@server
However, scp doesn't have an equivalent -A function to use a stored key from the localhost, which prevents you from having to store the key on the bastion.
What is the ideal approach to copying a file from a server via a bastion host that requires ssh keys for access?
ssh scp forwarding ssh-tunnel
I'm wondering how to copy a file with scp (or a better way if possible) and allow ssh key forwarding. I've read a lot of posts on how to do this closely, but not with ssh forwarding, or the -A equivalent we get with ssh.
Backstory - I have keys added with the method-
ssh-add mkey.pem
so that I can ssh into a bastion host with those stored keys like so...
[localhost]$ ssh -A user@bastion
...and then ssh into the server from the bastion, which will automatically use the ssh keys added from the localhost.
[bastion]$ ssh -A user@server
However, scp doesn't have an equivalent -A function to use a stored key from the localhost, which prevents you from having to store the key on the bastion.
What is the ideal approach to copying a file from a server via a bastion host that requires ssh keys for access?
ssh scp forwarding ssh-tunnel
ssh scp forwarding ssh-tunnel
asked Nov 11 at 6:31
openCivilisation
727
727
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
scp
supports passing options to ssh
via the -o
argument.
In this case, I think the best way to address this is to use scp -o "ForwardAgent yes"
ahh cool. I'm not sure how to do that from localhost, but from the bastion I can do: scp -o "ForwardAgent yes" user@server:/file .
– openCivilisation
Nov 11 at 11:42
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
scp
supports passing options to ssh
via the -o
argument.
In this case, I think the best way to address this is to use scp -o "ForwardAgent yes"
ahh cool. I'm not sure how to do that from localhost, but from the bastion I can do: scp -o "ForwardAgent yes" user@server:/file .
– openCivilisation
Nov 11 at 11:42
add a comment |
up vote
1
down vote
accepted
scp
supports passing options to ssh
via the -o
argument.
In this case, I think the best way to address this is to use scp -o "ForwardAgent yes"
ahh cool. I'm not sure how to do that from localhost, but from the bastion I can do: scp -o "ForwardAgent yes" user@server:/file .
– openCivilisation
Nov 11 at 11:42
add a comment |
up vote
1
down vote
accepted
up vote
1
down vote
accepted
scp
supports passing options to ssh
via the -o
argument.
In this case, I think the best way to address this is to use scp -o "ForwardAgent yes"
scp
supports passing options to ssh
via the -o
argument.
In this case, I think the best way to address this is to use scp -o "ForwardAgent yes"
answered Nov 11 at 7:05
Orix Au Yeung
514
514
ahh cool. I'm not sure how to do that from localhost, but from the bastion I can do: scp -o "ForwardAgent yes" user@server:/file .
– openCivilisation
Nov 11 at 11:42
add a comment |
ahh cool. I'm not sure how to do that from localhost, but from the bastion I can do: scp -o "ForwardAgent yes" user@server:/file .
– openCivilisation
Nov 11 at 11:42
ahh cool. I'm not sure how to do that from localhost, but from the bastion I can do: scp -o "ForwardAgent yes" user@server:/file .
– openCivilisation
Nov 11 at 11:42
ahh cool. I'm not sure how to do that from localhost, but from the bastion I can do: scp -o "ForwardAgent yes" user@server:/file .
– openCivilisation
Nov 11 at 11:42
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53246409%2fhow-can-i-use-scp-to-aquire-a-file-from-a-server-via-a-bastion-with-ssh-forwardi%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown