DEV Community

Vidyasagar SC Machupalli
Vidyasagar SC Machupalli

Posted on • Edited on

Transfer contents and files using SCP from remote to local machine via bastion

It's always a challenge to move content (text) and files between a remote machine and localhost (local machine). The challenge becomes even harder when there is a bastion host or a Jumpserver in the middle that needs SSH (Secure Shell) access.

Photo by Vidyasagar Machupalli

As I work day-in and day-out with virtual machines in Cloud, I am asked to send logs, copy or move files from the remote machine to local for debugging. In the linux world, coredump is required most of the time to see why a server or a component is crashing. Moving files like a core dump is required for debugging or understanding the state of the machine.

For this scenario let's consider three machines (VMs or VSIs),

  1. Localhost
  2. Bastion host with a private IP - 10.10.0.13
  3. Remote machine / server with a private IP - 10.30.0.13

Scenario 1: copy a file from remote machine to localhost

You will be using SCP(Secure Copy Protocol) from local to remote via Bastion.

  1. Run this in one session/window/tab of the terminal on your local machine

    ssh -L 1234:<REMOTE_PRIVATE_IP>:22 <OS_USER>@<BASTION_HOST_PRIVATE_IP> cat -
    ssh -L 1234:10.30.0.13:22 vmac@10.10.0.13 cat -
    
  2. In another session/window/tab,

    scp -P <LOCAL_PORT> <REMOTE_USER>@127.0.0.1:<PATH_TO_THE_FILE_ON_REMOTE_MACHINE> <LOCAL_PATH_TO_COPY_FILE>
    scp -P 1234 vmac@127.0.0.1:/home/vmac/output.log  output.log
    

Scenario 2: copy contents of a remote file to clipboard

On your local machine, run the below command to copy contents of a file to clipboard using pbcopy

ssh -J vmac@<BASTION_HOST_PRIVATE_IP vmac@<REMOTE_PRIVATE_IP> 'cat /home/vmac/output.log' | pbcopy
ssh -J vmac@10.10.0.13 vmac@10.30.0.13 'cat /home/vmac/output.log' | pbcopy
Enter fullscreen mode Exit fullscreen mode




Using VPN

If you want to access a machine using a private IP, you can always connect to an VPN (client-to-site or site-to-site) to access the contents of a remote machine.

References:

Happy learning and sharing :)

Follow me on Linktree

Top comments (0)