How to remotely copy files over ssh without entering your password

Sooner or later, you’ll find yourself in a situation where you have to upload the file to the remote server over SSH or copy a file from it.

There are various ways you can transfer files over SSH. I am going to discuss the following methods here:

1. scp: Legacy command which is being deprecated
2. rsync: Popular command for file synchronization
3. sshfs: Mounting remote directory over SSH
4. sftp clients: GUI tool for accessing file over SFTP

For a successful file transfer over SSH, you need to

• to have SSH access between the two machines
• to know the username and password on the remote machine
• IP address or hostname (on the same subnet) of the remote machine

With that aside, let’s see the methods for copying files between remote systems via SSH.

Method 1: Use scp command to copy files over SSH

I have read that scp is going to be deprecated. Still, it is my favorite tool for transferring files between systems over SSH. Why? Because its syntax is similar to the cp command.

Let’s see how to use the scp command.

Copy files from the remote machine to your local machine

Here’s the scenario. You want to copy files from the remote Linux system to the currently logged in system.

Here’s a generic syntax that copies the file from the home directory of the user on the remote system to the current directory of your locally logged in system.

Do you see the similarity with the cp command? It’s almost the same except that you have to specify username and ip address with colon (:).

Now, let me show you a real-world example of this command.

In the example above, I copied the file remote.txt from the /home/abhishek/my_file directory on the remote system to the current directory of the local machine.

This should give you a hint that you should know the exact location of the file on the remote system. The tab completion does not work on remote systems.

Copy files from your local machine to the remote machine

The scenario is slightly changed here. In this one, you are sending a local file to the remote system over SSH using scp.

This is a generic syntax which will copy the filename to the home directory of username on the remote system.

In the above example, I copied local.txt file from the current directory to the home directory of the user abhishek on the remote system.

Then I logged into the remote system to show that the file has actually been copied.

You can copy directories too

Remember I told you I like scp because of its similarity with the cp command?

Like cp command, you can also use scp to copy directory over SSH. The syntax is similar to the cp command too. You just have to use the -r option.

You can do a lot more with it. Read some more examples of scp command in this tutorial:

Method 2: Use rsync to copy files and directories over SSH

Since scp is being deprecated, rsync is the next best tool for copying files between remote system over SSH. Actually, it is better than scp in many terms.

The command syntax is the same as scp. Older versions of rsync had to use rsync -e ssh but that’s not the case anymore.

Copy files from the remote machine to your local machine

Let’s say you want to copy a file from the home directory of the user on the remote system to the current directory of your locally logged in system.

Let’s take the same example you saw with scp. I am copying the file remote.txt from the /home/abhishek/my_file directory on the remote system to the current directory of the local machine.

Copy files from your local machine to the remote machine

Here is a generic syntax which will copy the file to the home directory of username on the remote system.

Time to see the real world example. I am copying local.txt file from the current directory to the home directory of the user abhishek on the remote system.

How about copying directories with rsync?

It’s the same. Just use -r option with rsync to copy entire directory over SSH between remote systems.

Take a look at this example. I copy the entire my_file directory from the remote system to the local system.

rsync is a versatile tool. It is essentially a tool for ‘recursively syncing’ the contents between two directories and quite popular for making automated backups.

Method 3: Using SSHFS to access files from remote system over SSH

There is also SSHFS (SSH Filesystem) that can be used to access remote files and directories. However, this is not very convenient just for copying files.

In this method, you mount the remote directory on your local system. Once mounted, you can copy files between the mounted directory and the local system.

You may need to install sshfs on your local system first using your distribution’s package manager.

On Debian and Ubuntu, you may use the following command:

Once you have sshfs installed on your system, you can use it to mount the remote directory. It would be better to create a dedicated directory for the mount point.

Now mount the desired directory on the remote machine in this fashion:

Once it is mounted, you can copy files into this directory or from this directory as if it is on your local machine itself.

Remember that you have mounted this file. Once your work is done, you should also unmount it:

Here’s an example where I mounted the my_file directory from the remote system to the remote_dir directory on the local system. I copied the remote.txt file to the local system and then unmounted the directory.

Method 4: Use a GUI-based SFTP client for transferring files between remote systems

As the last resort, you can use an FTP client for transferring files between remote and local systems.

FileZilla is one of the most popular cross-platform FTP client. You can easily install on your local system.

Once installed, go to File->Site Manager and add the remote system details like IP address, SSH port number, username and password.

Once you connect, you can see a split window view that shows the local filesystem on the left and the remote filesystem on the right.

To transfer the file, drag and drop files from left to right or right to left. A progress bar appears at the bottom.

Which method do you prefer?

Alright! I showed various command line and GUI methods that can be used for copying files over SSH.

Now it is up to you to decide which method to use here. Do comment your preferred method for transferring files over SSH.

SSH is a lifesaver when you need to remotely manage a computer, but did you know you can also upload and download files, too? Using SSH keys, you can skip having to enter passwords and use this for scripts!

This process works on Linux and Mac OS, provided that they’re properly configured for SSH access. If you’re using Windows, you can use Cygwin to get Linux-like functionality, and with a little tweaking, SSH will run as well.

Copying Files Over SSH

Secure copy is a really useful command, and it’s really easy to use. The basic format of the command is as follows:

scp [options] original_file destination_file

The biggest kicker is how to format the remote part. When you address a remote file, you need to do it in the following manner:

The server can be a URL or an IP address. This is followed by a colon, then the path to the file or folder in question. Let’s look at an example.

scp –P 40050 Desktop/url.txt [email protected]:

This command features the [-P] flag (note that it’s a capital P). This allows me to specify a port number instead of the default 22. This is necessary for me because of the way I’ve configured my system.

Next, my original file is “url.txt” which is inside of a directory called “Desktop”. The destination file is in “

/Desktop/url.txt” which is the same as “/user/yatri/Desktop/url.txt”. This command is being run by the user “yatri” on the remote computer “192.168.1.50”.

What If you need to do the opposite? You can copy files from a remote server similarly.

Here, I’ve copied a file from the remote computer’s “

/Desktop/” folder to my computer’s “Desktop” folder.

To copy whole directories, you’ll need to use the [-r] flag (note that it’s a lowercase r).

You can also combine flags. Instead of

You can just do

The toughest part here is that tab completion doesn’t always work, so it’s helpful to have another terminal with an SSH session running so that you know where to put things.

SSH and SCP Without Passwords

Secure copy is great. You can put it in scripts and have it do backups to remote computers. The problem is that you may not always be around to enter the password. And, let’s be honest, it’s a real big pain to put in your password to a remote computer you obviously have access to all the time.

Well, we can get around using passwords by using key files, technically called PEM files. We can have the computer generate two key files — one public that belongs on the remote server, and one private which is on your computer and needs to be secure — and these will be used instead of a password. Pretty convenient, right?

On your computer, enter the following command:

This will generate the two keys and put them in:

with the names “id_rsa” for your private key, and “id_rsa.pub” for your public key.

After entering the command, you’ll be asked where to save the key. You can hit Enter to use the above-mentioned defaults.

Next, you’ll be asked to enter a passphrase. Hit Enter to leave this blank, then do it again when it asks for confirmation. The next step is to copy the public key file to your remote computer. You can use scp to do this:

The destination for your public key is on the remote server, in the following file:

Subsequent public keys can be appended to this file, much like the

/.ssh/known_hosts file. This means that if you wanted to add another public key for your account on this server, you would copy the contents of the second id_rsa.pub file into a new line on the existing authorized_keys2 file.

Security Considerations

Isn’t this less secure than a password?

In a practical sense, not really. The private key that’s generated is stored on the computer you’re using, and it is never transferred, not even to be verified. This private key ONLY matches with that ONE public key, and the connection needs to be started from the computer that has the private key. RSA is pretty secure and uses a 2048 bit-length by default.

It’s actually pretty similar in theory to using your password. If someone has knows your password, your security goes out of the window. If someone has your private key file, then security is lost to any computer that has the matching pubic key, but they need access to your computer to get it.

Can this be more secure?

You can combine a password with key files. Follow the steps above, but enter a strong passphrase. Now, when you connect over SSH or use SCP, you’ll need the proper private key file as well as the proper passphrase.

Once you enter your passphrase once, you won’t be asked again for it until you close your session. That means that the first time you SSH/SCP, you’ll need to enter your password, but all subsequent actions won’t require it. Once you log out of your computer (not the remote one) or close your terminal window, then you’ll have to enter it again. In this way, you’re not really sacrificing security, but you’re also not harassed for passwords all the time.

Can I reuse the public/private key pair?

This is a really bad idea. If someone finds your password, and you use the same password for all of your accounts, then they now have access to all of those accounts. Similarly, your private key file is also super-secret and important. (For more information, take a look at How To Recover After Your Email Password Is Compromised)

It’s best to create new key pairs for every computer and account you want to link. That way, if one of your private keys get caught somehow, then you’ll only compromise one account on one remote computer.

It’s also really important to note that all of your private keys are stored in the same place: in

/.ssh/ on your computer, you can use TrueCrypt to create a secure, encrypted container, then create symlinks in your

/.ssh/ directory. Depending on what I’m doing, I use this super-paranoid super-secure method to put my mind at ease.

Have you used SCP in any scripts? Do you use key files instead of passwords? Share your own expertise with other readers in the comments!

SSH (Secure Shell) is an encrypted protocol to connect with the remote device. By default, it works on TCP port 22. There are two methods to connect with the remote server using SSH, one is by using password authentication, and another way is to authenticate is by public key. In this tutorial, you will learn how to generate an SSH key and copy files over SSH (SCP) without entering a password in CentOS8.

Generate SSH Key

Before generating the SSH Key. Firstly, verify the SSH is installed or not. To verify, open up the terminal and type the following command.

After verifying the SSH package. Now I am going to generate the SSH key, using the following command.

To tighten up the security, you can mention the encryption algorithm according to your need, as shown below.

After entering the above command, the following output should appear.

To save the file in a suggested directory press enter.

Next, it will prompt you to enter the passphrase, leave it empty, and press enter. The following output should appear.

The SSH key is successfully generated. You can verify it by using the following command to view your SSH key.

This command will print your SSH key.

Copy the SSH to the remote side, use the following command.

Repeat all of the above processes on the remote side if you want two-way communication.

Copy file without Password:

To copy the file on the remote side using the following command.

It will copy your text file to the remote server, for verification go to the remote side and verify that your file has been copied.

SSH Configuration

Sometimes you need to require to configure the SSH at the remote side for authentication. In this case, enable the SSH authentication key, for this open up the /etc/ssh/sshd_config, and enable or add the following lines.

Save the configuration file and restart the service using the following command.

Conclusion

In this tutorial, we learned how to generate the SSH authentication key in CentOS8 and copy the file over the SSH without entering the password. I hope this tutorial will help you to understand SSH key generation and copy the file at the remote end.

• ← Getting the most out of Linux Bash history command
• How to Speed Up Package Downloads and Updates with apt-fast on Ubuntu 20.04 →

Karim Buzdar

About the Author: Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications. As an IT engineer and technical author, he writes for various web sites. You can reach Karim on LinkedIn

SSH (Secure Shell) is an encrypted protocol to connect with the remote device. By default, it works on TCP port 22. There are two methods to connect with the remote server using SSH, one is by using password authentication, and another way is to authenticate is by public key. In this tutorial, you will learn how to generate an SSH key and copy files over SSH (SCP) without entering a password in CentOS8.

Generate SSH Key

Before generating the SSH Key. Firstly, verify the SSH is installed or not. To verify, open up the terminal and type the following command.

After verifying the SSH package. Now I am going to generate the SSH key, using the following command.

To tighten up the security, you can mention the encryption algorithm according to your need, as shown below.

After entering the above command, the following output should appear.

To save the file in a suggested directory press enter.

Next, it will prompt you to enter the passphrase, leave it empty, and press enter. The following output should appear.

The SSH key is successfully generated. You can verify it by using the following command to view your SSH key.

This command will print your SSH key.

Copy the SSH to the remote side, use the following command.

Repeat all of the above processes on the remote side if you want two-way communication.

Copy file without Password:

To copy the file on the remote side using the following command.

It will copy your text file to the remote server, for verification go to the remote side and verify that your file has been copied.

SSH Configuration

Sometimes you need to require to configure the SSH at the remote side for authentication. In this case, enable the SSH authentication key, for this open up the /etc/ssh/sshd_config, and enable or add the following lines.

Save the configuration file and restart the service using the following command.

Conclusion

In this tutorial, we learned how to generate the SSH authentication key in CentOS8 and copy the file over the SSH without entering the password. I hope this tutorial will help you to understand SSH key generation and copy the file at the remote end.

SSH is a lifesaver when you need to remotely manage a computer, but did you know you can also upload and download files, too? Using SSH keys, you can skip having to enter passwords and use this for scripts!

This process works on Linux and Mac OS, provided that they’re properly configured for SSH access. If you’re using Windows, you can use Cygwin to get Linux-like functionality, and with a little tweaking, SSH will run as well.

Copying Files Over SSH

Secure copy is a really useful command, and it’s really easy to use. The basic format of the command is as follows:

scp [options] original_file destination_file

The biggest kicker is how to format the remote part. When you address a remote file, you need to do it in the following manner:

The server can be a URL or an IP address. This is followed by a colon, then the path to the file or folder in question. Let’s look at an example.

scp –P 40050 Desktop/url.txt [email protected]:

This command features the [-P] flag (note that it’s a capital P). This allows me to specify a port number instead of the default 22. This is necessary for me because of the way I’ve configured my system.

Next, my original file is “url.txt” which is inside of a directory called “Desktop”. The destination file is in “

/Desktop/url.txt” which is the same as “/user/yatri/Desktop/url.txt”. This command is being run by the user “yatri” on the remote computer “192.168.1.50”.

What If you need to do the opposite? You can copy files from a remote server similarly.

Here, I’ve copied a file from the remote computer’s “

/Desktop/” folder to my computer’s “Desktop” folder.

To copy whole directories, you’ll need to use the [-r] flag (note that it’s a lowercase r).

You can also combine flags. Instead of

You can just do

The toughest part here is that tab completion doesn’t always work, so it’s helpful to have another terminal with an SSH session running so that you know where to put things.

SSH and SCP Without Passwords

Secure copy is great. You can put it in scripts and have it do backups to remote computers. The problem is that you may not always be around to enter the password. And, let’s be honest, it’s a real big pain to put in your password to a remote computer you obviously have access to all the time.

Well, we can get around using passwords by using key files. We can have the computer generate two key files – one public that belongs on the remote server, and one private which is on your computer and needs to be secure – and these will be used instead of a password. Pretty convenient, right?

On your computer, enter the following command:

This will generate the two keys and put them in:

with the names “id_rsa” for your private key, and “id_rsa.pub” for your public key.

After entering the command, you’ll be asked where to save the key. You can hit Enter to use the above-mentioned defaults.

Next, you’ll be asked to enter a passphrase. Hit Enter to leave this blank, then do it again when it asks for confirmation. The next step is to copy the public key file to your remote computer. You can use scp to do this:

The destination for your public key is on the remote server, in the following file:

Subsequent public keys can be appended to this file, much like the

/.ssh/known_hosts file. This means that if you wanted to add another public key for your account on this server, you would copy the contents of the second id_rsa.pub file into a new line on the existing authorized_keys2 file.

Security Considerations

Isn’t this less secure than a password?

In a practical sense, not really. The private key that’s generated is stored on the computer you’re using, and it is never transferred, not even to be verified. This private key ONLY matches with that ONE public key, and the connection needs to be started from the computer that has the private key. RSA is pretty secure and uses a 2048 bit-length by default.

It’s actually pretty similar in theory to using your password. If someone has knows your password, your security goes out of the window. If someone has your private key file, then security is lost to any computer that has the matching pubic key, but they need access to your computer to get it.

Can this be more secure?

You can combine a password with key files. Follow the steps above, but enter a strong passphrase. Now, when you connect over SSH or use SCP, you’ll need the proper private key file as well as the proper passphrase.

Once you enter your passphrase once, you won’t be asked again for it until you close your session. That means that the first time you SSH/SCP, you’ll need to enter your password, but all subsequent actions won’t require it. Once you log out of your computer (not the remote one) or close your terminal window, then you’ll have to enter it again. In this way, you’re not really sacrificing security, but you’re also not harassed for passwords all the time.

Can I reuse the public/private key pair?

This is a really bad idea. If someone finds your password, and you use the same password for all of your accounts, then they now have access to all of those accounts. Similarly, your private key file is also super-secret and important. (For more information, take a look at How To Recover After Your Email Password Is Compromised)

It’s best to create new key pairs for every computer and account you want to link. That way, if one of your private keys get caught somehow, then you’ll only compromise one account on one remote computer.

It’s also really important to note that all of your private keys are stored in the same place: in

/.ssh/ on your computer, you can use TrueCrypt to create a secure, encrypted container, then create symlinks in your

/.ssh/ directory. Depending on what I’m doing, I use this super-paranoid super-secure method to put my mind at ease.

Have you used SCP in any scripts? Do you use key files instead of passwords? Share your own expertise with other readers in the comments!

Home » SysAdmin » How to Set Up Passwordless SSH Login

SSH (Secure Shell) allows secure remote connections between two systems. With this cryptographic protocol, you can manage machines, copy, or move files on a remote server via encrypted channels.

There are two ways to login onto a remote system over SSH – using password authentication or public key authentication (passwordless SSH login).

In this tutorial, you will find out how to set up and enable passwordless SSH login.

• Access to command line/terminal window
• User with sudo or root privileges
• A local server and a remote server
• SSH access to a remote server via command line/terminal window

Before You Start: Check for Existing SSH Keys

You may already have an SSH key pair generated on your machine. To see whether you have SSH keys on the system, run the command:

If the output tells you there are no such files, move on to the next step, which shows you how to generate SSH keys.

In case you do have them, you can use the existing keys, back them up and create a new pair or overwrite it.

Step 1: Generate SSH Key Pair

1. The first thing you need to do is generate an SSH key pair on the machine you are currently working on.

In this example, we generate a 4096-bit key pair. We also add an email address, however this is optional. The command is:

2. Next, type in the location where you want to store the keys or hit Enter to accept the default path.

3. It also asks you to set a passphrase. Although this makes the connection even more secure, it may interrupt when setting up automated processes. Therefore, you can type in a passphrase or just press Enter to skip this step.

4. The output then tells you where it stored the identification and public key and gives you the key fingerprint.

5. Verify you have successfully created the SSH key pair by running the command:

You should see the path of the identification key and the public key, as in the image below:

Step 2: Upload Public Key to Remote Server

You can upload the public SSH key to a remote server with the ssh-copy-id command or the cat command. Below you can find both options.

Option 1: Upload Public Key Using the ssh-copy-id Command

To enable passwordless access, you need to upload a copy of the public key to the remote server.

1. Connect to the remote server and use the ssh-copy-id command:

2. The public key is then automatically copied into the .ssh/authorized_keys file.

Option 2: Upload Public Key Using the cat Command

Another way to copy the public key to the server is by using the cat command.

1. Start by connecting to the server and creating a .ssh directory on it.

2. Then, type in the password for the remote user.

3. Now you can upload the public key from the local machine to the remote server. The command also specifies that the key will be stored under the name authorized_keys in the newly created .ssh directory:

Step 3: Log in to Server Without Password

With the SSH key pair generated and the public key uploaded to the remote server, you should now be able to connect to your dedicated server without providing a password.

Check whether the setup works by running the command:

The system should directly log you in to the remote server, no password required.

Note: Once you verify that you can SHH into the remote serve without a password, consider disabling SSH password authentication altogether. It will add another layer of security and secure your server from brute force attacks.

Optional: Troubleshooting Remote Server File Permissions

File permissions on the remote server may cause issues with passwordless SSH login. This is a common issue with older versions of SSH.

If you are still prompted for a password after going through all the steps, start by editing file permissions on the remote server.

• Set permissions 700 for the .ssh directory.
• Set permissions 640 for the .ssh/authorized_keys directory.

Edit file permissions with the following command:

Enter your password when prompted. There will be no output if the action was successful. The issue should be resolved now.

If you want to automate updates and other tasks, or seamlessly SSH into a remote server, you should enable passwordless SSH login.

The instructions outlined in this article should have helped you to do so.

In this article, we will explain how to set up SSH without passwords in a Linux operating system. We will be using the command line Terminal application for this purpose. To open the command line Terminal, use the keyboard shortcut.

We have explained the procedure mentioned in this article on the Ubuntu 20.04 system. More or less the same procedure can be followed in Debian and previous Ubuntu versions.

Follow the steps below to set up SSH without passwords on your Linux system.

Generate A New SSH Key Pair on Local Machine

The first step will be to generate a new SSH key on your local system. To do this, issue the following command in Terminal:

Press Enter to accept all fields as defaults.

The above command will create the keypair, i.e., the public key and the private key. The private key is kept on the system, while the public key is shared. These keys are stored in the .ssh folder.

You can view the keypair generated by entering the following command:

Copy Public Key to Remote Machine

In this next step, copy the public key to the remote system that you want to access from your local system without passwords. We will use the ssh-copy-id command that is by default available in most Linux distributions. This command will copy the public key id_rsa.pub to the .ssh/authorized_keys file in the remote system.

The syntax for ssh-copy-id is as follows:

In our example, the command would be:

On the remote system, you can verify the transfer of the public key by viewing the authorized_keys file.

Set the permission on the authorized_keys file on the remote system to 600. Use the following command to do so:

Set the permission on the .ssh directory on the remote system to 700. Use the following command to do so:

Add Private Key to SSH Authentication Agent on Local Server

In our local machine, we will add the private key to the SSH authentication agent. This will allow us to log into the remote server without having to enter a password every time.

Here is the command to do so:

Login to Remote Server Using SSH Keys

After performing the above steps, try logging into your remote sever. This time, you will be able to log into your remote server without entering a password.

That is all you need to set up SSH login without passwords in a Ubuntu 20.04 system. Remember, you can share the public key with anyone, but never share your private key. Anyone with the private key will be able to log into any system having the matching public key.

About the author

Karim Buzdar

Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications. As an IT engineer and technical author, he writes for various web sites. He blogs at LinuxWays.

The ssh-copy-id command is a simple tool that allows you to install an SSH key on a remote server’s authorized keys. This command facilitates SSH key login, which removes the need for a password for each login, thus ensuring a password-less, automatic login process. The ssh-copy-id command is part of OpenSSH, a tool for performing remote system administrations using encrypted SSH connections.

This article shows you how to use the ssh-copy-id tool to make your SSH logins more seamless and secure.

How to Install the ssh-copy-id Command

The ssh-copy-id tool, part of the OpenSSH package, is available in all major Linux distribution repositories, and you can use your package manager to install this command.

To install the ssh-copy-id tool on Debian, use the following command:

Once you have OpenSSH installed, you can use the ssh-copy-id tool in the command-line.

Usage: / usr / bin / ssh-copy-id [ -h | -? | -f | -n ] [ -i [ identity_file ] ] [ -p port ] [ [ -o ssh -o options > ] . ] [ user @ ] hostname -f: force mode — copy keys without trying to check if they are already installed -n: dry run — no keys are actually copied -h | -?: print this help

Using ssh-copy-id is simple because the script makes the public key authentication process easier and more efficient. Before we dive into how to use the tool, we will first discuss how SSH public key authentication works.

NOTE: If you already know how SSH public key authentication works, feel free to skip this part and dive deeper into how to use the ssh-copy-id command immediately.

SSH Public Key Authentication

Public SSH key authentication is an SSH authentication method that allows users to use cryptographically generated keys to log into remote servers.

SSH keys are more secure than raw passwords and provide a much more efficient way of logging into SSH. SSH keys are automated, and once authorized, do not require a password at each login.

To use an SSH key, we will begin by generating a key.

How to Generate an SSH Key

To generate an SSH key, use the ssh-keygen tool that comes as a part of OpenSSH. This tool generates public and private key files stored in the

/.ssh directory, as shown below.

Generating public / private rsa key pair.
Enter file in which to save the key ( / root / .ssh / id_rsa ) :
Created directory ‘/root/.ssh’ .
Enter passphrase ( empty for no passphrase ) :
Enter same passphrase again:
Your identification has been saved in / root / .ssh / id_rsa.
Your public key has been saved in / root / .ssh / id_rsa.pub.
The key fingerprint is:
SHA256:ddVOQhS6CGt8Vnertz9aiSnvOUKmSpPrZ+gI24DptsA root @ user The key ‘s randomart image is:
+—[RSA 2048]—-+
| o=o |
| o. o|
| . . + .+.|
| . + + o .o|
| S + . . |
|. o ..o o + .|
|.E o +. +. + + |
|o. = o.o+ .o.+..|
|.o.. oo=+ o=o.+|
+—-[SHA256]—–+

How to Copy SSH Key Using SSH-copy-id

Once we have generated an SSH key, we can manually add the SSH key to the remote machine authorized_keys file or use the ssh-copy-id command.

We will use the ssh-copy-id command to make this process easier. Simply call the ssh-copy-id command and pass the path to the public key, as follows:

/ .ssh / id_rsa.pub user @ 77.134.54.101 -p 6576

After inputting the above command, you should obtain the following output:

NOTE: Never copy your private key to another machine.

Once the command has been executed successfully, try logging into the server using the key that you uploaded, as follows:

The above command will require you to enter the passphrase for your public key, as shown in the output below:

The command above should allow you to log in to the remote host without asking for the user’s password. The system may prompt you to enter the passphrase of the key that you set up earlier.

SSH-copy-id Command Options

You can modify how the ssh-copy-id command works by using the provided arguments. To view the help page, use the command ssh-copy-id -h or use the ssh-copy-id command with no arguments.

-i argument: This argument specifies the identity file to be used, i.e., copied to the specified remote host. If you fail to specify the -i argument, all the files in the

/.ssh directory with the matching pattern *.pub will be added.

Conclusion

This guide showed you how to use the ssh-copy-id command to install SSH keys on remote hosts. Though this can be a simple and efficient method to install keys, misconfigured keys may result in security issues or getting locked out of the system. Therefore, be extremely careful as you experiment with this process.

About the author

John Otieno

My name is John and am a fellow geek like you. I am passionate about all things computers from Hardware, Operating systems to Programming. My dream is to share my knowledge with the world and help out fellow geeks. Follow my content by subscribing to LinuxHint mailing list

As a system administrator, you plan on using OpenSSH for Linux and automate your daily tasks such as transferring files or database dump file for the backup to another server. To achieve this goal, you need to log in automatically from the host A to host B. Login automatically mean you do not want to enter any password because you want to use ssh from a shell script.

In this article we’ll show you how to Setup SSH Login without Password on CentOS / RHEL. After automatic login has been configured, you can use it to move the file using SSH (Secure Shell) and secure copy (SCP).

SSH is open source and the most trusted network protocol which is used to login to the remote server. It is used by system administrators to execute commands, also used to transfer files from one computer to another over a network using SCP protocol.

After you setup SSH login without password, you can get the following advantages :

a) Automate your daily task via scripts.
b) If you login to your linux server using ssh key instead of normal loging using any user, it will enhance security of your linux server. This is one of the recommended method to prevent a brute force attack on virtual private server (VPS), SSH keys are nearly impossible to decipher by brute force alone.

What is ssh-keygen

ssh-keygen is a Unix utility that is used to generate, create, manage the public and private keys for ssh authentication. With the help of the ssh-keygen tool, a user can create passphrase keys for both SSH protocol version 1 and version 2. ssh-keygen creates RSA keys for SSH protocol version 1 and RSA or DSA keys for use by SSH protocol version 2.

What is ssh-copy-id

ssh-copy-id is a script that copies the local-host’s public key to the remote-host’s authorized_keys file. ssh-copy-id also append the indicated identity file to that machine’s

/.ssh/authorized_keys file and assigns proper permission to the remote-host’s home.

SSH keys

SSH keys provide better and secure way of logging into a linux server with SSH. After you run ssh-keygen, you will generate public key and private key. You can place the public key on any server, and then unlock it by connecting to it with a client that already has the private key. When the two match up, the system unlocks without the need for a password.

Setup SSH Login Without Password on CentOS and RHEL.

This steps tested on CentOS 5/6/7, RHEL 5/6/7 and Oracle Linux 6/7.

Node1 : 192.168.0.9
Node2 : 192.168.0.10

Step One :
Test the connection and access from node1 to node2 :

Step Two :
Generate public and private keys using ssh-key-gen. Please take note that you can increase security by protecting the private key with a passphrase.

Step Three :
Copy or transfer the public key to remote-host using ssh-copy-id command. It will append the indicated identity file to

/.ssh/authorized_keys on node2 :

Step Four :
Try SSH login without Password to node2 :

I hope this article gives you some ideas and quick guide on how to setup SSH login without password on Linux CentOS / RHEL.

We stand with our friends and colleagues in Ukraine. To support Ukraine in their time of need visit this page.

How to download a file via SSH

• Linux and OS X systems
• Windows 10
• Windows OS (before Windows 10)

OpenSSH SSH/SecSH protocol suite (which comes pre-installed with OS X and available for download for most other *nix systems) includes the scp (secure copy) application which can be used to upload and download files from and to remote hosts.

Here are few examples of how to use it for:

1. Uploading a file from a local computer to a remote one:
scp /path/to/local/file [email protected]:/path/to/remote/file

This command can be used to upload a specific file to your account on the server:

scp -P 21098 /home/localuser/site/example.html [email protected]:/home/cpanel_user/public_html

Or this one, if the entire directory should be uploaded:

scp -P 21098 -r /home/localuser/site/ [email protected]:/home/cpanel_user/public_html

2. Downloading a file from a remote system to your computer:

scp [email protected]:/path/to/remote/file /path/to/local/file

This particular example can be used to download an error_log from public_html of a hosting account to your local computer:

scp -P 21098 [email protected]:/home/cpanel_user/public_html/error_log /home/localuser/logs/

NOTE: When one of the commands above is used, you will be asked to insert the password into your cPanel account (when you enter the password, it is automatically hidden for the security purposes).

1. Uploading a file from a local computer to a remote one:
scp /path/to/local/file [email protected]:/path/to/remote/file

This command can be used to upload a specific file to your account on the server:

2. Downloading a file from a remote system to your computer:

scp [email protected]:/path/to/remote/file /path/to/local/file

This particular example can be used to download an error_log from public_html of a hosting account to your local computer:

You can use PowerShell on other Windows versions as well following the next workarounds:

To use native Windows command line utilities, select the Start button > click on the Run… option. In the command line type in powershell and press Enter:

Here is an example of the command for downloading the file from the server to your computer:

Invoke-WebRequest -UseBasicParsing -OutFile local.zip

should be replaced with the URL to the file in question
local.zip should be replaced with the name you would like the downloaded file to be stored with. You may also specify a full path there. By default, it will be downloaded to C:\Users\your-windows-username directory:

The Invoke-WebRequest uses the HTTP protocol instead of SSH one. Its sole resemblance to scp is that the command line interface is being used as well.

This method has its disadvantages. First of all, the connection is not encrypted unless you have an SSL certificate and a specified https:// protocol in your URL. The file should be publicly accessible, which is not acceptable in some cases. Also, the file contents are stored in memory before being recorded to the disk, making this approach unsuitable for downloading large files.

2. Another workaround includes installing the Cygwin command line interface for Windows, which features the scp command. In order to use it, do the following:

• Download the cygwin installation file from here
• Install cygwin on your computer (do not forget to include openssh from the net bundle during installation process)
• Once installed, you will be able to run the scp command from the first part of the article using the Windows command line terminal (accessible via the Start button >Run… option > In the command line, type in cmd and press Enter).

We don’t allow questions about general computing hardware and software on Stack Overflow. You can edit the question so it’s on-topic for Stack Overflow.

Closed 6 years ago .

I am having trouble copying files from a remote server using SSH. Using PuTTY I log in to the server using SSH. Once I find the file I would like to copy over to my computer, I use the command:

It looks like it was successful, but it only ends up creating a new folder labeled ‘localdir’ in the remote directory /dir/of/ .

How can I copy the file to my local computer over SSH?

5 Answers 5

It depends on what your local OS is.

If your local OS is Unix-like, then try:

If your local OS is Windows ,then you should use pscp.exe utility. For example, below command will download file.txt from remote to D: disk of local machine.

It seems your Local OS is Unix, so try the former one.

For those who don’t know what pscp.exe is and don’t know where it is, you can always go to putty official website to download it. And then open a CMD prompt, go to the pscp.exe directory where you put it. Then execute the command as provided above

if you are using Windows OS above Windows 10, then you can use scp directly from its terminal, just like how Unix-like OS does. Thanks to @gijswijs @jaunt @icanfathom

Consequently, does Sftp require a password?

Basic authentication requires a user ID and password from the SFTP client user to connect to the SFTP server. SSH authentication uses SSH keys to authenticate SFTP connections instead of, or in combination with, a user ID and password. An SSH public key and private key pair are required in this case.

Secondly, how do I move files from one UNIX server to another without password? How to use the Linux ‘scp’ command without a password to make remote backups

1. Step 1: Generate a public and private key pair.
2. Step 2: Copy your public key to your remote servers.
3. Step 3: Test your ssh login.
4. Step 4: Install your backup scripts on the remote servers.
5. Step 5: Run your backup scripts with ssh.

Also asked, how do I connect to SFTP?

1. Open FileZilla.
2. Enter the address of the server in the field Host, located in the Quickconnect bar.
3. Enter your username.
4. Enter your password.
5. Enter the port number.
6. Click on Quickconnect or press Enter to connect to the server.
7. Click OK when you get a warning about an unknown host key.

How do I generate an SFTP Key?

To generate an SSH key pair on a Macintosh or Linux machine:

1. Open a terminal window.
2. Enter this command line: ssh-keygen -t rsa.
3. Select the default values for all options. This command generates two SSH key files, id_rsa and id_rsa.
4. Send the public key file id_rsa. pub to your partner representative.

Connecting to the server via SSH is one of the primary means for managing *nix servers. Quite often, it is necessary to upload a file to a remote server or unload it, but there are no other means other than SSH connection. Fortunately, one of the regular functions of this Protocol is to copy files via a secure connection. You can implement it using a scp command on Linux systems, or using pscp.exe, which is part of the Putty SSH client on the Windows operating system.

Using the Linux OS

Execute the following commands:

scp [modifier] [source] [target_directory]

If a remote server serves as the source or target directory, execute the following commands:

After running the command, you need to enter the password for the remote server account.

To sum up, you can copy the local file named: /home/user/file.tgz to the root user home directory of the remote server 123.123.123.123 executing the following command:

scp /home/user/file.tgz [email protected]:/root

To download the same file from a remote server:

scp [email protected]:/root/file.tgz /home/user

You can copy several files at once. To do this, you must add them as the source. Separate them by a space – the last parameter will be considered as the target directory. For example, to upload file1 files.tgz and file2.tgz from the local directory to the remote server you have to execute the command:

scp file1.tgz file2.tgz [email protected]:/root

To copy the directory, you will need to use the –r command modifier. Copy the local directory /home/user/dir to the remote server:

scp-r /home/user/dir [email protected]:/root

When the SSH server is running on a non-default port, we need to get the help of the -P option. If you need to use port 10022:

scp-P 10022 /home/user/file.tgz [email protected]:/root

To find out what other modifiers you can use, simply execute scp without parameters and read the help.

Using the Windows OS

When using the Windows operating system and Putty as a client, the command formatting remains the same. However, we will change the name of the executable file. We need to use a syntax for specifying paths to Windows files and directories when mentioning the source or target directories. Run the command line (cmd.exe) or PowerShell, open the directory with the pscp .exe file and enter the command:

pscp.exe C: Tempfile.tgz [email protected]:/root

If you run it from another folder, you will need to specify the full path to pscp.exe. If any of the paths contain spaces, we need to use double quotes — “file path”:

“C:Program FilesPuttypscp.exe” C:Tempfile.tgz [email protected]:/root

Simply execute pscp (similarly to scp) without parameters and read the help on the modifiers as well as the command syntax information.

Running commands on a remote server using the SSH connection

SSH protocol supports both running interactive sessions and regular commands and scripts on a remote server.

Using the Linux OS

ssh [user]@[server] ‘[command]’

Enter the password of the specified user and get the command output in the SSH console, if any.

For example, we can find information about the operating system installed on the remote server:

ssh [email protected] ‘uname -a’

To run multiple commands using a single connection, you can use the “;” character as a separator. Check the network settings and active network connections on the remote server:

ssh [email protected] ‘ifconfig; netstat -anp tcp’

If you need to run a local script file on a remote server: run the command interpreter (in the script execution mode). It can be bash with the-s key and pass the script file to it for the standard input. Take a look at the example below:

ssh [email protected] ‘bash -s’

The local file: /home/user/myscript.sh will be executed on a remote server.

Running the SSH command without parameters allows you to see a brief syntax reference and a list of additional modifiers that allow you to extend the command’s functionality.

Using the Windows OS

To connect to the remote server, we will use the Putty client with its executable plink.exe. File, if our computer supports Windows. Use the command line (cmd.exe) or PowerShell to work with this file.

To run the command on a remote server, use the following syntax:

plink.exe [server] – ssh-l [user] “[command]”

Check the network interfaces configuration:

plink.exe 123.123.123.123 -ssh-l root “ifconfig”

plink.exe allows you to use “;” as a separator to run multiple commands, likewise the SSH command in Linux:

plink.exe 123.123.123.123 -ssh-l root “ifconfig; netstat-anp tcp”

You can run commands from a local file using an additional key -m:

Overview

PowerShell remoting normally uses WinRM for connection negotiation and data transport. SSH is now available for Linux and Windows platforms and allows true multiplatform PowerShell remoting.

WinRM provides a robust hosting model for PowerShell remote sessions. SSH-based remoting doesn’t currently support remote endpoint configuration and Just Enough Administration (JEA).

SSH remoting lets you do basic PowerShell session remoting between Windows and Linux computers. SSH remoting creates a PowerShell host process on the target computer as an SSH subsystem. Eventually we’ll implement a general hosting model, similar to WinRM, to support endpoint configuration and JEA.

The New-PSSession , Enter-PSSession , and Invoke-Command cmdlets now have a new parameter set to support this new remoting connection.

To create a remote session, you specify the target computer with the HostName parameter and provide the user name with UserName. When running the cmdlets interactively, you’re prompted for a password. You can also use SSH key authentication using a private key file with the KeyFilePath parameter. Creating keys for SSH authentication varies by platform.

General setup information

PowerShell 6 or higher, and SSH must be installed on all computers. Install both the SSH client ( ssh.exe ) and server ( sshd.exe ) so that you can remote to and from the computers. OpenSSH for Windows is now available in Windows 10 build 1809 and Windows Server 2019. For more information, see Manage Windows with OpenSSH. For Linux, install SSH, including sshd server, that’s appropriate for your platform. You also need to install PowerShell from GitHub to get the SSH remoting feature. The SSH server must be configured to create an SSH subsystem to host a PowerShell process on the remote computer. And, you must enable password or key-based authentication.

Install the SSH service on a Windows computer

Install the latest version of PowerShell. For more information, see Installing PowerShell on Windows.

You can confirm that PowerShell has SSH remoting support by listing the New-PSSession parameter sets. You’ll notice there are parameter set names that begin with SSH. Those parameter sets include SSH parameters.

Install the latest Win32 OpenSSH. For installation instructions, see Getting started with OpenSSH.

If you want to set PowerShell as the default shell for OpenSSH, see Configuring Windows for OpenSSH.

Edit the sshd_config file located at $env:ProgramData\ssh .

Make sure password authentication is enabled:

Create the SSH subsystem that hosts a PowerShell process on the remote computer:

The default location of the PowerShell executable is c:/progra

1/powershell/7/pwsh.exe . The location can vary depending on how you installed PowerShell.

You must use the 8.3 short name for any file paths that contain spaces. There’s a bug in OpenSSH for Windows that prevents spaces from working in subsystem executable paths. For more information, see this GitHub issue.

The 8.3 short name for the Program Files folder in Windows is usually Progra

1 . However, you can use the following command to make sure:

Optionally, enable key authentication:

Restart the sshd service.

Add the path where OpenSSH is installed to your Path environment variable. For example, C:\Program Files\OpenSSH\ . This entry allows for the ssh.exe to be found.

Install the SSH service on an Ubuntu Linux computer

Install the latest version of PowerShell, see Installing PowerShell on Ubuntu.

Edit the sshd_config file at location /etc/ssh .

Make sure password authentication is enabled:

Optionally, enable key authentication:

For more information about creating SSH keys on Ubuntu, see the manpage for ssh-keygen.

Add a PowerShell subsystem entry:

The default location of the PowerShell executable is /usr/bin/pwsh . The location can vary depending on how you installed PowerShell.

Restart the ssh service.

Install the SSH service on a macOS computer

Install the latest version of PowerShell. For more information, Installing PowerShell on macOS.

Make sure SSH Remoting is enabled by following these steps:

1. Open System Preferences .
2. Click on Sharing .
3. Check Remote Login to set Remote Login: On .
4. Allow access to the appropriate users.

Edit the sshd_config file at location /private/etc/ssh/sshd_config .

Use a text editor such as nano:

Make sure password authentication is enabled:

Add a PowerShell subsystem entry:

The default location of the PowerShell executable is /usr/local/bin/pwsh . The location can vary depending on how you installed PowerShell.

Optionally, enable key authentication:

Restart the sshd service.

Authentication

PowerShell remoting over SSH relies on the authentication exchange between the SSH client and SSH service and doesn’t implement any authentication schemes itself. The result is that any configured authentication schemes including multi-factor authentication are handled by SSH and independent of PowerShell. For example, you can configure the SSH service to require public key authentication and a one-time password for added security. Configuration of multi-factor authentication is outside the scope of this documentation. Refer to documentation for SSH on how to correctly configure multi-factor authentication and validate it works outside of PowerShell before attempting to use it with PowerShell remoting.

Users retain the same privileges in remote sessions. Meaning, Administrators have access to an elevated shell, and normal users will not.

PowerShell remoting example

The easiest way to test remoting is to try it on a single computer. In this example, we create a remote session back to the same Linux computer. We’re using PowerShell cmdlets interactively so we see prompts from SSH asking to verify the host computer and prompting for a password. You can do the same thing on a Windows computer to ensure remoting is working. Then, remote between computers by changing the host name.

Limitations

The sudo command doesn’t work in a remote session to a Linux computer.

PSRemoting over SSH does not support Profiles and does not have access to $PROFILE . Once in a session, you can load a profile by dot sourcing the profile with the full filepath. This is not related to SSH profiles. You can configure the SSH server to use PowerShell as the default shell and to load a profile through SSH. See the SSH documentation for more information.

Prior to PowerShell 7.1, remoting over SSH did not support second-hop remote sessions. This capability was limited to sessions using WinRM. PowerShell 7.1 allows Enter-PSSession and Enter-PSHostProcess to work from within any interactive remote session.

For those having Ubuntu or other Linux server (e.g., Debian, CentOS and Fedora) remotely, here’s how to login without password using SSH key authentication.

Compare to user password login, SSH key authentication is more secure because only the person who has the key allows to connect, and the keys are well encrypted by different algorithms. It also make SSH connection simple by login without password.

1. Enable SSH Service (Do it in server side):

In case you don’t have enabled the SSH service in remote server. You need to first connect to the server, and run command to install openssh:

For CentOS and Fedora server, use sudo dnf install openssh-server command instead.

After installation, enable and start the service via command:

And finally verify the SSH service status by running command:

If you see the service is active and running, you may start connecting the server via SSH remotely using the command below in local computer:

Replace user and server_ip. And use -p port_number to specify the port number if it’s not the default 22.

2. Enable SSH Key Authentication (Run commands in local PC):

The authentication keys are generated in local computers. They are usually consists of private key and public key. By uploading the public key into remote Linux server, you’ll be able to SSH login using the private key in local machine.

NOTE: this tutorial is tested on Ubuntu local computer, though it should work on most Linux, including Debian, Fedora, CentOS, and Arch Linux.

1. Install OpenSSH Client:

The OpenSSH client is installed out-of-the-box mostly. In case you don’t have it, run this command in local computer to install it:

For CentOS and Fedora, use sudo dnf install openssh openssh-clients instead.

2. Generate SSH Key Pair:

The ssh-keygen command allows to generate a SSH key pair via RSA, ECDSA, and ED25519 algorithms. While RSA is widely used and best supported, ED25519 offers better security and good performance.

a.) Firstly, create and navigate to the .ssh directory in local computer terminal window:

b.) Next, run command to generate a key pair:

In the code, you may replace “ed25519” with your prefer encryption algorithm. And “-f linode_ed25519” specifies the key name, “-C “ [email protected] ”” is the optional comment.

c.) For security reason, it’s highly recommended to set none permission (even not readable) for other users except for yourself:

Change “linode_ed25519” to the key name you set in last step. And there’s an asterisk “*” in the end so it also applies to the “linode_ed25519.pub” file.

3. Upload the public key to host server (Do in local PC):

Now upload the public key (“linode_ed25519.pub” in my case) from local computer to remote server, using command:

Don’t remember to add ‘-p number‘ if the listening port is not default 22. And you need to type remote user password for uploading the key.

After that, try SSH login again in local computer will ask for the key password you set in b.):

If you select Cancel, it will instead ask for user password authentication.

4. Enable No Password SSH Key Login (Do in local PC):

You can tick ‘Automatically unlock this key whenever I’m logged in‘ and type the password only for one time in the last screenshot. However, some desktop environments may not provide this friendly feature. So ‘ssh-agent’, OpenSSH authentication agent, is present to do the job for your.

Firstly run ‘ssh-agent’ via shell command:

Next, add the SSH key to the agent:

After that, SSH command will login without typing the authentication key password.

5. Disable SSH user password login (Do in server side):

After successfully setup the key authentication, you may disable the user password login, so no one else can access the server!

Firstly, connect to the remote server and run command to edit the ssh daemon config file:

Next, un-comment the “#PasswordAuthentication yes” line and set its value to no, so it will be:

PasswordAuthentication no

And then press Ctrl+X, type y and hit Enter to save the file.

I program with eclipse and sometimes use GUI text editors like SciTE or vim. However, I’m at a point in a project that requires me to edit files over a ssh connection in a 80 column SSH window.

Since I have to (* shiver*) sudo vim before I can open the file I’m not sure how to open the file in an editor outside the terminal (that would allow me to see the text wider than 80 columns). If the command line was larger then I guess using straight vim wouldn’t be a problem.

I’m at a loss of how to deal with this situation and how I could turn this nightmare into a manageable coding environment.

16 Answers 16

Maybe you should simply mount the remote filesystem to your local machine and then use whatever editor you like. If running a Debian derivative, install sshfs

and then mount the remote filesystem ( issue on your local machine )

Once this is done you can access the code in

/remote_code w/ any of your GUI tools and without the bandwidth overhead of using ssh -X (however you still need a good connection w/ a low ping time).

PS: When using ssh I can make the terminal as wide as it fits my screen and then use its full width, so I fear I don’t completely understand your issue.

WinSCP is a SSH client ftp-like. The default editor is primitive but can be change.

There are various options.

You can make the terminal larger. 😉

If you have a graphical environment installed on the machine you are ssh’ing into, you can login with ssh -X (or xdeep-putty if you are on Windows) to enable window forwarding. You can then run your favourite editor on the remote machine, whose graphical output is forwarded.

Finally, you can mount the ssh connection into your file system, using for example fuse (similar options might exist for non-linux operating systems). That allows you to access any file on the remote machine as if it were in your filesystem, with your favourite editor, locally.

I’m not 100% sure if this works for files owned by root, but if your desktop is KDE & your remote system is Linux (or pretty much any form of *nix), you can get konqueror to access the remote machine using the “fish://” protocol. From there you can open the file from konqueror using kate, or your preferred editor, and konqueror will take care of copying the file to your local machine and copying it back when you save.

Failing which the X11 forward is a good option, but X11 over ssh to remote sites can be slow. “ssh -X -C” compresses the data stream and can give better performance.

Notepad ++ has a plugin for editing files remotely over ssh. I’ve used it before, but I definitely prefer Kate on KDE using the fish protocol.

Forward your X11 session to your terminal.

This probably belongs on superuser.com.

You might try the Komodo editor. It has a feature to load a ‘remote file’ over ssh. It’s really convenient.

Emacs and ange-ftp.

If you’re on Ubuntu, go to Nautilus (file explorer), connect to server (adding sftp:// to the hostname), then voila! You can easily launch gedit to edit your files now.

On Windows, you can use MobaXterm ( ): it has a built-in SSH client with a very useful “SFTP browser”.

As soon as you connect to your remote server using SSH, you will see your remote files displayed in this graphical SFTP browser. Just double-click on your files and you will be able to edit them directly on your remote server through SFTP.

I use Cyberduck and Sublime Text 2

FileZilla did the trick for me. Notepad++ can be used with it which is awesome.

Since sshfs is not supported in WSL at the moment, the tool that worked for me is sshfs-win.

Installation Steps

1. Go here and click “download winfsp”
2. Install it
3. Go here and download the installer
4. Install it
5. Open windows explorer and right-click “This PC” > “Map Network Drive. “
6. Select a drive letter (B:), type in “\\sshfs\[email protected]” and click Finish
7. Boom, done. Now you can have a B: drive on your computer and just do whatever with those files. Open them with VSCode, delete them, whatever you like

If you using windows, try Editplus. It’s not free but allows you to open files directly over scp. Custom syntax files are coming really handy, too.

Recent versions of ultraedit do exactly what the OP is asking for elegantly (IDM software, v10 and up support SSH iirc). I do most of my coding remotely like that, been using it for years, works great with no intermediate files etc. Obviously it also does FTP etc too if you’re so inclined.

I actually found this page whilst looking for a linux equivalent of ultraedit..

If you are more GUI-oriented and use one of the more newbie-friendly Linux distros like Ubuntu or Mint, this is another option and does not require any more installations.

You should have nemo as your default file manager. It may not be called “Nemo” on the menu, so go under Help > About of your file manager (“Files” app) to see.

In nemo, go to File > Connect to server , enter your remote machine’s details (SSH’s default port is 22), and then open the files just like any file on your local machine, with whatever editor you prefer. You can even close Nemo and continue working in your editor.

From the address bar, it seems to be using the sftp protcol.

Just be aware that if your remote host has an inactivity timeout for the SSH connection, this will also prevent you from saving changes in the editor after the timeout has dropped the connection.

The Tech Magazine

ssh access without password is a time saver and a must for automated scripts to copy files and transfer data across different servers. Setting us password less access can be tricky but you should be able to configure it using examples in this article.

How to configure password less ssh & sftp access in Unix & Linux systems? Follow these simple steps with examples with a basic troubleshooting section at the end. sftp uses underlying ssh access for authentication and after you establish password less ssh access you will have password less sftp access a s well.

This a real life example of configuring password less access for two users . The user ‘web’ in this case needs a secure password less access to another user james in a server ‘devserver’
.

How to do ssh without password & sftp without password

Follow the Steps to configure secure password less access

To begin, Lets check the current ssh & sftp connectivity status for [email protected] from localhost

As expected it prompted for password

1. Generate the public key private key pair

Generate the public key private key pair for the local host as following, Press enter for default file names and no
pass phrase options. The command here generates RSA type keys.
You can run the command ssh-keygen from any directory but the id files will be generated in .ssh dir of user’s home directory.

]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/web/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/web/.ssh/id_rsa.
Your public key has been saved in /home/web/.ssh/id_rsa.pub.
The key fingerprint is:
5e:30:d3:1a:00:c5:0b:29:96:ac:3e:42:20:dc:af:38 [email protected]

2. Change directory to .ssh directory of user .

You will see two files starting with id_rsa. id_rsa is the private key and id_rsa.pub is public key. Check the date time stamp of these files to make sure these are the ones you generated recently.

.ssh[[email protected] .ssh]$ ls -la
total 32
drwx—— 2 web web 4096 Dec 7 22:05 .
drwx—— 34 web web 12288 Dec 7 22:04 ..
-rw——- 1 web web 1675 Dec 7 22:05 id_rsa
-rw-r–r– 1 web web 407 Dec 7 22:05 id_rsa.pub
-rw-r–r– 1 web web 391 Dec 7 22:03 known_hosts

Check the date to be sure of current generated files.

3. Copy the rsa public key to the remote host

Copy the public key file from above example to .ssh of the user home directory and if .ssh directory is not there , create it as in the example below. You need to enter sftp/ssh password as passwordless access is not setup yet..

/.ssh[[email protected] .ssh]$ sftp [email protected]
Connecting to devserver…
[email protected]’s password:
sftp> pwd
Remote working directory: /home/james
sftp> cd .ssh
Couldn’t canonicalise: No such file or directory
sftp> mkdir .ssh
sftp> cd .ssh
sftp> put id_rsa.pub
Uploading id_rsa.pub to /home/james/.ssh/id_rsa.pub
id_rsa.pub 0% 0 0.0KB/s –:– ETAid_rsa.pub 100% 407 0.4KB/s 00:00
sftp>

4. login to the remote host with password

Once file is copied over , login to the remote host using ssh and password and go to .ssh directory under user home directory.

/.ssh[[email protected] .ssh]$ ls -l
total 4
-rw-r–r– 1 james james 407 Dec 7 22:06 id_rsa.pub

5. Rename the public key file, id_rsa.pub, to authorized_keys ;

Rename or append to file corresponding to the ssh protocol version in your system , User ssh -V to find out the ssh version

SSH protocols 1.3 and 1.5 uses file name as authorized_keys
SSH protocol 2.0 uses file name as authorized_keys2

if the authorized_keys file already exists then append the new keys to the existing file using,

cat id_rsa.pub >> authorized_keys .
Don’t use vi or editor to open , append and save these key files as any extra character/newline would corrupt these files.

/.ssh[[email protected] .ssh]$ mv id_rsa.pub authorized_keys

You can see the contents using cat command
[email protected]:

/.ssh[[email protected] .ssh]$ cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArVWhE0L2FXNvmggZgqmGU
LVrcE4X7WQr6scSuU5FCQUsXzYjyOL8FbUIIkBeLLMIrV7mYa+
xuszHcvnAho/42/e4r5by8LVMyh0AAo7nketemkO/2ZiUXZhww7tySxgcI5U5L5PDmTCyF7vxLlJ0rGb7Ky//DtpKrBui5P4gIrKBeiA2TlbEL9UrQZ8HgTU3iSGtfUXH0O
26iLSWi6Tf40hEazvvVYESHPSBjUPIMqUGabtz1kKMDQB5x
C+F2MZ4lUCmgK2NexrhVWOrp7ODS1GlKsjSv6NSxOIVW0je
V00ZW9Fvgz865g+fakBITqYP76ptPIVXEps+91ABRSwggQ== [email protected]

6. Change the key file and directory permissions

ssh is very sensitive to permissions so you have to change the key file and directory permissions exactly as required for it to work.

6a. Change authorized_keys to 600 permissions

/.ssh[[email protected] .ssh]$ ls -ltr
total 8
-rw-r–r– 1 james james 407 Dec 7 22:06 id_rsa.pub
-rw——- 1 james james 407 Dec 7 22:08 authorized_keys

6b. Change .ssh directory to 700 permission

6c. Verify permissions and log out .

]$ logout
Connection to localhost closed.

7. Moment of truth : Try a ssh or sftp

8. Troubleshooting ssh/sftp access

If you are still getting password prompt, The most common problems can be

1. Incorrect permission for .ssh directory and authorized_keys / authorized_keys2 file
2. Corrupt key file, regenerate and copy again.
3. Space,character or line inserted or truncated during appending to existing file. Don’t copy keys manually but do a cat new_keys >> authorized_keys ; For new files copy the file and rename , don’t manually copy paste contents.

19 thoughts on “ ssh Without Password in Few Simple Steps ”

Worked exactly as outlined. Thank you.

Nice and detailed. One quick comment. The above is how I did this for years and years. Then one time I had an issue with it not working. I had two hosts A and B and I wanted to configure them to ssh to each other. It worked one way, but not the other. And I would erase my files and restart from scratch repeatedly thinking a few extra characters got in there somehow and it still wouldn’t work.

Finally I looked it up and there is a linux command “ssh-copy-id” that does the work for you much better than manual copying and that’s what ended up working for me (who said a salty old sysadmin cant’ learn new tricks?). Wrote about it here:

Well to be honest i didn’t even know that i could config ssh without a password and i’ve been using linux for over 3 years (lol). Thanks for taking your time to write about this, and I hope that more articles will come.

In the early days, network engineers and regular Linux/Unix users, used to use telnet to connect to remote or local hosts. The main drawback of telnet is that, on un-secure networks, all communication is sent as clear text – even passwords are sent as clear text!

Secure Shell (ssh) came along in 1995 to close the security hole. It has become the standard for remote host access. In this post, we’ll review how to use it, and more importantly, how to get rid off the password while making ssh more secure and functional.

NOTE: although there are GUI tools for ssh’ing, (e.g. Putty) from now on we’ll be using Command Line Interface (CLI) tools such as the MAC OS Terminal, Windows Bash Shell, or Cygwin. If you are looking to familiarize yourself with the Linux CLI, you might as well purge of as many GUI tools as possible.

Password-based ssh

If you use a terminal (MAC OS Terminal, Windows 10 Bash Shell, Cygwin), the command to connect to a remote host (e.g. 172.31.0.13) is:

In which case, user_name is the user login name of the account you are connecting to, and destination (IP or FQDN) is the host that you are connecting to. You will be prompted to enter a password, and after that, you will connect to the remote Linux host.

The two main drawbacks of using passwords are that you have to remember them and they are insecure against brute force and dictionary attacks. In addition, if you need to write a script that includes accessing remote hosts, then using password authentication makes the script impractical.

Passwordless ssh

Passwordless ssh is based on public key cryptography. It allows you to connect to a remote host without necessarily having to type in a password. Let’s see how this works:

1) Create a private-public kay pair

On your CLI type the command ssh-keygen. and hit ENTER. NOTE: For all the following prompts just hit enter. When asked to enter a passphrase, just hit ENTER (we’ll get back to this later). You will see an output as follows:

From the output, we can see that it created a private-public key pair saved in /home/pi/.ssh/id_rsa and /home/pi/.ssh/id_rsa.pub respectively. It also tells you that your key length is 2048 bits which is the default value and is considered secure these days. In simple terms, the longer the key the more secure it is against attackers. If you are bit more paranoid, you can use 4096-big long key by using “ssh-keygen -b 4096.” If you try this you will notice that it takes much longer to generate the key pair–security comes at a cost.

From those two files, the private key (/home/pi/.ssh/id_rsa) is the one you need to save and keep private. The public key can be freely distributed to anyone without compromising security.

2) Copy public key to remote host

In order to connect to a remote host with your private key, first you need to copy the public key on it. This needs to be done only once. You can use the following command:

The output informs you that it has copied your public key to the destination. What this does on the backend is to append your public key in the file /home/user_name/.ssh/authorized_keys. The destination host uses that authorized_keys file to determine which private keys are trusted. If you don’t have ssh-copy-id you can use the following command:

cat .ssh/id_rsa.pub | ssh [email protected] ‘cat >> .ssh/authorized_keys’

Now, the next time you try to connect to the destination host, you only have to type ‘ssh [email protected]’ and you will be welcomed without any password. The first time I used this, it felt like magic! Of course, you need to copy your public key to each host you need to connect to.

Similar to using a password, the security of passwordless ssh is contingent upon on keeping your private key private. It is much more difficult to break key-pair encryption with brute force attack than using a password.

For the more paranoid ones…

Now if you want to add another level of security to your private key, you can enter a passphrase when prompted by the command ‘ssh-keygen’ The passphrase is like a password (I am not sure why they call it a passphrase and not a password), and it’s tight to your private key. You can remove it or change it in the future if need be. Keep in mind that each time you ssh with your private key, you will have to enter the passphrase.

A practical use of the private-public key encryption is when you need to give or get temporary access to a remote Linux host. Let’s say a friend is asking for help to troubleshoot something on his Linux box. If he wants to give you access to it, you can send him your public key (/home/pi/.ssh/id_rsa.pub–remember you can freely share this without compromising security), he can append it in his /home/user_name/.ssh/authorized_keys, and then you can ssh to the machine with ssh [email protected] When you are done, he can just remove your public key from his /home/user_name/.ssh/authorized_keys. Compare that to giving you the password of a local account, and then having to change the password or delete the account.

Another important benefit of passwordless ssh is the ability to write scripts that run independently and can get access to remote hosts to perform various tasks. We’ll give examples of those in a future post. I hope that you enjoyed learning about ssh, stay tuned for the next Linux for Network Engineers blog post!

Secure Shell or SSH is responsible for successful network communication between two remote computers. For a Linux system administrator, this networking tool is the perfect solution for remote server/machine access over unsecured networks. For you to initiate and complete data backup under any Linux platform, you need to achieve two things:

• Secure network access to the remote machine with data you wish to backup.
• Secure data transfer mechanism to move your targeted data to a specified remote machine or backup directory.

Since this article objectifies remote data backup using SSH, it is important that the data transfer mechanism we choose to go with has undisputed support for SSH network protocols.

SCP for Secure Data Transfer

SCP (Secure Copy) is a reputable data transfer mechanism between two remote machines. Before data transfer takes place between the two remote machines, a Linux administrator has to be able to comfortably use one machine (local) to access the other machine (remote).

SCP first accomplishes local to remote machine access through the SSH network protocol before initiating any data transfer. With SSH protocol, access to a remote machine requires system username and password authentication.

This remote server access can be accomplished with a command implementation similar to the following:

Connect to Remote Linux

From here, the user attempting remote access is required to key in a user password associated with the username (ubuntu) before remote server access is authenticated.

However, this article recommends passwordless access to your remote machine/server through generated SSH key pairs that exist on both the local machine and remote machine.

Connect to Remote Linux Without Password

On the local computer, generate the needed SSH key with the following command:

On the resulting prompt, remember to skip the Enter passphrase: step by hitting [Enter] on the keyboard.

Create SSH Key in Local Linux

The remote server needs a copy of the SSH key.

Copy SSH Key in Remote Linux

Now connect to remote Linux server without a password SSH access.

You should automatically gain access to the remote server via SSH.

Connect to Remote Linux Without Password

SCP Remote Linux Backup via SSH Protocol

Before you backup data to/from a remote server, make sure you are on the correct directory path on the local machine and that you are also familiar with the directory structure on the remote/server machine.

On the local machine:

Listing Local Linux Files

On the server/remote machine:

Listing Remote Linux Files

To perform SCP remote Linux backup via the SSH protocol, we would implement the following command syntax:

Backup Local Directory to Remote Linux

The above command syntax translates to the following:

Backup Local Directory to Remote Linux

From the above command, we have successfully backed up a local machine directory to a remote machine directory by implementing the SCP tool kit with SSH keys.

Backup Remote Directory to Local Linux

To create a backup from the remote server to your local machine, the syntax to use will look like the following:

The implementation of the above syntax translates to the following:

Backup Remote Directory to Local Linux

Whether you are after local-to-remote or remote-to-local backup solutions, SCP’s inheritance of SSH keys and network access protocols makes remote data backup effortless.

Follow through this tutorial to learn how to mount remote filesystem over SSH using SSHFS. sshfs is a filesystem client based on the SSH File Transfer Protocol.

According to man pages;

“SSHFS (Secure SHell FileSystem) is a file system for Linux (and other operating systems with a FUSE implementation, such as Mac OS X or FreeBSD) capable of operating on files on a remote computer using just a secure shell login on the remote computer. On the local computer where the SSHFS is mounted, the implementation makes use of the FUSE (Filesystem in Userspace) kernel module. The practical effect of this is that the end user can seamlessly interact with remote files being securely served over SSH just as if they were local files on his/her computer. On the remote computer the SFTP subsystem of SSH is used“.

Mount Remote Filesystem Over SSH using SSHFS

In this setup, we will be using two servers for demonstrating how SSHFS can be used to mount remote filesytem via SSH protocol.

Install SSHFS on Linux Client System

Install SSHFS on the client system.

If you are running Ubuntu/Debian based systems, run the command below to install SSHFS package.

On CentOS/RHEL systems;

For other distributions, refer to their package manager docs on how to install SSHFS package.

Mount Remote Filesystem Over SSH using SSHFS

You can now proceed to mount remote filesystem over SSH using SSHFS.

The syntax of the SSHFS command is;

On your client system, you can mount the remote file-system as a standard user or root user.

For example, to mount the remote system log directory, /var/log , under the /media/ directory on the client system, simply run the command below;

Note that, in this particular example, the /var/log , is remotely owned by root user. As such, if you want to mount this directory locally, then you need to mount it as a remote root user.

Mounting root owned filesystems remotetly means that you also need to configure remote SSH server to allow remote root login.

This is a risk. However, you can restrict this to specific client.

On the server, you can add such lines to /etc/ssh/sshd_config file.

Checking the mount points on the client system;

Checking the contents of the remote filesystem/directory;

You can read the logs in realtime as if they were on the local system;

You can use a standard remote user if what you are mounting is owned by that user.

For example, to mount the remote system /home/kifarunix directory, login as the owner of this directory. For example;

Note, as a standard user on the client system, you can only mount remote filesystems to directories you have permissions to write to.

Btw, it is good to note that sshfs doesnt intepret

/ remote/ ) as users home directory on remote system.

Mount Remote Filesystem Over SSH using SSHFS Permanently

To ensure seamless mounting of remote filesystem even when the remote server reboots, you can use /etc/fstab .

However, you first need to generate the passwordless SSH keys (empty passphrase) and copy them to a remote system.

Copy the key to the remote user you are using for mounting;

For example, to copy the above key to a remote server user;

You should now be able to login without being prompted for password.

Next, update the fstab file with the mount details.

For example, to automatically mount the remote /var/log directory on a client system, update /etc/fstab by entering the line in the format;

To mount the remote /var/log directory, enter the line below to /etc/fstab.

Make the appropriate adjustments.

Reboot the system and verify if the remote directory was mounted.

Unmounting the Filesystem/directory

To unmount the filesystem, run the command below;

And that concludes our guide on how to mount remote filesystem over SSH via SSHFS.

October 3, 2019 by Sana Ajani, @sana_ajani

In a previous Remote SSH blog post, we went over how to set up a Linux virtual machine and connect to the VM using the Remote – SSH extension in Visual Studio Code. In this blog post, we’ll go into some tips and tricks that you can use to get the most out of your remote setup.

Connect using Remote SSH

The Visual Studio Code Remote – SSH extension allows you to connect to a remote machine or VM using SSH, all from inside VS Code. If you don’t already have the extension installed, you can search for “remote ssh” in the Extensions view ( ⇧⌘X (Windows, Linux Ctrl+Shift+X ) ).

After you install the extension, you’ll notice an indicator on the bottom-left corner of the Status bar. This indicator tells you in which context VS Code is running (local or remote). Click on the indicator to bring up a list of Remote extension commands.

SSH configuration file

In the earlier Remote SSH blog post, we only connected to a single machine and did so by entering the “[email protected]” when prompted. If you log in to multiple remote servers or local virtual machines on a regular basis, there’s a better way to connect without having to remember all the usernames, addresses, and additional configuration options.

OpenSSH supports using a configuration file to store all your different SSH connections. To use an SSH config file, click on the remote indicator to bring up the remote commands, choose Open Configuration File, and select the file that follows the path “Users//.ssh/config”.

Here’s an example of an SSH config file:

There are many more configuration options you can specify in the SSH config file format. You’ll get completions and colorizations in this file and you can press ( ⌃Space (Windows, Linux Ctrl+Space ) ) for IntelliSense to learn more about the config options.

The options used above are:

You can add the information for all the hosts you have. Once you’ve saved the config file, you’ll be able to see those hosts in the Remote Explorer, as well as any folders you have opened on that host. You can select the icon next to each host or folder and it will launch a new VS Code window (instance) and connect you to that host. In the screenshot below, I’m connected to my remote machine “python-linux-vm” and the Remote Explorer shows me the folders I have connected to in the past, as well as any forwarded ports from the remote machine.

ProxyCommand

Sometimes you may need to connect from your desktop or laptop to a remote machine over your company’s Intranet or behind a firewall. In this case, you may be using an intermediate server or jump box. This kind of setup is useful if you are working within a secure system that is configured to only accept SSH connections from a fixed set of hosts.

To use a jump-box setup with the Remote – SSH extension, you can use the ProxyCommand config option. This configuration will open a background SSH connection to the jump box, and then connect via a private IP address to the target.

You can set the ProxyCommand config option in the SSH config file like this:

ControlMaster

If you are connecting to a remote SSH host using other authentication methods besides key-based authentication, such as two-factor, password-based, or an SSH key with a passphrase, you may have to enter the required information multiple times.

Instead of opening multiple SSH connections, you can use ControlMaster option (only on macOS/Linux clients) to reuse an existing connection and reduce the number of times you must enter your passphrase.

To use this feature, add the following to your SSH config file:

Offline remote machine

If you are restricted by a firewall or your company locks down your VMs and they cannot connect to the Internet, the Remote – SSH extension won’t be able to connect to your VM because VS Code needs to download a component called the VS Code Server to the remote machine.

However, you can now solve this issue by a new user setting in the Remote – SSH extension. If you enable the setting remote.SSH.allowLocalServerDownload , the extension will install the VS Code Server on the client first and then copy it over to the server via SCP.

Note: This is currently an experimental feature but will be turned on by default in the next release.

Remote – SSH Nightly extension

If you’re interested in testing new updates and experimental features as soon as they are available, install the Remote – SSH Nightly extension (uninstall the Remote-SSH stable extension first). This is the nightly build of the extension where we experiment with new features and settings before releasing them into the stable version.

We’d like your feedback

Thanks for trying out the Remote – SSH extension! If you run into any issues or would like to suggest new features or scenarios for us, please open an issue on our GitHub repo. If you want to see what features we’re currently working on or are upcoming, take a look at our Remote Development release notes and iteration plans. You can also try out the introductory Remote development over SSH tutorial, which walk you through using the other remote extensions to work inside Docker containers and the Window Subsystem for Linux (WSL).

Happy Remote Coding,

Sana Ajani, VS Code Program Manager @sana_ajani

Rsync stands for “remote synchronization”. It is a remote and local file synchronization tool that helps you efficiently transfer files.

What RSync Is

Rsync is faster than tools like Secure Copy Protocol (SCP). It uses the delta-transfer algorithm that minimizes the data transfer by copying only the sections of a file that have been updated.

Some of the additional features of Rsync include:

• Supports copying links, devices, owners, groups, and permissions
• Does not require super-user privileges
• Pipelines file transfers to minimize latency costs

You can only transfer files from local to remote or remote to local. Rsync does not support remote to remote file transfers.

How RSync Works

Now that you know what Rsync is, let’s look at how to work with it.

Rsync works similarly to other remote server management tools like SSH and SCP.

Here is the basic syntax of Rsync:

Here is the syntax to transfer a file from your local system to a remote server. It is also called a “push” operation.

Here’s how to transfer a file from a remote server to your local system, also called a “pull” operation.

Note: When working with remote systems, make sure you have SSH access to the remote system. Rsync establishes the connection using SSH in order to enable file transfer.

How to Use Flags in RSync

Rsync lets you add additional options via command-line flags. Let’s look at a few useful flags.

Recursive

If you add the -r option, RSync will execute a recursive file transfer. This is useful when working with directories. Here is an example:

Archive

The -a flag is used to preserve symbolic links while transferring files. The archive flag also preserves special and device files, modification times, and permissions from the source directory.

The archive flag also syncs files recursively, so it is used more than the recursive flag. Here is how you use it:

Compression

You can also compress files using the -z flag. Compressing files can reduce network load and speed up file transfer.

Progress

For large file transfers, it is useful to know the progress of the operation. You can use the -P flag to know the progress of the file transfer. With Rsync, you can also resume file transfers if they are interrupted.

Verbose

Finally, the verbose command can help you understand every step of the file transfer. You can use the -v flag for this.

You can also use the help command with RSnsc to get a list of all the options and flags.

rsync help

Conclusion

Rsync simplifies the whole file transfer process by offering a robust, versatile, and flexible tool compared to alternatives like SCP.

RSync is great for maintenance operations, backups, and general file operations between local and remote machines.

References

I am Manish and I write about Cybersecurity, Artificial Intelligence, and DevOps. If you liked this article, you can find my blog here.

Making tech easier for people, one article at a time. 8 years of #remotelife. Blogs at hardcoder.io

If you read this far, tweet to the author to show them you care. Tweet a thanks

Learn to code for free. freeCodeCamp’s open source curriculum has helped more than 40,000 people get jobs as developers. Get started

freeCodeCamp is a donor-supported tax-exempt 501(c)(3) nonprofit organization (United States Federal Tax Identification Number: 82-0779546)

Our mission: to help people learn to code for free. We accomplish this by creating thousands of videos, articles, and interactive coding lessons – all freely available to the public. We also have thousands of freeCodeCamp study groups around the world.

Donations to freeCodeCamp go toward our education initiatives, and help pay for servers, services, and staff.

An SSH session is like a portal into another machine. If you’re used to working with Windows, you’ll know how easy it is to transfer files from one location to another. Just drag and drop! No text commands, no authentication, none of that.

However, sometimes you will need to download a file from SSH to your local desktop, such as if you are using one of our managed VPS hosting services. And there’s no simple command from within the SSH terminal itself to do this. The two environments are too far apart. However, we have a dedicated tool called “SCP” which stands for “Secure Copy” that’s made for precisely these kinds of situations.

Here’s how it works. First, we have a file on the remote server called filetodownload.txt , as shown here:

We’re going to transfer this file from Linux to our Windows desktop.

Table of Contents

Step 1: Gather the Necessary Information

To transfer a file from a remote server via SSH using SCP, we need the following pieces of information:

1. Login credentials – username, server name or IP address, and password
2. The port number for SSH connections
3. The path to the file on the remote server
4. The path to the download location

You should already have the login credentials when you connect to the server using PuTTY, or some other tool, so we won’t go into it here. Learn more about basic PuTTY commands.

As for the port number, you’ll need to know which SSH server port your VPS listens to. It’ll either be 22 (the default port), or it’ll be given to you when you order your VPS from your hosting provider.

To get the full path to the file you want to transfer, enter the “pwd” command on the CLI of the remote server while the file is in your current directory. This will give you the folder name, like this:

Now just append the name of the file to the path you get and you’re done.

As for the path to the download location, that’s something you have to get on your own!

Step 2: Create the SCP Command

The SCP command looks like this:

Replace the sections in bold with the information you gathered in step 1. For example, the command used for this example is:

Step 3: Running the Command

Open up a command line in Windows. Windows 10 already has SCP installed by default. For this example, we’ll use the Windows PowerShell tool to run the commands. The color contrasts with the yellow, and syntax highlighting is a nice change from the drab command line.

Pasting the above command into the local command line editor gives us:

As you can see, you first need to confirm the connection using the RSA fingerprint of the remote server. Once you type “yes”, it’ll be permanently added to the “known_hosts” file.

The “known_hosts” file in Windows is located at:

Replace [UserName] with your own Windows username. It’s a file without an extension, like this:

An editor like Notepad++ is ideal for these kinds of files. Each RSA fingerprint is added on a new line. This allows you to clear them easily by deleting an entire line at once if you ever need to remove an entry.

Once you provide your password in the prompt, the file is downloaded immediately, as shown here:

And you’re done! Navigate to the location you specified in your SCP command and the file should be visible.

SCP is the most direct way to transfer and download files from remote servers to local systems. It makes use of the same SSH protocols, so the connection is encrypted all the way through, making it immune to man-in-the-middle attacks. Hopefully, this tutorial will help you use it in an efficient, and easy manner. If you use one of our Managed Linux VPS services, and you have an issue with SCP or need more information about it please don’t hesitate to contact our 24×7 Linux Server Support, which comes included with your hosting plan.

If this tutorial helped you move files from your remote server to your local machine, maybe consider sharing this knowledge with your friends by using our share shortcuts. You can also leave any additional tips or questions in our comment section below. Thank you.

Connecting to the server via SSH is one of the primary means for managing *nix servers. Quite often, it is necessary to upload a file to a remote server or unload it, but there are no other means other than SSH connection. Fortunately, one of the regular functions of this Protocol is to copy files via a secure connection. You can implement it using a scp command on Linux systems, or using pscp.exe, which is part of the Putty SSH client on the Windows operating system.

Using the Linux OS

Execute the following commands:

scp [modifier] [source] [target_directory]

If a remote server serves as the source or target directory, execute the following commands:

After running the command, you need to enter the password for the remote server account.

To sum up, you can copy the local file named: /home/user/file.tgz to the root user home directory of the remote server 123.123.123.123 executing the following command:

scp /home/user/file.tgz [email protected]:/root

To download the same file from a remote server:

scp [email protected]:/root/file.tgz /home/user

You can copy several files at once. To do this, you must add them as the source. Separate them by a space – the last parameter will be considered as the target directory. For example, to upload file1 files.tgz and file2.tgz from the local directory to the remote server you have to execute the command:

scp file1.tgz file2.tgz [email protected]:/root

To copy the directory, you will need to use the –r command modifier. Copy the local directory /home/user/dir to the remote server:

scp-r /home/user/dir [email protected]:/root

When the SSH server is running on a non-default port, we need to get the help of the -P option. If you need to use port 10022:

scp-P 10022 /home/user/file.tgz [email protected]:/root

To find out what other modifiers you can use, simply execute scp without parameters and read the help.

Using the Windows OS

When using the Windows operating system and Putty as a client, the command formatting remains the same. However, we will change the name of the executable file. We need to use a syntax for specifying paths to Windows files and directories when mentioning the source or target directories. Run the command line (cmd.exe) or PowerShell, open the directory with the pscp .exe file and enter the command:

pscp.exe C: Tempfile.tgz [email protected]:/root

If you run it from another folder, you will need to specify the full path to pscp.exe. If any of the paths contain spaces, we need to use double quotes — “file path”:

“C:Program FilesPuttypscp.exe” C:Tempfile.tgz [email protected]:/root

Simply execute pscp (similarly to scp) without parameters and read the help on the modifiers as well as the command syntax information.

Running commands on a remote server using the SSH connection

SSH protocol supports both running interactive sessions and regular commands and scripts on a remote server.

Using the Linux OS

ssh [user]@[server] ‘[command]’

Enter the password of the specified user and get the command output in the SSH console, if any.

For example, we can find information about the operating system installed on the remote server:

ssh [email protected] ‘uname -a’

To run multiple commands using a single connection, you can use the “;” character as a separator. Check the network settings and active network connections on the remote server:

ssh [email protected] ‘ifconfig; netstat -anp tcp’

If you need to run a local script file on a remote server: run the command interpreter (in the script execution mode). It can be bash with the-s key and pass the script file to it for the standard input. Take a look at the example below:

ssh [email protected] ‘bash -s’

The local file: /home/user/myscript.sh will be executed on a remote server.

Running the SSH command without parameters allows you to see a brief syntax reference and a list of additional modifiers that allow you to extend the command’s functionality.

Using the Windows OS

To connect to the remote server, we will use the Putty client with its executable plink.exe. File, if our computer supports Windows. Use the command line (cmd.exe) or PowerShell to work with this file.

To run the command on a remote server, use the following syntax:

plink.exe [server] – ssh-l [user] “[command]”

Check the network interfaces configuration:

plink.exe 123.123.123.123 -ssh-l root “ifconfig”

plink.exe allows you to use “;” as a separator to run multiple commands, likewise the SSH command in Linux:

plink.exe 123.123.123.123 -ssh-l root “ifconfig; netstat-anp tcp”

You can run commands from a local file using an additional key -m: