Copy a file back to local system with ssh
Master connection
It's easiest if you plan in advance.
Open a master connection the first time. For subsequent connections, route slave connections through the existing master connection. In your ~/.ssh/config
, set up connection sharing to happen automatically:
ControlMaster auto
ControlPath ~/.ssh/control:%h:%p:%r
If you start an ssh session to the same (user, port, machine) as an existing connection, the second session will be tunneled over the first. Establishing the second connection requires no new authentication and is very fast.
So while you have your active connection, you can quickly:
- copy a file with
scp
orrsync
; - mount a remote filesystem with sshfs.
Forwarding
On an existing connection, you can establish a reverse ssh tunnel. On the ssh command line, create a remote forwarding by passing -R 22042:localhost:22
where 22042 is a randomly chosen number that's different from any other port number on the remote machine. Then ssh -p 22042 localhost
on the remote machine connects you back to the source machine; you can use scp -P 22042 foo localhost:
to copy files.
You can automate this further with RemoteForward 22042 localhost:22
. The problem with this is that if you connect to the same computer with multiple instances of ssh, or if someone else is using the port, you don't get the forwarding.
If you haven't enabled a remote forwarding from the start, you can do it on an existing ssh session. Type Enter ~C
Enter -R 22042:localhost:22
Enter.
See “Escape characters” in the manual for more information.
There is also some interesting information in this Server Fault thread.
Copy-paste
If the file is small, you can type it out and copy-paste from the terminal output. If the file contains non-printable characters, use an encoding such as base64.
remote.example.net$ base64 <myfile (copy the output)
local.example.net$ base64 -d >myfile (paste the clipboard contents) Ctrl+D
More conveniently, if you have X forwarding active, copy the file on the remote machine and paste it locally. You can pipe data in and out of xclip
or xsel
. If you want to preserve the file name and metadata, copy-paste an archive.
remote.example.net$ tar -czf - myfile | xsel
local.example.net$ xsel | tar -xzf -
Another (IMO) easy way would be:
# to remote host
cat localfile.conf | ssh user@hostname 'cat -> /tmp/remotefile.conf'
# from remote host
ssh user@hostname 'cat /tmp/remotefile.conf' > /tmp/localfile.conf
Or if you prefer something GUI-like, try Midnight Commander. They call the feature Shell-Link. Most distros have em in their package systems as mc
.
SSH does support a few commands, via the escape character (~
by default):
$ ~?
Supported escape sequences:
~. - terminate connection (and any multiplexed sessions)
~B - send a BREAK to the remote system
~C - open a command line
~R - Request rekey (SSH protocol 2 only)
~^Z - suspend ssh
~# - list forwarded connections
~& - background ssh (when waiting for connections to terminate)
~? - this message
~~ - send the escape character by typing it twice
(Note that escapes are only recognized immediately after newline.)
$ ~C
ssh> help
Commands:
-L[bind_address:]port:host:hostport Request local forward
-R[bind_address:]port:host:hostport Request remote forward
-D[bind_address:]port Request dynamic forward
-KR[bind_address:]port Cancel remote forward
!args Execute local command
The !args
seems to be closest to what you want. Note that you'll need to have PermitLocalCommand
enabled in your /etc/ssh_config
file in order for the ~C
commands to work (see man ssh_config
).
You can re-use the same ssh session if you set up a ControlMaster
in ssh_config
. If you do this:
$ ~C
ssh> !scp file user@myserver:
you've technically never left the ssh session, and don't need to re-authenticate. Probably more complicated than you'd like, but I can't think of another easy way.