SSH tricks

These are originally from http://www.akadia.com/services/ssh-secrets.html , but the orginal page is gone so I copy from Google cache (see below the line). Anyways I found this by searching for "tar over ssh", as I was in need of moving some data from a box to another while having booted up with Ubuntu Live CD. Now the tar part didn't work out in the end since there is corruption on the filesystem, after some fiddling around I also realized how to use dd_rescue (much like dd but meant for rescue work [if dd sees errors]) to save to a remote machine:
dd_rescue /dev/bad_partition /dev/stdout | ssh user@example.com "cat >/tmp/rescue.img"
/dev/stdout needs to be specified since dd_rescue really wants to work with files, all the usual ways of getting output to stdout fail.


Overview


As you know, the main feature of OpenSSH is to establish secure connections to remote machines, so you get interactive sessions against them. However, OpenSSH also allows you to execute commands on remote machines. You can execute commands and have the output returned to the screen without logging in to the remote machine. Further more you can use tar over ssh.

Editing remote files with OpenSSH


To execute a command remotely simply type (rhost = remote_host):

ssh user@rhost 'ls -al /etc'


However, some commands require a terminal to run properly. For example, if you want to edit a remote file using vi you probably will try something like this:

ssh user@rhost 'vi /etc/passwd'


And you'll get warnings like this:

Vim: Warning: Output is not to a terminal
Vim: Warning: Input is not from a terminal

To avoid such warnings and cleanly edit your remote files type the following:

ssh -t user@rhost 'vi /etc/passwd'


The -t option will... (from OpenSSH man pages)

Force pseudo-tty allocation. This can be used
to execute arbitrary screen-based programs on a
remote machine, which can be very useful, e.g.,
when implementing menu services.
Multiple -t options force tty allocation, even
if ssh has no local tty.

Backing Up with tar over ssh


Shuffling files between servers is simple with scp:

scp some-archive.tgz rhost:/usr/local

Or even copying many files at once:

scp rhost:/usr/local/etc/* .

But scp isn't designed to traverse subdirectories and preserve ownership and permissions. Fortunately, tar is one of the very early (and IMHO, most brilliant) design decisions in ssh to make it behave exactly as any other standard Unix command. When it is used to execute commands without an interactive login session, ssh simply accepts data on STDIN and prints the results to STDOUT. Think of any pipeline involving ssh as an easy portal to the machine you're connecting to. For example, suppose you want to backup all of the home directories on one server to an archive on another:

tar zcvf - /home | ssh rhost "cat > homes.tgz"

Or even write a compressed archive directly to a tape drive on the remote machine:

tar zcvf - /home | ssh rhost "cat > /dev/tape"

Suppose you wanted to just make a copy of a directory structure from one machine directly into the filesystem of another. In this example, we have a working Apache on the local machine but a broken copy on the remote side. Let's get the two in sync:

cd /usr/local
tar zcf - apache/ \
| ssh rhost \
"cd /usr/local; mv apache apache.bak; tar zpxvf -"

This moves /usr/local/apache/ on rhost to /usr/local/apache.bak/, then creates an exact copy of /usr/local/apache/ from my localhost, preserving permissions and the entire directory structure. You can experiment with using compression on both ends or not (with the z flag to tar), as performance will depend on the processing speed of both machines, the speed (and utilization) of the network, and whether you're already using compression in ssh.

Finally, let's assume that you have a large archive on the local machine and want to restore it to the remote side without having to copy it there first (suppose it's really huge, and you have enough space for the extracted copy, but not enough for a copy of the archive as well):

ssh rhost "cd /usr/local; tar zpvxf -" \
< really-big-archive.tgz

Or alternately, from the other direction:

ssh rhost "cat really-big-archive.tgz" | tar zpvxf -

f you encounter problems with archives created or extracted on the remote end, check to make sure that nothing is written to the terminal in your ~/.bashrc on the remote machine. If you like to run /usr/games/fortune or some other program that writes to your terminal, it's a better idea to keep it in ~/.bash_profile or ~/.bash_login than in ~/.bashrc, because you're only interested in seeing what fortune has to say when there is an actual human being logging in and definitely not when remote commands are executed as part of a pipeline. You can still set environment variables or run any other command you like in ~/.bashrc, as long as those commands are guaranteed never to print anything to STDOUT or STDERR.

Using ssh keys to eliminate the need for passwords makes slinging around arbitrary chunks of the filesystem even easier (and easily scriptable in cron, if you're so inclined).

Copy over Files from Remote to your local Host using ssh

If you want to copy a file from the remote host «rhost» to you local host you can do this with ssh. The command in "..." are always executed on the remote machine.

Go to the local machine

ssh -2 -t rhost "cat /u01/file.tar.gz" > /u01/file.tar.gz

-t Force pseudo-tty allocation. This can be used to execute
arbitrary screen-based programs on a remote machine, which
can be very useful, e.g., when implementing menu services.
Multiple -t options force tty allocation, even if ssh has
no local tty.

-2 Forces ssh to try protocol version 2 only.

Design by Inventive Design and powered by Midgard CMS.