1
donuts
29d

On Linux I want to scp a file from Machine B to my machine A.

Assuming B allows all connections is any key/cert file exchange needed?

I recall whenever I SSH to a new machine I need to accept a key on the first connect.

Guess general question is what is the connection process between 2 Linux machines for sftp purposes?

Comments
  • 2
    You can configure it for either account based auth or ssh. SSH is recommended. SFTP is the underlying mechanism scp uses.

    Rsync is better than all of the above, but must be installed.
  • 0
    @SortOfTested We use bin/scp but not sure what the difference is.

    SCP, SFTP, SSH

    Well my team owns A, another team owns B, they allow all connections atm.

    But they said we need to install their key in our trust store? to access their machine.
  • 0
    So wondering how all this trust works/gets established.

    It sorta sounds like HTTPS without a CA?

    Not really familiar with how public/private keys work. I know for like Git needs then too in order for you to commit to a remote repo... But it's the committer that generates and gives the remote his key.
  • 6
    @donuts
    SSH has an agent on the machine that is used to negotiate the connection. You establish a remote session and issue commands. Either host can initiate a connection with a valid SSH identity

    This explains the keyshare and message handshake
    https://gravitational.com/blog/...

    The "first time connections" provides the signature exchange and asks you to verify trusting the host. Hence, no authority. You can actually use SSH with a CA, it's just not usually helpful as Linux doesn't have a domain paradigm, it doesn't really support the lifetime use cases of modern server instances.

    Tools like SELinux are used instead
    https://wiki.centos.org/HowTos/...

    SCP, or secure copy, it's the same as ssh for most part save that it doesn't allow for remote command execution. It's mostly used for copying files.

    SFTP is ssh file transfer protocol. SCP sits on top of it.

    Rsync is a tool that can be used to do copies and synchronization locally or to a remote machine. It's significantly faster than SCP. It can also resume file shares.
  • 1
    rsync ftw alone with rclone lol
  • 0
    @ScribeOfGoD not my choice to make... Big company with a list of approved apps... That are like 20yrs old or made but shitty vendors that clearly did a lot of sucking up to get their software into the list.
  • 0
    @SortOfTested scp != sftp
    scp has problems with anything that is printed on the shell through the .bashrc, .zshrc, ... it also cannot list the directories. sftp is ftp tunneled through ssh ,there is no second port needed because ssh can use multiplexing. if it is possible sftp should be used and scp only when its something that absolutly requires it.
  • 1
    @stop sftp != ftp tunneled over SSH. It transfers files, but the similarity with ftp ends here.

    Sftp is defined at https://tools.ietf.org/html/...
  • 0
    @stop @sbiewald
    You're right, I got it twisted 😋 yesterday's brain dump time was heavily abridged.

    Though the details are sketchy.
Add Comment