# Best way to transfer a file using ssh?



## freaky (Aug 11, 2004)

Can somebody tell me what the best way to transfer a file from one UNIX server to another is that's easy to set do. I would prefer it to only be one line if possible. I looked into doing scp but it looks too complicated to have to generate/distribute the keys.


----------



## anarchie (Aug 11, 2004)

It's not complicated to generate and distribute a key.  You would use key-pair authentication to avoid entering your password for each copy, so you could use scp in scripts.  You only need to generate a key once, and only transfer it once to each server you need authorization on.  Here's the lowdown:

ssh-keygen -t dsa

This generates a DSA key and by default stores the keys in ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub

cat ~/.ssh/id_dsa.pub | ssh someotherhost "mkdir ~/.ssh; cat > ~/.ssh/authorized_keys"

This transfers your public key to someotherhost.  Afterwards, you can use 'ssh someotherhost' without entering your password, or you can use scp to copy files like so:

scp somefile someotherhost:~/somedirectory/somefile

And in reverse as well:

scp someotherhost:~/myfile mylocalfile


----------



## cfleck (Aug 11, 2004)

i've used scp for about 2 years now and i've never even had to do the keygen thing.  i ssh in all the time though.  besides, as far as i'm aware its the only way to do it in one line.


----------



## freaky (Aug 11, 2004)

Thanks for the replies. So if I have another site with a different login and password do I need to create a new key each time and name it something like ~/.ssh/id_dsa_site2 and ~/.ssh/id_dsa_site2.pub? After doing this if I want to log into the server via ssh do I need to go ssh user@domain.com or should I be able to just go ssh domain.com?


----------



## cfleck (Aug 11, 2004)

if your username on the machine you are using is the same as the machine you are logging in to then 'ssh domain.com' is fine, otherwise you need to use 'ssh user@domain.com'

for scp, the same rule applies.  
different user name, copy from server to local - 'scp user@domain.com:filename newfilename'
same user name, copy from server to local - 'scp domain.com:filename newfilename'

if you are copying to the server just switch args 2 and 3.  that is...
scp localfile domain.com:newfile

basically, the stuff after the : is the path & filename on the foreign machine.

i wouldn't worry about the keygen stuff at first.  try it without and see if it works.


----------



## anarchie (Aug 11, 2004)

You only have to generate a key once on your machine.  If you WANT to, you can use multiple keys, but you'll need to use the -i option to tell ssh/scp which key to use.  That can get real tedious.

cfleck:  As I pointed out, you would use keypair authentication so that you don't need to enter your password, which makes automation easy.  If you can use ssh or scp without entering passwords, chances are that the identity and authorized_keys files have already been set up for you.  Keypair authentication is not necessary at all, but I interpreted "on one line" as not needing to enter the password on another line.


----------



## cfleck (Aug 11, 2004)

aah, i see, i see.  i was wondering why the keygen thing was no necessary, and it never really clicked.  slow wednesday.


----------



## legacyb4 (Aug 12, 2004)

Assuming your SSH server is configured to run it, SFTP also works like a standard FTP program (put, get, etc.) but runs through an encrypted channel.


----------

