Part One of this series introduced the Terminal application in Mac OS X with the assumption that you're now running OS X 10.4.x (Tiger). If you made it through Part One unscathed, then you're ready to get some real work done.
In Part Two, you'll learn how to use the terminal app to look at external volumes, then enable
ssh to access files,
scp to securely copy them remotely,
sftp for secure ftp, and finally how to use
rsync to synchronize files between two computers.
Whenever you add a new hard disk, flash drive, network drive, iPod, CD, or DVD to your system, these additional disks are mounted onto the filesystem in the directory /Volumes. Open your terminal app and type
ls /Volumes to see a basic listing of what you have mounted. On my 12" Powerbook, three disks show up:
Last login: Sun May 29 12:57:23 on ttyp1 Mary's Tiger! tiger12:~ norburym$ ls /Volumes BIG TIKI DevilDuckie Untitled tiger12:~ norburym$
BIG TIKI is my 1GB USB drive housed in a Tiki statue, DevilDuckie is my red devil rubber duckie flash drive and Untitled is my internal boot disk. (Gee, I should get more creative with my local drive!)
Run a long listing with the option
-l to get more information:
tiger12:~ norburym$ ls -l /Volumes total 72 drwxrwxrwx 1 norburym norburym 16384 May 29 13:13 BIG TIKI drwxrwxrwx 1 norburym norburym 16384 May 29 13:02 DevilDuckie lrwxr-xr-x 1 root admin 1 May 29 09:51 Untitled -> / tiger12:~ norburym$
Total 72 gives me the amount of storage in blocks (each block is 1024 bytes) used by all the items in /Volumes. The following shows how to "decode" the rest of the information displayed:
Notice that the type for Untitled is listed with the letter "l" which means it's a link pointing to root (/). Both BIG TIKI and DevilDuckie are listed with a "d" for directory.
Let's put in a DVD (Casablanca) and attach one of my iPods (Marys U2Pod):
tiger12:~ norburym$ ls -l /Volumes total 76 drwxrwxrwx 1 norburym norburym 16384 May 29 13:13 BIG TIKI dr-xr-xr-x 4 norburym norburym 136 Aug 30 2004 Casablanca drwxrwxrwx 1 norburym norburym 16384 May 29 13:02 DevilDuckie drwxr-xr-x 18 norburym norburym 714 May 27 11:25 Marys U2Pod lrwxr-xr-x 1 root admin 1 May 29 09:51 Untitled -> / tiger12:~ norburym$
Let's use the terminal to look at the files on my iPod using the
-F option with
ls. If you man the command
ls and read about the
-F option, you'll see this description:
"Display a slash (/) immediately after each pathname that is a directory, an asterisk (*) after each that is executable, an at sign (@) after each symbolic link."
Control-Z to stop the man page and get back to your shell prompt.
Here are two ways to look at the files on your iPod:
Without actually changing to the /Volumes directory, you can give the pathname to the directory. Using this method leaves you in your home directory:
tiger12:~ norburym$ ls -F /Volumes/Marys\ U2Pod SlashdotReviews/ Desktop DB Temporary Items/ Calendars/ Desktop DF iPod_Control/ Contacts/ Icon? Desktop/ Notes/ tiger12:~ norburym$
Note that because the name of my iPod has a space in it (Marys U2Pod), I need to tell the shell about the space. To do this, you can use the backslash character directly before the space like this:
Marys\ U2Pod (The backslash preserves the character immediately following which is, in this case, the space.) or enclose the name in single or double quotes* like this:
'Marys U2Pod' so the command becomes:
tiger12:~ norburym$ ls -F /Volumes/'Marys U2Pod'
*man bash and read the Quoting section to learn about the differences between using the single and double quotes. In this case, either can be used.
Change to the /Volumes directory first and then use the
tiger12:~ norburym$ cd /Volumes tiger12:/Volumes norburym$ ls -F /Volumes/'Marys U2Pod' SlashdotReviews/ Desktop/ Icon? iPod_Control/ Calendars/ Desktop DB Notes/ Contacts/ Desktop DF Temporary Items/ tiger12:/Volumes norburym$
In this case, you end up in the directory that you changed into: the /Volumes directory. Let's go take a look in the iPod_Control directory. Change into the iPod volume and the iPod_Control directory and then do a listing with the
tiger12:/Volumes norburym$ cd 'Marys U2Pod'/iPod_Control/ tiger12:/Volumes/Marys U2Pod/iPod_Control norburym$ ls -F Device/ Music/ iPodPrefs* iTunes/ tiger12:/Volumes/Marys U2Pod/iPod_Control norburym$
Remember, I have to use the single quotes (or backslash) to maintain the space character in the name of my iPod but notice that resulting file path (
tiger12:/Volumes/Marys U2Pod/iPod_Control) simply shows the space. The
-F option shows my directories (Device, Music and iTunes) and one executable (iPodPrefs), which is indicated by the asterisk. Let's take a look in the Music directory:
tiger12:/Volumes/Marys U2Pod/iPod_Control norburym$ ls -F Music F00/ F04/ F08/ F12/ F16/ F20/ F24/ F28/ F01/ F05/ F09/ F13/ F17/ F21/ F25/ F29/ F02/ F06/ F10/ F14/ F18/ F22/ F26/ F30/ F03/ F07/ F11/ F15/ F19/ F23/ F27/ F31/ (etc)
Look in any of these directories and you'll see your audio files:
tiger12:/Volumes/Marys U2Pod/iPod_Control norburym$ ls Music/F20 01 Blow It Out.m4p 1-16 Thieves In The Temple.aif 01 Clarity.m4p 10 The Thrill Is Gone.m4a 01 The Lady Is A Tramp.aif 11 Sweet Surrender.aif 04 The Wind Cries Mary _Liv.mp3 13 Goin_ Down.aif (etc)
This is a great example of how the terminal excels over the GUI: you can quickly see all the hidden ("protected-from-the-users-for-their-own-good") files and see how directories and their related files are structured.
When you're working on a network, there will be times that you need to access your second Mac or, if you're an administrator, another user's Mac. You may be lounging in bed with your PowerBook on a cold winter's night and need to copy critical files from that G5 way down in the basement office. Or perhaps you've taken the day off from work and a user halfway across town is having a problem with an application that won't quit.
The solution is to enable Remote Login on your networked computers so you can access the remote shell from your local Mac and solve these and other vexing problems from the comfort of your own chair (bed, or from the bar in Mazatlan... been there, done that).
To enable Remote Login, make a one-time visit to the networked Macs you want to access. Log in with an administrator's credentials, go to the Sharing preference panel (pref pane) in System Preferences and under the Services tab, select the Remote Login option. Remote Login will start automatically.
At the bottom of the window, you'll see instructions on how to log into the remote computer, "To log in to this computer remotely, type, 'ssh firstname.lastname@example.org' at a shell command prompt."
If you have a firewall enabled, go to the Firewall tab in the Sharing pref pane and under Allow make sure you have Remote Login—SSH checked to open this particular port (port 22, incidentally). Once back in your comfy Aeron chair, bring your ever-active terminal app to the front and enter the command as instructed at the bottom of the Sharing pref pane:
tiger12:~ norburym$ ssh email@example.com The authenticity of host '22.214.171.124 (126.96.36.199)' can't be established. RSA key fingerprint is 8f:a0:46:0c:37:b6:bc:37:30:7c:fb:fc:dc:d6:87:e9. Are you sure you want to continue connecting (yes/no)?
yes, hit the enter/return key and you'll get a warning and be prompted for the user's password (in this example, norburym's password):
Warning: Permanently added '188.8.131.52' (RSA) to the list of known hosts. Password:
After entering your password and enter/return, you'll see:
tiger12:~ norburym$ ssh firstname.lastname@example.org Password: Last login: Sun May 29 15:14:00 2005 from 184.108.40.206 Welcome to Darwin! samsmacmini:~ norburym$
The prompt now shows the name of the computer you've connected to (samsmacmini) with the username you used to run the
ssh command (norburym).
In the case of a machine with a stuck process, you can now run
top to find out the process of the offending application and then run the
kill command with the process number to stop the process.
Let's say you are home, working on your PowerBook and you realize that you need some files residing on the iMac G5 sitting on your desk at work, a 40-minute drive away. You want to copy these files from your remote computer to your PowerBook. You can copy files remotely and securely using the
scp (secure copy) command. As an example, let's assume that you have a virtual private network (VPN) that you can log into at work (which enables you to securely connect to your workplace network) and that you enabled Remote Login on your work iMac G5.
scp command creates an encrypted session using
ssh and the files are sent encrypted so you don't have to
ssh into the remote machine. The syntax for the
scp command is simply:
However, since you're copying files from one machine to another, you need to specify the username and the host in the source (iMac G5 at work). We're logged into the destination computer (the PowerBook sitting in front of us) so we don't need to specify our login:
In other words:
tiger12:~ norburym$ scp \ email@example.com:~/TuxReview.txt ~/TuxReview.txt firstname.lastname@example.org's password: TuxReview.txt 100% 843 0.8KB/s 00:00 tiger12:~ norburym$
Here, I'm copying the file TuxReview.txt from my (norburym's) home directory on the remote computer at work (220.127.116.11) and putting it in my home directory on the computer I'm logged into (the PowerBook). The command asks for my password and then gives me the total size of the copied file, the rate at which it copied, and the total time it took to copy the file.
If I were already logged into the remote computer via
ssh, I would be actually on the other computer and I'd be sending the file back to my home computer, so let's look at that scenario. First, I'll use the
ssh command to access my work iMac G5:
tiger12:~ norburym$ ssh email@example.com Password: Last login: Mon May 30 13:25:31 2005 from 18.104.22.168 Welcome to Darwin! workimac:~ norburym$
Notice that the shell prompt indicates that I'm logged into the remote computer. And then I'll run
scp this way:
workimac:~ norburym$ scp ~/TuxReview.txt \ firstname.lastname@example.org:~/TuxReview.txt The authenticity of host '22.214.171.124 (126.96.36.199)' can't be established. RSA key fingerprint is 0b:83:75:77:4b:7a:14:d4:05:37:d2:d4:2e:b3:2a:eb. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '188.8.131.52' (RSA) to the list of known hosts. Password: TuxReview.txt 100% 843 0.8KB/s 00:00 workimac:~ norburym$
To copy an entire directory using
scp, you must use the
-r (recursive) option. For example, still
ssh'd into my work computer, I will copy the contents of the directory called AllReviews from my work home directory to the desktop of the PowerBook I'm actually typing on at home:
workimac:~ norburym$ scp -r AllReviews \ email@example.com:~/Desktop/ Password: .DS_Store 100% 6148 6.0KB/s 00:00 OSXServerAdmin.txt 100% 2770 2.7KB/s 00:00 TuxReview.txt 100% 843 0.8KB/s 00:00 workimac:~ norburym$
Lo and behold, the directory appears right in front of me! To close the
ssh connection, type logout at the command line prompt.
Since we're talking about copying files, and we're also trying to maintain a good level of security, let's look at
sftp (secure file transfer protocol). Basic
ftp is a way to transfer files between computers.
sftp is compatible with
ssh and operates in the same way as standard
ftp. Let's use
sftp to get that TuxReview.txt file from my work computer again. From my PowerBook (tiger12), I issue the
sftp command along with my username and host of my work iMac G5 computer (184.108.40.206):
tiger12:~ norburym$ sftp firstname.lastname@example.org Connecting to 220.127.116.11... Password: sftp>
I'm prompted for my password, which I successfully put in. I'm rewarded with the
sftp prompt. I can see where I am by typing
ls. .. .CFUserTextEncoding .DS_Store .Trash .bash_history .ssh AllReviews Desktop Documents Library Movies Music Pictures Public Sites sftp>
cd to my AllReviews directory and then use the
get command to grab my file:
sftp> cd AllReviews sftp> get TuxReview.txt Fetching /Users/norburym/AllReviews/TuxReview.txt to TuxReview.txt /Users/norburym/AllReviews/TuxReview.txt 100% 843 0.8KB/s 00:01 sftp>
Notice that when I
cd to the AllReviews directory, the
sftp prompt doesn't change to reflect my current location. You can issue a
dir command to see a listing of the directory before using
get if you want to be sure the file is there, or for the correct spelling of the file you need.
Once you have your file, simply type
quit at the
Another useful tool is the
rsync (remote synchronization) command. This program allows you to copy directories and their contents from one computer to another. It can create a secure connection and encrypt the files it transfers. Basically, it's efficient differential mirroring: you designate a master computer and a clone, and
rsync compares the contents of each and copies only the changes from the master to the clone.
rsync works either locally or between a local and a remote computer, you can
ssh into a remote machine and run
rsync from that computer to another remote computer.
rsync syntax looks like this:
rsync [options] source destination
Take a look at the man pages for
rsync for a detailed explanation of how to best use the options. Here is a simple example of how to use
rsync to copy the contents of one local directory to a remote directory using
ssh (from my local PowerBook AllReviews directory located on my desktop to my work iMac G5 Public folder):
tiger12:~ norburym$ rsync -e ssh -avz AllReviews \ email@example.com:Public Password: building file list ... done AllReviews/ AllReviews/.DS_Store AllReviews/OSXServerAdmin.txt AllReviews/TuxReview.txt sent 7167 bytes received 80 bytes 439.21 bytes/sec total size is 23284 speedup is 3.21 tiger12:~ norburym$
Here, I've used the options
-e ssh -avz. The
-e ssh option tells
rsync to use the secure shell connection. The
-a option does an archive and preserves access modes (permissions, owner and group), the
-v option means verbose (returns details about the copy process), and the
-z option compresses the files using
I'm prompted for norburym's password and after I put it in and hit return, I see that
rsync builds the file list and then does its magic. I also see a nice summary in the final two lines telling me the amount of data transferred (sent 7167 bytes, received 80 bytes) and the data throughput (439.21 bytes/sec).
Let's add three new files (PHPMySQL.txt, FirefoxThunderbird.txt and LonghornBetaReview.txt) to my local directory and run
tiger12:~ norburym$ rsync -e ssh -avz AllReviews \ firstname.lastname@example.org:Public Password: building file list ... done AllReviews/ AllReviews/FirefoxThunderbird.txt AllReviews/LonghornBetaReview.txt AllReviews/PHPMySQL.txt sent 7730 bytes received 60 bytes 502.58 bytes/sec total size is 42571 speedup is 5.46 tiger12:~ norburym
After adding three files to my local directory,
rsync compares the files in my PowerBook master directory and the iMac G5 clone directory and copies only the three new files over to my work G5 Public folder.
Now I'll delete the Longhorn Beta review (because of all the kernel changes happening in the product which would require a complete rewrite anyway) and then run
rsync with the
tiger12:~ norburym$ rsync -e ssh -avz --delete \ AllReviews email@example.com:Public Password: building file list ... done deleting AllReviews/LonghornBetaReview.txt AllReviews/ AllReviews/.DS_Store sent 490 bytes received 94 bytes 40.28 bytes/sec total size is 42571 speedup is 72.90 tiger12:~ norburym$
rsync command compares the files in the source and destination and deletes any file that was removed from the source directory, in this case, the woefully out of date LonghornBetaReview.txt file.
rsync doesn't preserve resource forks, though, so if you are interested in using it with Classic apps or other files with type/creator codes then you're better off with RsyncX (http://www.versiontracker.com). A further note for Tiger users: RsyncX doesn't currently support the additional access control list (ACL) metadata introduced in Tiger but there should be an update for RsyncX in future to support ACLs. RsyncX does work as expected for resource fork, icon, type/creator codes, as before.
The terminal offers some very useful methods for accessing disks locally and remotely. This can be done quickly and securely. While there are other GUI options for remote access to networked computers (notably, Apple Remote Desktop), Mac OS X comes with built-in command line access tools to accomplish a variety of tasks and can provide more control and options over some GUI alternatives.
Mary Norbury-Glaser is the IT director at a University of Colorado affiliate center. She has over 15 years of experience in cross-platform systems administration in the education sector. She loves fast cars and geocaching.
Return to MacDevCenter.com.
Copyright © 2009 O'Reilly Media, Inc.