macdevcenter.com
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button

An Introduction to Tiger Terminal, Part 2
Pages: 1, 2

ssh

At the bottom of the window, you'll see instructions on how to log into the remote computer, "To log in to this computer remotely, type, 'ssh norburym@140.226.4.39' at a shell command prompt."



If you have a firewall enabled, go to the Firewall tab in the Sharing pref pane and under Allow make sure you have Remote Login—SSH checked to open this particular port (port 22, incidentally). Once back in your comfy Aeron chair, bring your ever-active terminal app to the front and enter the command as instructed at the bottom of the Sharing pref pane:

tiger12:~ norburym$ ssh norburym@140.226.4.39
The authenticity of host '140.226.4.39 (140.226.4.39)'
can't be established.
RSA key fingerprint is 
8f:a0:46:0c:37:b6:bc:37:30:7c:fb:fc:dc:d6:87:e9.
Are you sure you want to continue connecting (yes/no)?

Type in yes, hit the enter/return key and you'll get a warning and be prompted for the user's password (in this example, norburym's password):

Warning: Permanently added '140.226.4.39' (RSA) to the list
of known hosts.
Password:

After entering your password and enter/return, you'll see:

tiger12:~ norburym$ ssh norburym@140.226.4.39
Password:
Last login: Sun May 29 15:14:00 2005 from 140.226.4.44
Welcome to Darwin!
samsmacmini:~ norburym$ 

The prompt now shows the name of the computer you've connected to (samsmacmini) with the username you used to run the ssh command (norburym).

In the case of a machine with a stuck process, you can now run top to find out the process of the offending application and then run the kill command with the process number to stop the process.

scp

Let's say you are home, working on your PowerBook and you realize that you need some files residing on the iMac G5 sitting on your desk at work, a 40-minute drive away. You want to copy these files from your remote computer to your PowerBook. You can copy files remotely and securely using the scp (secure copy) command. As an example, let's assume that you have a virtual private network (VPN) that you can log into at work (which enables you to securely connect to your workplace network) and that you enabled Remote Login on your work iMac G5.

The scp command creates an encrypted session using ssh and the files are sent encrypted so you don't have to ssh into the remote machine. The syntax for the scp command is simply:

scp source destination

However, since you're copying files from one machine to another, you need to specify the username and the host in the source (iMac G5 at work). We're logged into the destination computer (the PowerBook sitting in front of us) so we don't need to specify our login:

scp [user@host:]source destination

In other words:

tiger12:~ norburym$ scp \
norburym@140.226.4.23:~/TuxReview.txt ~/TuxReview.txt
norburym@140.226.4.23's password:
TuxReview.txt 100% 843 0.8KB/s 00:00 
tiger12:~ norburym$

Here, I'm copying the file TuxReview.txt from my (norburym's) home directory on the remote computer at work (140.226.4.23) and putting it in my home directory on the computer I'm logged into (the PowerBook). The command asks for my password and then gives me the total size of the copied file, the rate at which it copied, and the total time it took to copy the file.

If I were already logged into the remote computer via ssh, I would be actually on the other computer and I'd be sending the file back to my home computer, so let's look at that scenario. First, I'll use the ssh command to access my work iMac G5:

tiger12:~ norburym$ ssh norburym@140.226.4.23
Password:
Last login: Mon May 30 13:25:31 2005 from 140.226.4.44
Welcome to Darwin!
workimac:~ norburym$

Notice that the shell prompt indicates that I'm logged into the remote computer. And then I'll run scp this way:

workimac:~ norburym$ scp ~/TuxReview.txt \
norburym@140.226.4.44:~/TuxReview.txt
The authenticity of host '140.226.4.44 (140.226.4.44)' 
can't be established.
RSA key fingerprint is 
0b:83:75:77:4b:7a:14:d4:05:37:d2:d4:2e:b3:2a:eb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '140.226.4.44' (RSA) to the
list of known hosts.
Password:
TuxReview.txt 100% 843 0.8KB/s 00:00 
workimac:~ norburym$

To copy an entire directory using scp, you must use the -r (recursive) option. For example, still ssh'd into my work computer, I will copy the contents of the directory called AllReviews from my work home directory to the desktop of the PowerBook I'm actually typing on at home:

workimac:~ norburym$ scp -r AllReviews \
norburym@140.226.4.44:~/Desktop/
Password:
.DS_Store 100% 6148 6.0KB/s 00:00 
OSXServerAdmin.txt  100% 2770  2.7KB/s  00:00 
TuxReview.txt   100% 843  0.8KB/s  00:00 
workimac:~ norburym$ 

Lo and behold, the directory appears right in front of me! To close the ssh connection, type logout at the command line prompt.

sftp

Since we're talking about copying files, and we're also trying to maintain a good level of security, let's look at sftp (secure file transfer protocol). Basic ftp is a way to transfer files between computers. sftp is compatible with ssh and operates in the same way as standard ftp. Let's use sftp to get that TuxReview.txt file from my work computer again. From my PowerBook (tiger12), I issue the sftp command along with my username and host of my work iMac G5 computer (140.226.4.23):

tiger12:~ norburym$ sftp norburym@140.226.4.23
Connecting to 140.226.4.23...
Password:
sftp> 

I'm prompted for my password, which I successfully put in. I'm rewarded with the sftp prompt. I can see where I am by typing ls:

sftp> ls 
.    ..     .CFUserTextEncoding 
.DS_Store  .Trash    .bash_history 
.ssh    AllReviews   Desktop 
Documents  Library   Movies 
Music   Pictures   Public 
Sites 
sftp> 

I cd to my AllReviews directory and then use the get command to grab my file:

sftp> cd AllReviews
sftp> get TuxReview.txt 
Fetching /Users/norburym/AllReviews/TuxReview.txt to
TuxReview.txt
/Users/norburym/AllReviews/TuxReview.txt 
100% 843 0.8KB/s 00:01 
sftp> 

Notice that when I cd to the AllReviews directory, the sftp prompt doesn't change to reflect my current location. You can issue a dir command to see a listing of the directory before using get if you want to be sure the file is there, or for the correct spelling of the file you need.

Once you have your file, simply type quit at the sftp prompt.

rsync

Another useful tool is the rsync (remote synchronization) command. This program allows you to copy directories and their contents from one computer to another. It can create a secure connection and encrypt the files it transfers. Basically, it's efficient differential mirroring: you designate a master computer and a clone, and rsync compares the contents of each and copies only the changes from the master to the clone.

Although rsync works either locally or between a local and a remote computer, you can ssh into a remote machine and run rsync from that computer to another remote computer. rsync syntax looks like this:

rsync [options] source destination

Take a look at the man pages for rsync for a detailed explanation of how to best use the options. Here is a simple example of how to use rsync to copy the contents of one local directory to a remote directory using ssh (from my local PowerBook AllReviews directory located on my desktop to my work iMac G5 Public folder):

tiger12:~ norburym$ rsync -e ssh -avz AllReviews \
norburym@140.226.4.23:Public
Password:
building file list ... done
AllReviews/
AllReviews/.DS_Store
AllReviews/OSXServerAdmin.txt
AllReviews/TuxReview.txt

sent 7167 bytes received 80 bytes 439.21 bytes/sec
total size is 23284 speedup is 3.21
tiger12:~ norburym$

Here, I've used the options -e ssh -avz. The -e ssh option tells rsync to use the secure shell connection. The -a option does an archive and preserves access modes (permissions, owner and group), the -v option means verbose (returns details about the copy process), and the -z option compresses the files using gzip.

I'm prompted for norburym's password and after I put it in and hit return, I see that rsync builds the file list and then does its magic. I also see a nice summary in the final two lines telling me the amount of data transferred (sent 7167 bytes, received 80 bytes) and the data throughput (439.21 bytes/sec).

Let's add three new files (PHPMySQL.txt, FirefoxThunderbird.txt and LonghornBetaReview.txt) to my local directory and run rsync again:

tiger12:~ norburym$ rsync -e ssh -avz AllReviews \
norburym@140.226.4.23:Public
Password:
building file list ... done
AllReviews/
AllReviews/FirefoxThunderbird.txt
AllReviews/LonghornBetaReview.txt
AllReviews/PHPMySQL.txt

sent 7730 bytes received 60 bytes 502.58 bytes/sec
total size is 42571 speedup is 5.46
tiger12:~ norburym

After adding three files to my local directory, rsync compares the files in my PowerBook master directory and the iMac G5 clone directory and copies only the three new files over to my work G5 Public folder.

Now I'll delete the Longhorn Beta review (because of all the kernel changes happening in the product which would require a complete rewrite anyway) and then run rsync with the --delete option:

tiger12:~ norburym$ rsync -e ssh -avz --delete \
AllReviews norburym@140.226.4.23:Public
Password:
building file list ... done
deleting AllReviews/LonghornBetaReview.txt
AllReviews/
AllReviews/.DS_Store

sent 490 bytes received 94 bytes 40.28 bytes/sec
total size is 42571 speedup is 72.90
tiger12:~ norburym$

The rsync command compares the files in the source and destination and deletes any file that was removed from the source directory, in this case, the woefully out of date LonghornBetaReview.txt file.

rsync doesn't preserve resource forks, though, so if you are interested in using it with Classic apps or other files with type/creator codes then you're better off with RsyncX (http://www.versiontracker.com). A further note for Tiger users: RsyncX doesn't currently support the additional access control list (ACL) metadata introduced in Tiger but there should be an update for RsyncX in future to support ACLs. RsyncX does work as expected for resource fork, icon, type/creator codes, as before.

Final Thoughts

The terminal offers some very useful methods for accessing disks locally and remotely. This can be done quickly and securely. While there are other GUI options for remote access to networked computers (notably, Apple Remote Desktop), Mac OS X comes with built-in command line access tools to accomplish a variety of tasks and can provide more control and options over some GUI alternatives.

Mary Norbury-Glaser is the IT director at a University of Colorado affiliate center. She has over 15 years of experience in cross-platform systems administration in the education sector. She loves fast cars and geocaching.


Return to MacDevCenter.com.