Holy shit batman
I have a number of Linux boxes here, but only one with a Desktop Environment installed. All others are installations of ‘Centos 7 Minimal‘. I’ve chosen the ‘minimal’ install because I don’t want all the bloat which comes with various other installations. Centos 7 Minimal is slick and almost bullet proof where set up correctly.
These boxes are servers, http, proxy, mysql, DNS, etc. and each of them rarely gets over eight percent CPU usage. That makes me happy 🙂
One of the issues I’ve come across, many times, is getting files from one box to another. Not being an expert Linux user I was unaware of some of the more tricky commands designed to make my life easier. SCP is one of those commands!
What I did previously was copy the files to a USB Thumb Drive and take them to the destination and copy them off. If I was lucky the files I needed were on the http server, in which case, I’d copy the files to a web folder and then download them on the destination before deleting them from the web server. What a pain in the ass!
SCP is f#&king awesome
We are probably all familiar with ssh, right? It’s a cool command line tool which allows you to connect to a remote server and execute command line tools. I use it hundreds of times each day and it saves me walking into the Server Room and finding a keyboard.
My most recent example of using ssh & scp was just this morning.
I have set up a new box which runs an an Nginx Reverse Proxy and a Caching DNS. The DNS is used by computers on the local network only and is there purely for my pleasure.
The server runs sweet as a nut with low CPU usage and cool CPU temperatures and 60% free memory so I can load it up as I tune it.
On my other servers I have used ‘firewalld’ to Geo block countries such as China, Russia etc. because I got sick of dealing with hack attempts on a daily basis. I should point out I’m also using Max Mind’s GeoIP2 databases for GeoIP blocking through Nginx. It might be a bit of overkill but I use a different GeoIP (ipdeny.com)provider for Firewalld giving me, what I hope, is pretty good coverage.
I have written a small bash script which updates the GeoIP data weekly and loads each blocked country into Firewalld. I didn’t want to retype the script and I couldn’t find my USB Disk so I needed another method and that’s when I stumbled upon scp.
Secure Copy – SCP
In the same way ssh gives me a remote command prompt, scp copies a file (or files) from the remote console you are on to another machine you are not on.
My bash script was called ‘ipdenyupdate.sh’ and I wanted to copy it from ‘server1’ to ‘server2’ using remote username ‘booger’. I used the following command;
# scp ipdenyupdate.sh booger@server2:/home/booger/
Let’s break it down;
- secure copy ipdenyupdate.sh from ‘server1’,
- copy it to ‘server2’ using username ‘booger’,
- and copy it to the destination directory, in this case /home/booger
If the remote ssh is listening on a port other than the default 22, specify the port using -P (scp -P ipdeny…….. etc). Notice the P is uppercase, Linux is a bit funny about upper & lower case.
Within a nano second or two, depending on the size of the file being copied, the scp command will connect to the remote, copy the file and gracefully disconnect.
Ssh into the destination box and you will see your file waiting for you. Is that f&$king awesome or what!
Other useful command line parameters
- scp –P port: Port,
- scp –p: Preserves file attributes,
- scp –q: Disables the progress meter,
- scp –r: Recursively copy entire directories,
- scp –v: Verbose mode. Loads more information to look at.
Holy shit batman, scp has saved me some time.
We use country IP data from IPDENY.COM.
UPDATED INFO
Thanks to Harri Luuppala (https://twitter.com/HarriLuuppala) for pointing out SFTP might be a better option over SCP. Whilst SCP is great for transferring files it doesn’t allow you to manage folders or delete files remotely whereas, SFTP does.
I’m going to take a closer look at SFTP and may write an article on it in the future. You can find lots of tutorials out there through Google.
I still love using SCP because over my internal network I only need to copy a few files at a time. Harri also pointed out that Rsync is also a good option, and I totally agree with that. I use Rsync to do daily backups of various servers to remote machines
Thanks for the tips Harry.