An Introduction to Tiger Terminal, Part 2
Pages: 1, 2

ssh

At the bottom of the window, you'll see instructions on how to log into the remote computer, "To log in to this computer remotely, type, 'ssh norburym@140.226.4.39' at a shell command prompt."

If you have a firewall enabled, go to the Firewall tab in the Sharing pref pane and under Allow make sure you have Remote Login—SSH checked to open this particular port (port 22, incidentally). Once back in your comfy Aeron chair, bring your ever-active terminal app to the front and enter the command as instructed at the bottom of the Sharing pref pane:

tiger12:~ norburym$ ssh norburym@140.226.4.39
The authenticity of host '140.226.4.39 (140.226.4.39)'
can't be established.
RSA key fingerprint is 
8f:a0:46:0c:37:b6:bc:37:30:7c:fb:fc:dc:d6:87:e9.
Are you sure you want to continue connecting (yes/no)?

Type in yes, hit the enter/return key and you'll get a warning and be prompted for the user's password (in this example, norburym's password):

Warning: Permanently added '140.226.4.39' (RSA) to the list
of known hosts.
Password:

After entering your password and enter/return, you'll see:

tiger12:~ norburym$ ssh norburym@140.226.4.39
Password:
Last login: Sun May 29 15:14:00 2005 from 140.226.4.44
Welcome to Darwin!
samsmacmini:~ norburym$ 

The prompt now shows the name of the computer you've connected to (samsmacmini) with the username you used to run the ssh command (norburym).

In the case of a machine with a stuck process, you can now run top to find out the process of the offending application and then run the kill command with the process number to stop the process.

scp

Let's say you are home, working on your PowerBook and you realize that you need some files residing on the iMac G5 sitting on your desk at work, a 40-minute drive away. You want to copy these files from your remote computer to your PowerBook. You can copy files remotely and securely using the scp (secure copy) command. As an example, let's assume that you have a virtual private network (VPN) that you can log into at work (which enables you to securely connect to your workplace network) and that you enabled Remote Login on your work iMac G5.

The scp command creates an encrypted session using ssh and the files are sent encrypted so you don't have to ssh into the remote machine. The syntax for the scp command is simply:

scp source destination

However, since you're copying files from one machine to another, you need to specify the username and the host in the source (iMac G5 at work). We're logged into the destination computer (the PowerBook sitting in front of us) so we don't need to specify our login:

scp [user@host:]source destination

In other words:

tiger12:~ norburym$ scp \
norburym@140.226.4.23:~/TuxReview.txt ~/TuxReview.txt
norburym@140.226.4.23's password:
TuxReview.txt 100% 843 0.8KB/s 00:00 
tiger12:~ norburym$

Here, I'm copying the file TuxReview.txt from my (norburym's) home directory on the remote computer at work (140.226.4.23) and putting it in my home directory on the computer I'm logged into (the PowerBook). The command asks for my password and then gives me the total size of the copied file, the rate at which it copied, and the total time it took to copy the file.

If I were already logged into the remote computer via ssh, I would be actually on the other computer and I'd be sending the file back to my home computer, so let's look at that scenario. First, I'll use the ssh command to access my work iMac G5:

tiger12:~ norburym$ ssh norburym@140.226.4.23
Password:
Last login: Mon May 30 13:25:31 2005 from 140.226.4.44
Welcome to Darwin!
workimac:~ norburym$

Notice that the shell prompt indicates that I'm logged into the remote computer. And then I'll run scp this way:

workimac:~ norburym$ scp ~/TuxReview.txt \
norburym@140.226.4.44:~/TuxReview.txt
The authenticity of host '140.226.4.44 (140.226.4.44)' 
can't be established.
RSA key fingerprint is 
0b:83:75:77:4b:7a:14:d4:05:37:d2:d4:2e:b3:2a:eb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '140.226.4.44' (RSA) to the
list of known hosts.
Password:
TuxReview.txt 100% 843 0.8KB/s 00:00 
workimac:~ norburym$

To copy an entire directory using scp, you must use the -r (recursive) option. For example, still ssh'd into my work computer, I will copy the contents of the directory called AllReviews from my work home directory to the desktop of the PowerBook I'm actually typing on at home:

workimac:~ norburym$ scp -r AllReviews \
norburym@140.226.4.44:~/Desktop/
Password:
.DS_Store 100% 6148 6.0KB/s 00:00 
OSXServerAdmin.txt  100% 2770  2.7KB/s  00:00 
TuxReview.txt   100% 843  0.8KB/s  00:00 
workimac:~ norburym$ 

Lo and behold, the directory appears right in front of me! To close the ssh connection, type logout at the command line prompt.

sftp

Since we're talking about copying files, and we're also trying to maintain a good level of security, let's look at sftp (secure file transfer protocol). Basic ftp is a way to transfer files between computers. sftp is compatible with ssh and operates in the same way as standard ftp. Let's use sftp to get that TuxReview.txt file from my work computer again. From my PowerBook (tiger12), I issue the sftp command along with my username and host of my work iMac G5 computer (140.226.4.23):

tiger12:~ norburym$ sftp norburym@140.226.4.23
Connecting to 140.226.4.23...
Password:
sftp> 

I'm prompted for my password, which I successfully put in. I'm rewarded with the sftp prompt. I can see where I am by typing ls:

sftp> ls 
.    ..     .CFUserTextEncoding 
.DS_Store  .Trash    .bash_history 
.ssh    AllReviews   Desktop 
Documents  Library   Movies 
Music   Pictures   Public 
Sites 
sftp> 

I cd to my AllReviews directory and then use the get command to grab my file:

sftp> cd AllReviews
sftp> get TuxReview.txt 
Fetching /Users/norburym/AllReviews/TuxReview.txt to
TuxReview.txt
/Users/norburym/AllReviews/TuxReview.txt 
100% 843 0.8KB/s 00:01 
sftp> 

Notice that when I cd to the AllReviews directory, the sftp prompt doesn't change to reflect my current location. You can issue a dir command to see a listing of the directory before using get if you want to be sure the file is there, or for the correct spelling of the file you need.

Once you have your file, simply type quit at the sftp prompt.

rsync

Another useful tool is the rsync (remote synchronization) command. This program allows you to copy directories and their contents from one computer to another. It can create a secure connection and encrypt the files it transfers. Basically, it's efficient differential mirroring: you designate a master computer and a clone, and rsync compares the contents of each and copies only the changes from the master to the clone.

Although rsync works either locally or between a local and a remote computer, you can ssh into a remote machine and run rsync from that computer to another remote computer. rsync syntax looks like this:

rsync [options] source destination

Take a look at the man pages for rsync for a detailed explanation of how to best use the options. Here is a simple example of how to use rsync to copy the contents of one local directory to a remote directory using ssh (from my local PowerBook AllReviews directory located on my desktop to my work iMac G5 Public folder):

tiger12:~ norburym$ rsync -e ssh -avz AllReviews \
norburym@140.226.4.23:Public
Password:
building file list ... done
AllReviews/
AllReviews/.DS_Store
AllReviews/OSXServerAdmin.txt
AllReviews/TuxReview.txt

sent 7167 bytes received 80 bytes 439.21 bytes/sec
total size is 23284 speedup is 3.21
tiger12:~ norburym$

Here, I've used the options -e ssh -avz. The -e ssh option tells rsync to use the secure shell connection. The -a option does an archive and preserves access modes (permissions, owner and group), the -v option means verbose (returns details about the copy process), and the -z option compresses the files using gzip.

I'm prompted for norburym's password and after I put it in and hit return, I see that rsync builds the file list and then does its magic. I also see a nice summary in the final two lines telling me the amount of data transferred (sent 7167 bytes, received 80 bytes) and the data throughput (439.21 bytes/sec).

Let's add three new files (PHPMySQL.txt, FirefoxThunderbird.txt and LonghornBetaReview.txt) to my local directory and run rsync again:

tiger12:~ norburym$ rsync -e ssh -avz AllReviews \
norburym@140.226.4.23:Public
Password:
building file list ... done
AllReviews/
AllReviews/FirefoxThunderbird.txt
AllReviews/LonghornBetaReview.txt
AllReviews/PHPMySQL.txt

sent 7730 bytes received 60 bytes 502.58 bytes/sec
total size is 42571 speedup is 5.46
tiger12:~ norburym

After adding three files to my local directory, rsync compares the files in my PowerBook master directory and the iMac G5 clone directory and copies only the three new files over to my work G5 Public folder.

Now I'll delete the Longhorn Beta review (because of all the kernel changes happening in the product which would require a complete rewrite anyway) and then run rsync with the --delete option:

tiger12:~ norburym$ rsync -e ssh -avz --delete \
AllReviews norburym@140.226.4.23:Public
Password:
building file list ... done
deleting AllReviews/LonghornBetaReview.txt
AllReviews/
AllReviews/.DS_Store

sent 490 bytes received 94 bytes 40.28 bytes/sec
total size is 42571 speedup is 72.90
tiger12:~ norburym$

The rsync command compares the files in the source and destination and deletes any file that was removed from the source directory, in this case, the woefully out of date LonghornBetaReview.txt file.

rsync doesn't preserve resource forks, though, so if you are interested in using it with Classic apps or other files with type/creator codes then you're better off with RsyncX (http://www.versiontracker.com). A further note for Tiger users: RsyncX doesn't currently support the additional access control list (ACL) metadata introduced in Tiger but there should be an update for RsyncX in future to support ACLs. RsyncX does work as expected for resource fork, icon, type/creator codes, as before.

Final Thoughts

The terminal offers some very useful methods for accessing disks locally and remotely. This can be done quickly and securely. While there are other GUI options for remote access to networked computers (notably, Apple Remote Desktop), Mac OS X comes with built-in command line access tools to accomplish a variety of tasks and can provide more control and options over some GUI alternatives.

Mary Norbury-Glaser is the IT director at a University of Colorado affiliate center. She has over 15 years of experience in cross-platform systems administration in the education sector. She loves fast cars and geocaching.

Return to MacDevCenter.com.

Post your Terminal questions and comments here.
You must be logged in to the O'Reilly Network to post a talkback.

Showing messages 1 through 10 of 10.

• Store the result of command executed on remote machine.
  2007-09-21 05:03:06  Rapunzel [Reply | View]
  
  
  I have to execute commands on the remote machine. I did ssh username@ip to connect to the remote machine. I successfully executed command on the machine.
  But my problem is that how does my automation script will come to know the output of the command executed?
  
• Store the result of command executed on remote machine.
  2007-09-22 19:03:43  norburym [Reply | View]
  
  
  Hi Rapunzel,
  I need a bit more information on how you have set up your automation script to run? Where is the script? Are you receiving an error when you successfully execute the command via ssh?
  Thanks, Mary

• Dealing with single quotes in file names
  2006-08-27 06:26:45  mikesker [Reply | View]
  
  
  Good article... thanks.
  I have taken your advice and put the entire file path in single quotes for scp transfer. Additionally, I have had to put escapes ("\") in front of all the spaces, parentheses, "&", and ";", all of which have worked fine. The character that has me stumped is "'". For instance, I cannot seem to scp a file named "That's just the way it is.mp3". I have been pulling my hair out.
  Any ideas? Thanks, -mike
• Dealing with single quotes in file names
  2006-09-14 13:19:15  norburym [Reply | View]
  
  
  Sorry for the delay in replying!
  If your file name has a single quote in it (or an apostrophe as it appears in the file name) then just do this (I created a test rtf file called That's just the way it is.rtf):
  mimimini:/ norburym$ scp That\'s\ just\ the\ way\ it\ is.rtf "norburym@10.0.1.7:That\'s\ just\ the\ way\ it\ is.rtf"
  Password:
  That's just the way it is.rtf 100% 318 0.3KB/s 00:00
  mimimini:/ norburym$
  Hope that helps!
  Mary
  

• ssh and routers
  2006-01-17 10:12:54  Rob_D [Reply | View]
  
  
  Hi
  
  Excellent Introduction to Tiger Terminal, I must say.
  
  I would be interested to know how to access a computer which is behind a router.
  
  I would not be able to access it using ssh norburym@140.226.4.39, for example, if the public address is 82.164.23.05.
  
  Thank you
• ssh and routers
  2006-01-17 10:24:25  Rob_D [Reply | View]
  
  
  OK, I think I have found the clue here:
  http://www.macdevcenter.com/pub/a/mac/2004/07/20/inside_ssh_pt3.html?page=1
• ssh and routers
  2006-01-17 12:52:06  norburym [Reply | View]
  
  
  Thank you!
  Yes, I think that article on ssh should help you out.

• blocks used
  2005-06-17 19:48:14  baltwo [Reply | View]
  
  
  You state:
  
  "Run a long listing with the option -l to get more information:
  
  tiger12:~ norburym$ ls -l /Volumes
  total 72
  drwxrwxrwx 1 norburym norburym 16384 May 29 13:13 BIG TIKI
  drwxrwxrwx 1 norburym norburym 16384 May 29 13:02 DevilDuckie
  lrwxr-xr-x 1 root admin 1 May 29 09:51 Untitled -> /
  tiger12:~ norburym$
  Total 72 gives me the amount of storage in blocks (each block is 1024 bytes) used by all the items in /Volumes."
  
  Are you hiding other things in /Volumes? When I issue ls -al /Volumes, it only shows this:
  
  ~ baltwo$ ls -al /Volumes/
  total 8
  drwxrwxrwt 10 root admin 340 Jun 17 14:50 .
  drwxrwxr-t 39 root admin 1360 Jun 17 14:49 ..
  drwxr-xr-x 15 baltwo baltwo 544 Jun 8 20:51 DMGs
  drwxr-xr-x 27 baltwo baltwo 952 Jun 8 20:51 Documents
  drwxr-xr-x 31 baltwo baltwo 1088 Jun 8 20:51 OS 9 Panther
  drwxr-xr-x 32 baltwo baltwo 1122 Jun 8 20:51 OS 9 Tiger
  drwxrwxr-t 44 root admin 1530 Jun 8 20:51 Panther
  drwxrwxr-t 40 root admin 1394 Jun 10 20:10 Panther Clone
  drwxrwxr-t 41 root admin 1428 Jun 15 20:25 Tiger
  lrwxr-xr-x 1 root admin 1 Jun 17 14:50 Tiger Clone -> /
  localhost:~ baltwo$
  
  I.e., the count is 8, which reflects the eight volumes resident within /Volumes.
• blocks used
  2005-06-23 10:37:22  norburym [Reply | View]
  
  
  Actually, the count of 8 that you see is not the number of volumes (this is coincidence) but the sum of all the file sizes (at the end of the part you quoted from the article, I wrote: "Total 72 gives me the amount of storage in blocks (each block is 1024 bytes) used by all the items in /Volumes.").
  If you total the sizes of your volumes (not hidden), you'll get 8.

• Tiger rsync
  2005-06-15 08:43:00  ninjabong [Reply | View]
  
  
  Tiger's rsync, like it's revamped mv and cp commands, does infact now support resource forks through -E. Same cavaet as RsyncX applies (must have it on both source and destination machines)