OK so I already provided help for tunneling for special services (Web access for example - see Creating an SSH tunnel in Linux ) but was asked a few times how to copy files in and out of BNL or in between enclave.

This is easy with tunneling. Let us imagine I want to

• You are jerome [I know, may be too much :-) ]
• From your laptop, transfer a file to the Web server named yaya - this is an example where the account name will NOT match (the remote account on yaya is in our example named webmaster)
• That Web server is behind a SSH agteway / gatekeper i.e. you cannot access it directely but through one HOP

Here is what you would do:

From your laptop, create a tunnel to our web server (port 8888 is arbitrary)

% ssh -L 8888:yaya.star.bnl.gov:22 -l jerome cssh.rhic.bnl.gov -N

As you already know frm our Using the SSH Agent, you can ease the connection by starting an agent (and using -A for forwarding) i.e. you may not have to type any passphrase. As-is above, you do need to type the passphrase for account jeromel on cssh.rhic.bnl.gov (c=campus, for a node inside the RACF, use r=RHIC domain). Then, you would scp the file named "bla" by doing soemthing like this:

scp -P 8888 bla webmaster@127.0.0.1:/star/u/webmaster/bla.test

This connects to the local port 8888 which you created to pass-through the node named yaya. Because you want to connect to that remote node with a different account, you would use webmaster@ in the command but because port 8888 is created on your localhost, the node reference is localhost (or 127.0.0.1). The remote file location will be /star/u/webmaster/ in our example and it will be copied remotely with the name bla.test .


If you need to go through two nodes, I can add an example as well :-)