Tunnelling SSH/SCP through intermediate host when two hosts can’t directly communicate

Posted by & filed under Linux.

Scenario:

We need to scp a file between two hosts. The problem is that the two hosts (A & C) cannot directly communicate. We can solve this using a SSH tunnel and an intermediate host (B) that can communicate with both. This also means, the command for Host B needs to run first, then the scp command for host A.:

 

Host A (source)

This will scp to localhost on port 3000 which is actually our tunnel to host c — /destination_file is the path on host C

scp -P 3000 /source/file username@localhost:/destination_file

Host B (intermediate)

ssh -R 3000:ip.of.host.a:22 ip.of.host.c

Host C (destination)

 

 

Also, if you have spaces in the paths make sure to escape the space with \ e.g.

scp -P 3000 "/source/file/some\ directory/" username@localhost:/destination_file