starred/the-bastion
1
0
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2026-05-09 08:25:27 +02:00
Code Issues 46 Projects Packages Wiki Activity

[GH-ISSUE #193] Server to Server SCP through the bastion #47

New issue
Open
opened 2026-05-07 00:18:07 +02:00 by BreizhHardware · 3 comments
BreizhHardware commented 2026-05-07 00:18:07 +02:00
Owner
Copy link

Originally created by @RomainL972 on GitHub (Jun 4, 2021).
Original GitHub issue: https://github.com/ovh/the-bastion/issues/193

Hi,

We've been using The Bastion at our organization for some time and I noticed that it's not possible to use SCP to copy a file from one host on the bastion to another one also on the bastion. Is that a limitation of the software or is there some configuration needed ?

Thanks.

Originally created by @RomainL972 on GitHub (Jun 4, 2021). Original GitHub issue: https://github.com/ovh/the-bastion/issues/193 Hi, We've been using The Bastion at our organization for some time and I noticed that it's not possible to use SCP to copy a file from one host on the bastion to another one also on the bastion. Is that a limitation of the software or is there some configuration needed ? Thanks.
BreizhHardware commented 2026-05-07 00:18:08 +02:00
Author
Owner
Copy link

@speed47 commented on GitHub (Jun 14, 2021):

Hello,

This is not supported (yet). I checked and it seems that when you type the following command from machine A:

user@A$ scp B:file C:file

This is what happens:

  • A connects through ssh to B, and launches the command scp file C:file on B
  • B connects through ssh to C, and launches the command scp -t

With a bastion between A and the rest of the infrastructure, this would mean:

  • A connects through the bastion to B, and launches the command scp file C:file on B
  • B connects directly through ssh to C (no bastion there), and launches the command scp -t

In both cases, this implies that B needs to have direct access to C.

I'll check if this can work with some minor adjustments to the code.

<!-- gh-comment-id:860544431 --> @speed47 commented on GitHub (Jun 14, 2021): Hello, This is not supported (yet). I checked and it seems that when you type the following command from machine `A`: `user@A$ scp B:file C:file` This is what happens: - A connects through ssh to B, and launches the command `scp file C:file` on B - B connects through ssh to C, and launches the command `scp -t` With a bastion between A and the rest of the infrastructure, this would mean: - A connects through the bastion to B, and launches the command `scp file C:file` on B - B connects directly through ssh to C (no bastion there), and launches the command `scp -t` In both cases, this implies that B needs to have direct access to C. I'll check if this can work with some minor adjustments to the code.
BreizhHardware commented 2026-05-07 00:18:08 +02:00
Author
Owner
Copy link

@speed47 commented on GitHub (Jun 14, 2021):

This should be doable, however in the meantime, you should be able to do, if your bastion alias is bssh, instead of:

scp -S ~/scp_bastion server1:file1 server2:file2

Try this:

bssh server1 -- scp file1 server2:file2

It's functionally equivalent, and what happens under the hood if you use scp directly with 2 remote servers.
If you have the chance to test this with your setup, can you confirm it works?

<!-- gh-comment-id:860865976 --> @speed47 commented on GitHub (Jun 14, 2021): This should be doable, however in the meantime, you should be able to do, if your bastion alias is `bssh`, instead of: `scp -S ~/scp_bastion server1:file1 server2:file2` Try this: `bssh server1 -- scp file1 server2:file2` It's functionally equivalent, and what happens under the hood if you use `scp` directly with 2 remote servers. If you have the chance to test this with your setup, can you confirm it works?
BreizhHardware commented 2026-05-07 00:18:08 +02:00
Author
Owner
Copy link

@RomainL972 commented on GitHub (Aug 19, 2021):

Hi, what I want to do is to download a file from a server behind the bastion, and to upload it to another server also behind the bastion, like what is shown here : https://unix.stackexchange.com/a/184435

<!-- gh-comment-id:902251420 --> @RomainL972 commented on GitHub (Aug 19, 2021): Hi, what I want to do is to download a file from a server behind the bastion, and to upload it to another server also behind the bastion, like what is shown here : https://unix.stackexchange.com/a/184435
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
expifix
groupcreate_fix_uid
fix_group_gid_fast
gh-pages
clush
expiration
jsonvalidator
v3.23.01
v3.23.00
v3.22.00
v3.21.00
v3.20.00
v3.19.01
v3.19.00
v3.18.99-rc1
v3.18.00
v3.17.01
v3.17.00
v3.16.99-rc3
v3.16.99-rc2
v3.16.99-rc1
v3.16.01
v3.16.00
v3.15.00
v3.14.16
v3.14.15
v3.14.00
v3.13.01
v3.13.00
v3.12.00
v3.11.02
v3.11.01
v3.11.00
v3.10.00
v3.09.02
v3.09.00-really
v3.09.00
v3.09.00-rc3
v3.09.00-rc2
v3.09.00-rc1
v3.08.01
v3.08.00
v3.07.00
v3.06.00
v3.05.01
v3.05.00
v3.04.00
v3.03.99-rc2
v3.03.99-rc1
v3.03.01
v3.03.00
v3.02.00
v3.01.99-rc4
v3.01.99-rc3
v3.01.99-rc2
v3.01.99-rc1
v3.01.03
v3.01.02
v3.01.01
v3.01.00
v3.00.02
v3.00.01
v3.00.00
Labels
Clear labels   
answered

   
bug

   
documentation

   
enhancement

   
enhancement

   
feature

   
feature

   
kept-open-for-info

   
pull-request
Mirrored from GitHub Pull Request

  
question
No labels
answered
bug
documentation
enhancement
enhancement
feature
feature
kept-open-for-info
pull-request
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/the-bastion#47
No description provided.