Transferring files made easy using SSH/SFTP
(last time edited: 2021-03-24)
When I fix someone else's computer I don't really want to use a hard drive to transfer backups. I don't wanna waste my time dealing with different incompatible filesystems or opening encrypted storages. Also NO! I don't wanna start an unsafe and risky an old FTP instance on my side. There are nice little programs such as vsftpd but it can be a pain to set up. Avoid FTP and FTPS at all costs.
The solution is always handy, simple and very easy to use. The magnificent SSH (Secure Shell) protocol and it's SFTP (SSH File Transfer Protocol) implementation. While both at its core pretend to do the same in different ways, in my personal tech dungeon SFTP is more comfortable to use with different kinds of systems, such as Linux to Windows, Windows to Linux, Android to Linux, Linux to Android, Windows to Android and viceversa. Termux on Android + SSH = Glorious. The SSH protocol works at many levels. It's also perfect for mantaining incremental backups between home devices.
Some UNIX command-line and graphical programs like FileZilla or similar are all you need. Oh, and a private LAN! Yes, your router connecting every device in the same network.
SSH or Secure Shell is a cryptographic network protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH.
SSH provides a secure channel over an unsecured network by using a client–server architecture, connecting an SSH client application with an SSH server. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2. The standard TCP port for SSH is 22. SSH is generally used to access Unix-like operating systems, but it can also be used on Microsoft Windows. Windows 10 uses OpenSSH as its default SSH client and SSH server.
Go to your UNIX clone system and install OpenSSH from your distribution repository if possible. Usually the package name is openssh.
In Void Linux:
# xbps-install openssh
Now start sshd. The SSH daemon service. While there are advanced alternatives such as tinyssh or dropbear, let's just stick with the most common SSH distribution which is OpenSSH.
If you are using runit to manage your services it's just as simple as creating a symlink. If you are using SystemD I cannot help you. Sorry, burn in hell.
# ln -s /etc/sv/sshd /var/service
Oh no! sshd is running and our system is exposing us to all external connections. We won't use firewall and port management with UFW, nor TCP deny lists as a solution.
The solution is to add some text somewhere in
/etc/ssh/sshd_config file. Do NOT delete everything else.
... PermitRootLogin no AllowUsers *@192.168.1.0/24 ...
With these options we are disabling any login to our root@localhost. I know sshd by default only permits login via authorized_keys, but who cares when we can be a little more paranoid? The second option allows only IPs from the same subnet, IPs in our LAN. Some routers assign IPs starting from 192.168.0.0, some routers starting from 192.168.1.0.
/24 is a different way to say from 0 to 255.
Anyways, my router only has a LAN address pool from 192.168.1.100 to 192.168.1.199. Only 99 connections.
If by some reason you need root login to some computer use this setting. It could be useful sometimes.
... PermitRootLogin yes ...
Remember to restart your SSH service daemon after editing sshd_config.
Transferring files using FileZilla
FileZilla is a free software, cross-platform FTP application, consisting of FileZilla Client and FileZilla Server. Client binaries are available for Windows, Linux, and macOS, server binaries are available for Windows only. Both server and client support FTP and FTPS (FTP over TLS/SSL), while the client can in addition connect to SFTP servers.
You can transfer files using the a virtual simple terminal, PuTTY, and many other programs but let's make this guide idiotproof.
Install the FileZilla client on the computer you wanna retrieve the backup.
If you don't wanna install FileZilla, you might aswell try another graphical client like gFTP which is lighter and probably works even better than FileZilla. I just picked up FileZilla which is very stable software.
Find out the local IP number where the backup is stored.
You can do this by running in said computer the next command:
Usually the local IP is listed in the block of our network interface. In my case it goes by enp031f6.
enp0s31f6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.101 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::dd5:dafsd:b9vea:8a66 prefixlen 64 scopeid 0x20<link> ether 20:8a:3a:1b:2c:32 txqueuelen 1000 (Ethernet) RX packets 13819321 bytes 18856114728 (17.5 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 5302798 bytes 518821380 (494.7 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 16 memory 0xf27200000-f7240000
As you can see the IP is listed next to inet.
A nice recommendation is to create a different user with a different password containing the backup. You don't wanna get compromised.
# adduser someuser
# passwd someuser
Now go to FileZilla and connect using the SFTP protocol.
Fill in the top fields and click Quickconnect. Port 22 is SSH's default port.
Now you can mess with directories, move, copy, delete, etc.
Transferring files using a terminal
Keep it simple stupid, you don't need FileZilla to send a whole directory from system to system. Well... FileZilla makes things easier only if you have a Windows machine on the other side.
First make sure your important UNIX user home directories are not accesible by groups or public users.
# chmod 700 /path/to/user_home_dir
Let's keep going.
From UNIX clone to UNIX clone I still prefer the terminal.
There are multiple ways to connect remotely with the terminal. The easiest one is opening a tunnel via SSH.
$ ssh some_user@ip_here
and using rsync to create an incremental transfer/backup of specific files/directories.
$ rsync -av --delete /home/some_user/backup_i_want_to_download /home/other_user/new_backup
You can also download/upload files using temporal OpenSSH's scp (secure file copy). It works as a network version of
for downloading files:
$ scp some_user@ip_here:/home/some_user/file.txt /home/other_user/file.txt
for uploading files:
$ scp /home/some_user/file.txt someuser@iphere:/home/some_user/file.txt
Another way is to open an SFTP tunnel as if you were using plain old FTP.
sftp comes inside the OpenSSH package.
$ sftp some_user@iphere
If you type help inside the shell it will bring up all kinds of commands that you can use to navigate around.
SimpleSSHD is a SSH server Android app, based on Dropbear, written by Greg Alexander.
It allows user access (user ssh) or full root access (by setting the login shell to /system/xbin/su) (if root is allowed).
If you'd like to backup your computer files and transfer them to your smartphone, then use this program. You can download it from F-Droid.
Install it, run it and start the background service. Your device IP will be on the top blue bar and the default port is NOT 22. It's 2222 because of Android restrictions.
The basic usage for an SSH tunnel is:
$ ssh -p 2222 192.168.1.100
If you wanna send an incremental backup using SSH + rsync this is the commandline:
$ rsync -av --delete -e 'ssh -p 2222' /home/some_user/dotfiles 192.168.1.100:dotfiles
Everytime you connect you'll be prompted to introduce a randomly generated password that displays on your smartphone.