Log In to Another Computer - Take Control of the Mac Command Line with Terminal (2015)

Take Control of the Mac Command Line with Terminal (2015)

Log In to Another Computer

Every time you connect to another Mac to share files or other system resources, you are, in a way, logging in to that other Mac. However, in this chapter, I describe a particular way of logging in to a remote computer—doing so using SSH (secure shell), which gives you access to the other computer’s command-line interface from within your own Mac’s command-line interface. Logging in via SSH lets you interact with another computer in the same way you interact with your current Mac from inside a Terminal window.

You can connect to almost any Mac, Unix, or Unix-like computer (and some Windows computers) using SSH, provided the other computer has SSH enabled. (To enable incoming SSH access on a Mac, check the Remote Login box in System Preferences > Sharing.)

If you log in to another Mac, everything should look quite familiar, whereas other operating systems may follow different conventions. For the purposes of this chapter, I assume that the remote computer is at least running a Unix-like system so that most of the things you’ve learned in this book still apply.

Start an SSH Session

The easiest way to start an SSH session from Terminal is to begin in an existing shell session. Then follow these steps:

1. Enter the following, substituting your username on the remote computer for username, and the remote computer’s IP address or domain name for remote-address:

ssh username@remote-address

2. If this is the first time you’re connecting to this particular remote computer, you will see a message something like the following:

The authenticity of host 'macbook-pro.local (fe80::20c:74ee:edb2:61ae%en0)' can't be established. RSA key fingerprint is d0:15:73:75:04:9a:c3:2d:5b:b1:f8:c0:7d:83:52:ef. Are you sure you want to continue connecting (yes/no)?

After reading the sidebar “SSH Security Considerations,” just ahead, assuming you’re still comfortable connecting, type yes and press Return.

3. Text similar to the following appears on screen:

Warning: Permanently added ‘macbook-pro.local.,
fe80::20c:74ee:edb2:61ae%en0’ (RSA) to the list of known hosts.

And following that is a password prompt. Type your password for the remote computer and press Return.

Note: As you type your password, no text appears—not even bullet or asterisk characters. That’s normal.

Assuming the remote computer accepts your password, it presents you with a new command prompt, often (but not always) accompanied by a brief welcome message.

SSH Security Considerations

SSH is a highly secure protocol, so what’s with these fingerprints and warnings?

The simplified explanation here for using SSH relies on your trusting that the computer you’re connecting to is the one you think it is—that no one has hijacked your connection. The fingerprint is a unique identifier tied to each computer, and by agreeing (in Step 2) that the fingerprint is correct, you’re saying you trust this fingerprint for that computer.

How would you know you can? If you’re connecting to another Mac on your home network, you can safely take it for granted. If you’re connecting to a computer at the office, a Web server, or some other commercial computer, ask the system administrator who’s in charge of it to confirm its fingerprint, and make sure it matches what you see. (If the computer you’re connecting to is a Mac running Yosemite, you or an administrator can use the procedure in the Verify an RSA Fingerprint for SSH recipe.)

Once you accept a fingerprint, your Mac remembers it and checks to see that the fingerprint matches that remote computer every time you connect to it. If it doesn’t, it may be a sign that a hacker is trying to trick you into connecting to the wrong computer.

Run Commands on Another Computer

Once you’re logged in to another computer, you run commands on it exactly the same way you do on your own Mac: just enter a command and any necessary flags and arguments.

However, you should be aware of a few potential “gotchas” when connecting to other computers:

· Your default shell on the other computer might not be bash, so some commands may not work the way you expect. Usually—though not always—you can switch to the bash shell, if it’s not already running, simply by entering bash.

· Your .bash_profile (see Customize Your Profile) applies only to the bash shell running on your Mac—not the shell on the remote Mac! So your existing aliases, PATH variable, and other settings may not work. If you have sufficient permission, you can of course create a .bash_profile on the remote computer as well.

· If the other computer is a Mac, and especially if it’s running the same version of Mac OS X that you are, you can assume that most programs will be in the same locations. But be aware that a program you want to use could be missing, located somewhere else, or configured in a way that denies you access.

· If you use a command that opens an application outside Terminal—for example, if you enter open flowers.jpeg to open a graphic in the default application (which on a Mac is Preview), that application opens on the remote computer, not the one where you physically typed the command!

End an SSH Session

To close your remote connection, simply enter exit.

You return to your existing shell session on your own Mac. As is the case when exiting your own shell session, it’s always best to use exit to end a remote session gracefully, shutting down any processes that may be running and doing associated clean-up tasks.

Transfer Files with sftp or scp

Although you can run any command-line program on a remote computer while logged in with SSH, one thing you can’t do in an SSH session is transfer files between your Mac and the remote computer. So, if you discover you need to move a file that’s on the remote computer to your local Mac (or vice-versa), you’ll have to ditch SSH and use a different program. There are many that could do the trick, but I’ll tell you about two of my favorites: sftp and scp.

Sftp

You’ve undoubtedly heard of FTP (File Transfer Protocol); you may also be aware that it’s famously insecure. So even if the remote computer is running an FTP server, I suggest avoiding FTP as a way of transferring files unless there’s no other option. But you might be lucky enough to find that the remote computer is running an SFTP (SSH File Transfer Protocol) server, which operates very much like FTP except that it’s way more secure. And, as you might predict, the command you use to access an SFTP server is sftp.

Note: Macs with Remote Login enabled in System Preferences > Sharing (that is, those you can connect to using SSH) also support file transfer via sftp, regardless of whether File Sharing is enabled.

To open an SFTP connection, use this command:

sftp username@host

As usual, replace username with your username on the remote computer and host with that computer’s domain name or IP address. Enter your password for the remote computer when prompted, and then you’ll see a “Connected to” message followed by this prompt:

sftp>

From here, you can use many command-line navigation techniques you’re already familiar with, such as cd and pwd to browse the file system.

When you get to a directory containing a file you want to download to your local Mac, you can do it like this:

get filename

If you want to transfer an entire directory and its contents, add the -r (recursive) flag:

get -r directory_name

Either way, the item will be downloaded to whichever directory you were in on the command line when you ran the sftp command.

Note: If the file you want isn’t in the current directory but you know its exact path, you can use get /path/to/file. Similarly, if you want to store it somewhere else on your local Mac, you can add the destination path: get/path/to/remote_file /path/to/local_directory.

To upload a file, use the put command, which follows exactly the same pattern as get:

put /path/to/local_file /path/to/remote_directory

So, you can use just the filename if it’s in your current directory, or you can specify a file from somewhere else on your Mac by giving its complete path. If you leave out the destination directory, the file will be uploaded to your current directory on the remote computer.

When you’re done transferring files, you can leave sftp by entering exit.

Scp

The nice thing about sftp is that you can use it not only to transfer files but also to browse the remote file system. But if sftp isn’t available on the remote computer, you may have to resort to a different method: scp (secure copy). Because scp uses SSH, it should work pretty much anywhere SSH does, even when sftp does not. The downside, however, is that scp requires you to know the exact name and location of the file on the remote computer—you can’t browse with scp.

If you don’t already know the name and path of the file you want, you’ll have to find that out by first logging in with SSH and browsing to find the file’s location on the remote computer. Then make a note of it (or copy it to your Clipboard) and switch over to scp—either in a separate Terminal window or tab, or after closing your SSH connection.

The syntax for simple scp transfers is:

scp username@host:/path/to/remote_file /path/to/destination

For example, if my username on the computer mac.alt.cc is joe, the file I want to download is /Users/joe/Desktop/test.txt, and I want to store it on the Desktop of my local Mac, I would use:

scp joe@mac.alt.cc:/Users/joe/Desktop/test.txt ~/Desktop

After you enter the command, you’ll be prompted for your password on the remote computer.

To download an entire directory, add the -r (recursive) flag, like so:

scp -r joe@mac.alt.cc:/Users/joe/Documents/Folder ~/Desktop

If you want to upload a file to the remote computer, you can do it almost exactly the same way as downloading, but swap source and destination, like so:

scp ~/Desktop/test.txt joe@mac.alt.cc:/Users/joe/Desktop/

And, once again, use -r to upload a directory and all its contents:

scp -r ~/Documents/Folder joe@mac.alt.cc:/Users/joe/Desktop/