Topic 12
SECURE SHELL, SECURE COPY, AND EMAIL
5/21/2021
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 1
Secure Copy (scp)
We want to copy files from a remote server to a local server or vice versa $ scp
usage: scp [-346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]
[-l limit] [-o ssh_option] [-P port] [-S program] [[user@]host1:]file1 … [[user@]host2:]file2
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 2
1
Secure Copy (scp)
We need to know the ip address of this remote server, so you just say ifconfig:
$ ifconfig
enp3s0: flags=4099
ether 54:ee:75:3a:ce:bd txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
5/21/2021
TX errors 0 dropped 0 overruns 0 carrier 0
lo: flags=73
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
RX packets 465589 bytes 1135644191 (1.1 GB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 465589 bytes 1135644191 (1.1 GB) TX errors 0 dropped 0 overruns 0 carrier 0
collisions 0
collisions 0
wlp2s0: flags=4163
inet 192.168.170.170 netmask 255.255.255.0 broadcast 192.168.170.255 inet6 fe80::37ed:2d71:803d:f333 prefixlen 64 scopeid 0x20 ether 00:71:cc:a0:9f:5f txqueuelen 1000 (Ethernet)
RX packets 10335727 bytes 3538154562 (3.5 GB)
RX errors 0 dropped 0 overruns 0 frame 16047265
TX packets 3085606 bytes 510671954 (510.6 MB)
TX errors 26 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 18
Secure Copy (scp)
Basic usage:
$ scp [path to source file] host@[ip_address]:[path to destination directory]
To copy a file from local machine to remote:
$ scp ~/hello.sh juan@192.168.170.170:~/Documents/
To copy a file from remote to local:
$ scp juan@192.168.170.170:~/Documents/ ~/hello.sh
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 3
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 4
2
Secure Shell Protocol
scp works well for individual files, but if we want to actually run commands on the remote machine we need ssh
ssh will connect us to the remote machine and give us access to the terminal on the remote machine.
5/21/2021
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 5
Secure Shell Protocol (ssh)
Usually the client side is already installed on your machine when the linux distribution was installed.
So we can connect to a remote computer by default
If we want something to connect to this (local) computer, we have to install the server side of ssh.
$ sudo aptitude install openssh-server
You will have to enter your password.
It will download and install for you and generate security keys.
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 6
3
Secure Shell Protocol (ssh)
$ ssh
usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-E log_file] [-e escape_char]
[-F configfile] [-I pkcs11] [-i identity_file]
[-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address] [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] [user@]hostname [command]
5/21/2021
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 7
Secure Shell Protocol (ssh)
Connecting to a remote machine with ssh is similar to connecting with scp, for a basic connection:
ssh [host]@[ip_address]
Depending on the security settings on the remote machine, you might have to specify a different port:
ssh –p 59104 [host]@[ip_address]
You can also specify commands to run as soon as you connect by placing them at the end: ssh [host]@[ip_address] “ls; pwd”
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 8
4
Bash scripts to send email
Although we generally use any number of free email servers like Gmail, Yahoo, Hotmail, etc, we can easily send email from the command line in Linux. We will look at some common ways
5/21/2021
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 9
Initialization: setting up SMTP server
Although there are several bash email commands for you to choose from, none will work if no SMTP server is set up properly. Although you can setup your own SMTP server to send email from the command line, you can use any free SMTP server of any well-known email service providers like Gmail and Yahoo
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 10
5
Setting up SMTP server
With Gmail: select a gmail account and enable the option of ‘Allow less secure apps’
5/21/2021
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 11
After enabling this option, you have to open the file ‘etc/ssmtp/ssmtp.conf’ with ‘root’ privilege
UseSTARTTLS=YES FromLineOverride=YES root=admin@example.com mailhub=smtp.gmail.com:587 AuthUser=username@gmail.com AuthPass=password
TOPIC 12 – SECURE SHELL, SECURE COPY, AND EMAIL 12
6
Option 1 – Using Sendmail Command
sudo apt install ssmtp
Suppose email content is stored in email.txt
$ cat email.txt
Subject: Sending email using sendmail Testing email body
Run ‘sendmail’ command with recipient’s email address:
$sendmail username@gmail.com < email.txt
5/21/2021
TOPIC 12 - SECURE SHELL, SECURE COPY, AND EMAIL 13
Option 2 – Using ‘mail’ Command
Most common is the ‘mail’ command. Not installed by default. Install with the following command
sudo apt install mailutils
$ mail –s ‘subject’ username@gmail.com
$ mail -s "hello" “username@gmail.com" << EOF hello world
EOF
TOPIC 12 - SECURE SHELL, SECURE COPY, AND EMAIL 14
7