File transfer over SSH Authentication Agent

Ever been logged in to a remote host via SSH, and thought "OK, I need that file there"?

ssh-xfer is the answer!

ssh-xfer is a hackish but handy way of transferring files from remote hosts to your local computer. Firstly, you need to run a slightly modified SSH authentication agent program on your local computer. Patches are available for both OpenSSH and PuTTY, see below. If you haven't used a SSH agent program before, this article seems to be reasonable, or you can look at the OpenSSH/PuTTY docs.

You don't need any modifications to your ssh client or server programs - only the modified SSH authentication agent, and the extra ssh-xfer program.

Once you have the modified ssh-agent program running, you can use ssh-xfer. On the remote computer you want to grab files from, you need a compiled version of the ssh-xfer binary. This can be created by applying the OpenSSH patch below to an OpenSSH 3.8.1p1 directory, ./configure, then make ssh-xfer.

To test it out, SSH to the remote host, making sure agent forwarding is on. Then try:

ssh-xfer somefilehere.txt

The file should magically appear at your local ~/Desktop, or on your Windows desktop with the PuTTY patch. If you want a different path, edit the patch. You can also go

cat somefilehere.txt | ssh-xfer nametocallfile.txt -

if you want to tranfer stdin. This is particularly useful from within Mutt.

The patches

Be warned. This is a very hackish file transfer technique. The authors of these patches don't want to accept any blame at all if it somehow decides that the target file is /dev/disk0s3 and blats your disk. If you use this software, evaluate the risks yourself :) At the time of writing, the OpenSSH patch is 2 days old, and the PuTTY patch is hours old. Though they seem to work:

Against OpenSSH-3.8.1p1. This contains the patch for the actual ssh-xfer program, as well as the patched ssh-agent. You need this for the remote host, and for your local host if you run a Unix. Thanks to Bernard Blackham for testing it out and feedback on making it faster. Updated 2005-11-03 to include libgen.h so ssh-xfer won't segfault on platforms where sizeof(char*) != sizeof(int), and ssh-agent will be more reliable.

Against PuTTY (some version). This patches pageant/plink/putty to receive files. Beware that if a transfer fails, then the pageant might stop responding or something. Contributed by Andrew Francis, impressively quickly :)

How it works

Step one: send the filename in a packet. And wait for a response.

Step two: send a chunk of data. Then another. Then another. Don't wait for responses, since SSH has windowing etc in the channel layer anyway. I've managed 500kB/sec over wireless, so it seems fast enough.

Step three: send a finish packet. And wait for a response.

If you want more details, look at ssh-xfer.c, or ssh-agent.c, from the OpenSSH patch.

Please, if you have any criticism, flames, comments, or patches to patches, don't hesitate to email me. And if you want to see the patch go upstream.... well.

Matt Johnston matt <at>

Back to my homepage.