Use Secure Copy
Secure Copy (“SCP”) provides a secure means of copying files to and from NetStorage using SSH for authentication and security. It is, however, limited to file transfers and cannot be used for other management tasks. Because of this limitation, you may want to use the SSH File Transfer Protocol (SFTP), which has largely superseded SCP and is a more capable SSH-based tool.
Prerequisites before using SCP with NetStorage
- SSH keys. You need to apply a secure SSH key to an upload account.
- Domain name prefix. Prepend your domain name prefix to the upload domain.
- Upload domain.
<Domain name prefix>.scp.upload.akamai.com
- Username. All secure connections use
sshacs
as the username.
Example domain: This example uses an example domain name prefix of nsmediadocs
and the scp.upload.akamai.com
upload domain to give a fully-qualified upload domain of: sshacs@nsmediadocs.scp.upload.akamai.com
Secure Copy guidelines and requirements
You should meet these requirements when using Secure Copy.
- OpenSSH version 6.7 (or later) - For multi-threading and higher window sizes. See additional information on OpenSSH.
- High Performance Network Patches (Recommended) - These patches are applied to remove a networking bottleneck that exists in the base OpenSSH code. Additional details are available via an FAQ.
- Is the client CPU maxing out? This is unlikely if you are using a wide-area network, but if it does happen, you can use the multi-threaded AES-CTR cipher if that meets your security needs.
Wild cards and symlinks
When using SCP to interact with a NetStorage storage group, these limitations apply:
- Wild Card Notation (Globbing) is not supported
SCP connection command format
Values displayed in “< >” represent variables and you should replace them with the actual options.
scp [-1234BCpqrv] [-c <cipher>] [-F <ssh_config>] [-i <identity_file>] [-l <limit>] [-o <ssh_option>] [-P <port>] [-S <program>][[user@]host1:] file1[...] [[user@]host2:]file72
SCP examples using OpenSSH
These examples show you how to connect with SCP and issue basic commands.
Example OpenSSH SCP connection
This example uses the OpenSSH SCP client from a command line. It uses an example domain name prefix of nsmediadocs
and the scp.upload.akamai.com
upload domain.
scp -i <private key> sshacs@nsmediadocs.scp.upload.akamai.com
Upload a local file to the remote server
This example sends the local movie.mp4
file to the remote /movies
directory.
scp -i <private key> C:\local_folder\movie.mp4 sshacs@nsmediadocs.scp.upload.akamai.com:/movies
# Response output
movie.mp4 100% 40KB 40.4KB/s 00:00
Recursively upload a local directory to a remote server
This example recursively sends content from the local C:\local_folder\
directory to the remote /movies
directory, automatically creating subdirectories as needed.
scp -i <private key> -r C:\local_folder\ sshacs@nsmediadocs.scp.upload.akamai.com:/movies
# Response output
.dotfile 100% 0 0.0KB/s 00:00
example.txt 100% 15KB 14.9KB/s 00:00
movie.mp4 100% 40KB 40.4KB/s 00:00
subtitle.srt 100% 5029 4.9KB/s 00:00
Secure Copy (SCP) connection options
This section covers the available SecureCopy (SCP) commands supported by NetStorage. NetStorage supports the normal command set for SCP (except where noted) in this table:
Option | Description |
---|---|
-1 | Use SSH protocol 1 Note: NetStorage does not support SSH protocol 1 -- This command is not supported for use. |
-2 | Use SSH protocol 2 |
-4 | Use only IPv4 addresses |
-6 | Use only IPv6 addresses |
-B | Use batch mode |
-C | Use compression |
-c <cipher> | Specify the “<cipher>” for encrypting the data transfer |
-F <ssh_config> | Designate a substitute per-user SSH configuration file (i.e., define it as the “<ssh_config>” variable) |
-i <identity_file> | If applicable, include this option and set the “<identity_file>” variable as the complete path to, and file name of the private SSH key file. |
-l <limit> | Include this command and set the “<limit>” variable to the maximum bandwidth to be used (in kilobits per second) |
-o <ssh_option> | Send the specified “<ssh_option>” to SSH in the ssh_config format. Available options include the following (Detailed information on each of these options can be found at http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config):
|
-P <port> | Connect to port on the remote host |
-p | Save the original file’s modification/access times, and modes |
-q | Turn off the progress meter |
-r | Copy recursively |
-S <program> | Specify the <program> to use for connecting |
-v | Display the operation’s execution step by step |
Use an SCP client support
Supported SCP clients
NetStorage allows the use of common SCP clients. Complete details on referenced SCP clients and components — including how to apply the “private key” file for an applicable SSH key — can be found at their respective links.
- OpenSSH SCP. http://www.openssh.org/manual.html
- PuTTY and PSCP. http://www.chiark.greenend.org.uk/~sgtatham/putty/
Unsupported SCP clients
Any client not listed as supported should be considered unsupported. Third-party clients may include features not supported by NetStorage.
- WinSCP. This client is unsupported for use with the SCP protocol, but can be used as a client with the SFTP protocol. See Use SSH File Transfer Protocol (SFTP) for detailed instructions.
Usage instructions aren't provided for these third-party components. It is assumed that you are familiar with their use. Use an unsupported client at your own risk.
Updated almost 2 years ago