In my working environment I am connecting to the production server using a gateway where I have my public key but sometimes I need to copy files from/to production servers.
I could copy it first on the ssh gateway and after that in my machine, but I prefer to do it through an SSH tunnel.
Assuming the ssh gateway is named ssh-server (should have an entry in /etc/hosts or dns) and the production server where I want to connect has the IP 192.168.0.10, I open the tunnel on my laptop like this:
ssh myuser@ssh-server -A -L:1025:192.168.0.10:22 'ssh-add ; while true ; do sleep 10 ;done'
Instead of the IP you can use a hostname if is it recognized by the gateway machine. The tunnel is opened now on port 1025 on my localhost, so all the connection to my machine on this port will be forwarded to the production server using my ssh key.
After that, in another terminal on my laptop I can copy the files that I need from the production server:
scp -P1025 firstname.lastname@example.org:/path/to/file .
The “root” user I used in this scp line is the user with which I connect to the production server.
If you found useful this blog post, please click some of the share buttons below. Thanks! 🙂