How to scp with a second remote host

Question

I wonder if there is a way for me to SCP the file from remote2 host directly from my local machine by going through a remote1 host.

The networks only allow connections to remote2 host from remote1 host. Also, neither remote1 host nor remote2 host can scp to my local machine.

Is there something like:

scp user1@remote1:user2@remote2:file .

First window: ssh remote1, then scp remot2:file ..

Second shell: scp remote1:file .

First window: rm file; logout

I could write a script to do all these steps, but if there is a direct way, I would rather use it.

Thanks.

EDIT: I am thinking something like opening SSH tunnels but i'm confused on what value to put where.

At the moment, to access remote1, i have the following in $HOME/.ssh/config on my local machine.

Host remote1    User     user1    Hostname localhost    Port     45678 

Once on remote1, to access remote2, it's the standard local DNS and port 22. What should I put on remote1 and/or change on localhost?

Answer 1

I don't know of any way to copy the file directly in one single command, but if you can concede to running an SSH instance in the background to just keep a port forwarding tunnel open, then you could copy the file in one command.

Like this:

# First, open the tunnel ssh -L 1234:remote2:22 -p 45678 user1@remote1 # Then, use the tunnel to copy the file directly from remote2 scp -P 1234 user2@localhost:file . 

Note that you connect as user2@localhost in the actual scp command, because it is on port 1234 on localhost that the first ssh instance is listening to forward connections to remote2. Note also that you don't need to run the first command for every subsequent file copy; you can simply leave it running.