Transfer files over a crossover cable between laptops
- Anmelden oder Registrieren um Kommentare zu schreiben
Both laptops are Lenovo T420's running Trisquel_9.
The source files are on a USB-connected internal SATA HDD, and the target location is
another USB-connected SATA HDD that is essentially empty, albeit with its own Trisquel_9.
The crossover cable avoids the intrusion of WiFi and other 'puters on the network, but
the configuration of the connection is where I'm stumped.
There's a need to mount each others' samba shares and to configure the transfer protocols.
I've created a mount point alongside the other HDD's in the 'puter, but the mount command
recommended at https://tecadmin.net/mounting-samba-share-on-ubuntu/
sudo mount -t cifs -o username=DutchBoy rw,vers=3.0,credentials=/root/.smbcredentials //192.168.1.2/share /media/share
elicits only an error statement mount: bad usage which seems to contradict man mount.
When I try to configure Smb4K, I can enter the computer name and workgroup OK; but the "URL that was passed is invalid."
What I specifically submitted to Smb4K were:
UNC Address: //george@george-ThinkPad-T420
IP address: 192.168.1.2
Workgroup: DutchBoy
Why SMB? Connect both T420 with an ethernet cable, set the IP addresses, then use SSH (scp). It's way better. Not only faster but also securer.
nadebula.1984 suggested scp; it's not available on my Trisquel_9 installation nor from the repository.
SSHFS is available and promises ease of use, but it gave a "connection refused" response when I tried to
use it to copy a test file from one computer to the other, onto both of which I had installed sshfs.
More exploration of the setup is needed. I'll start with https://help.ubuntu.com/community/SSHFS>
sudo apt install ssh
This is a meta-package, and you get everything about SSH and SFTP, including both client and server. If you still need a GUI for SFTP, you can use FileZilla. Modern file managers for mainstream desktop environments also allow the users to connect to FTP/FTPS/SFTP servers in the LAN.
I don't quite understand why most distributions do not include ssh by default. Even in Debian Installer, I have to manually select the SSH server components.
Certainly because most users do not need/want a remote access to their system. Those same users may define a weak root password (on Debian). Automatically installing an SSH server would then put their system at very high risk. It is better to not install any server by default. Those who need a server know how to install it anyway.
It is true that enabling SSH server might have some side effects. However, it's not a major threat, due to the following facts:
* Most users don't have public IP (i.e., they are behind NATs)
* Users can set up security mechanisms on their own gateways (e.g., wireless router, which is often an NAT, too)
* Users can set up security mechanisms on their own SSH servers (e.g., by disabling password login, or setting IP/MAC address blacklist)
* Users can store the SSH private keys on their smart cards and protect them using strong PINs, and therefore leaving no key/certificate files on their disks
Usually, if you can prevent any potential attackers (including your parents, children, better/worse halves, and friends, etc.) from accessing your internal/private network, you are basically safe.
Quoting Magic Banana,
...most users do not need/want a remote access to their system. Those same users may define a weak root
password (on Debian). Automatically installing an SSH server would then put their system at very high risk.
It is better to not install any server by default. Those who need a server know how to install it anyway.
Here I sit with two DVD/SATA caddies, each with 895GB free space, and a third DVD/SATA caddy with 675GB of data that
I want to duplicate onto the two receiving caddies.
I could upload them in 50GB chunks over WiFi with FileZilla to my gracious ISP (who limits me to 100GB) or
I could plug a crossover network cable into two of the pairs at a time and make the transfers with FileZilla,
which works well and with which I have long-term familiarity. There's no need for WiFi with the physical connection.
I've installed SSH on two of the 'puters so far, and I'm trying to learn about Magic Banana's recommended Fail2Ban,
but with few recent references to the use of Fail2Ban and nothing in this forum about its configuration page (man
jail.conf) and no understandable references on the configuration of SSH, the comment, "Those who need a server know
how to install it anyway" isn't helpful.
SSH & Fail2Ban were easy to install, but I hesitate to have to resort to trial & error configuration attempts.
So far, all of my attempts at the standard configurations have met with rejection by the target computer.
All three 'puters are Lenovo T420's with their as-built firmware and unused internal WiFi hardware.
The service seems to be disabled in Trisquel even if ssh is manually installed.
Start the service:
'sudo systemctl start ssh'
Uploading them in 50 GB chunks to your ISP? What an egregious waste of network traffic...
With SSH (SFTP), you can still use FileZilla. Connect both computers with an ethernet cable, enter your server's IP address, user name and password, and 22 as port number.
Setting up an SFTP server is surprisingly easy. If you use Debian and select the SSH server component, the only thing you need to set up is the IP address, and this step can also be omitted, if your server is in an internal network with DHCP.
loldier wisely reveals that SSH has to be told to start ...
but let's make sure that there is a complementary stop command:
sudo systemctl stop ssh
Mate Terminal implies there is such a command, as it didn't complain when I tried it.
That relieves my concern about trying ssh without starting and configuring Fail2Ban,
as I intend to run ssh without WiFi enabled.
You can stop/start the service as you wish; it's not permanent and won't survive a reboot (unless you make it so).
There are still too many hoops through which to jump.
The best I've managed so far is to get the following
message on the target computer: Connection failed
Activation of network connection failed
That's using FileZilla; the IP addresses are 192.168.1.x
at each end of the crossover cable; WiFi is turned off.
There seems to be nothing automatic about what's touted
as an easy-to-use application.
Results of Internet searches mainly feature youtube and
windows. The latter is nowhere near my linux OS's; the
former cannot be accessed with the WiFi off.
Is my only option running the whole process in the terminal ?
The target OS wants a CA certificate ... for a local connection ?
FileZilla complains when I attempt a wired connection to 192.168.1.x
with my username & root password:
ENETUNREACH - Network unreachable
You don't need root privileges.
Make sure ssh is installed on both computers and server started on the target computer.
Then make a connection using the LAN address, username and your user's password on the receiving end.
##EDIT##
You don't even need a crossover cable. A straight cable should work. Try another cable.
loldier has some puzzling comments:
(1) I don't need root privileges: The P/W I have to use is the same as I need to use sudo;
is there another word for that password ?
(2) Yes, I've installed SSH on both computers; that requires root privileges; I test for
the local network IP address by pinging; on the self-same computer the latency is 10 times
shorter. I can only start or stop SSH with my sudo password for authentication.
(3) Supposedly, modern network software is "smart" and adjusts appropriately for the cable
that's used. All I can tell you is that the target computer senses my transmissions over
that cable, but all attempts bring a failure response at both ends, not just from one end.
I tried the straight Ethernet cable that I've long used to connect to the router; no luck
with that either.
When the cable is connected, what defines the LAN ? Is it the router ? That's unavailable
with WiFi disconnected ... Do I need to redefine the local network ?
Make sure you have installed ssh and started the service. From then on, you don't need sudo or root privileges. When logging into another computer, you use the plain user's home account and that user's password. You're confusing encryption with root credentials.
Try the following steps:
1. Install the meta-package ssh and make sure that SSH server is running on one of your computers. Let's assume the user account name is "foo"
2. Connect both computers with an ethernet cable. Set the "foo" computer's IP address to something like 10.0.0.1/24 (i.e., the subnet mask is 255.255.255.0). Set the other computer (let's assume the user account name is "bar") to 10.0.0.2/24.
3. Open a terminal window on the "bar" computer, and enter the command "ssh foo@10.0.0.1". You should be prompted to verify the fingerprint of the "foo" computer and enter "yes" to confirm.
4. Enter the password for "foo" account. Now you should be able to log on the "foo" computer via SSH.
If the previous steps work correctly, you should have no further problem, and you should already know something about how to use SSH.
You can also test SSH logon using two virtual machines. To enable two virtual machines to log on to each other, you'll need to use the "host only" mode for both virtual NICs. Most hypervisors should have this feature.
nadebula.1984 is both patient & kind to list step-by-step instructions; there are too many wrong turns
for me to proceed by trial & error.
Neverthless, I still have questions:
Re(1) SSH is installed on both computers; my wife & I and a printer are the only LAN users, I'm george. Is that my account name ?
System Monitor identifies each computer as "george-ThinkPad-T420" but I'm just "george" on the Mate Terminal.
I'm "george" on both computers, server & target. They now have different IP addresses assigned by the router. I suspect you are
telling me that they need independently assigned and different addresses. FileZilla's network configuration wizard assumes that
both computers are behind a router. Normally, yes; for this transfer, I'm bypassing the router with that accursed cable.
Re(2) A gateway appears to be demanded; but that's a router setting, there's only the cable connection (whichever one I
use; I know the one I swiped from an upstairs laptop was working when last used).
Re(3)
The target computer is the server, and the computer that ssh's into the target is a client.
You can find your user name typing in terminal 'whoami'.
loldier revealed something:
The target computer is the server, and the computer that ssh's into the target is a client.
That's a big help; I had 'em backwards. In FileZilla the server is on the right, my client (where
the files are sitting) is on the left. Reading man SSH, I get the impression that the command,
SSH username@IP_Address is a request to gain access to the "other" machine on the network.
"whoami" confirms the one piece of information that I've gotten right so far. Sho'nuff: I'm george.
I briefly managed to get things going with ssh george@193.168.1.5 on the server, and it
told me ECDSA fingerprint is SHA256:...[long, confidential string]... It then presented me
with a Trisquel welcome page and nothing more except a prompt that wouldn't accept any key strokes,
but I had things backwards then.
The client computer did much the same, albeit only briefly enough for me to save the [different]
ECDSA fingerprint.
After making sure that both client and server have WiFi "off" and Wired connection "on" I attempted
ssh george@IP_address_other_computer from each end of the wired connection; and even
pinging between the two computers, always getting Destination Host Unreachable
What it's boiling down to is that I cannot get either wired connection to stay open sufficiently
long for me to get a connection between the two established. Rather like getting the TV turned on
through a handheld controller and the set-top box.
It's all explained pretty well here.
I managed to connect two GNU/Linux computers with a straight eth cable and ssh/ping successfully.
You need to edit Network Manager's settings (add a new connection): MAC address, ipv4 to manual 10.0.0.1/10.0.0.2 (see the link above for details).
The file manager is able to play videos over the connection (connect to server – ssh://10.0.0.2). I added an image to demonstrate this.
It's doable!
When using direct ethernet cable connection, be sure that you set the IP of the wired NIC to manual (static).
If you still have difficulties, you can connect both computers to your router (gateway) with DHCP enabled using two ethernet cables, and then both computers receive automatically assigned IP. If you choose to do like this, you need to set the IP of the wired NIC to automatic (DHCP).
It would appear that the client T420 has four LAN addresses:
ifconfig
enp0s25: flags=4099 mtu 1500
ether 00:21:cc:c7:08:06 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 20 memory 0xf2500000-f2520000
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 266 bytes 19494 (19.4 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 266 bytes 19494 (19.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlxa854b2a7643d: flags=4163 mtu 1500
inet 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::948d:bc0d:f1d:2c8f prefixlen 64 scopeid 0x20
ether a8:54:b2:a7:64:3d txqueuelen 1000 (Ethernet)
RX packets 1141 bytes 668556 (668.5 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 766 bytes 109484 (109.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
In the third "paragraph" above there are both IPv4 & IPv6 addresses, the IPv6
address perhaps being used for Ethernet transmissions ?
The server T420 also has this configuration, with the familiar 192.168.1.5
and also an IPv6 address labelled Ethernet.
Could it be that the LAN is expecting IPv6 ?
When I invoke SSH on the server T420 by typing
ssh george@192.168.1.2
the server T420 asks for the authentication password for the client T420 and
asks if I want to proceed (yes/no), whereupon the TRISQUEL ASCII logo appears
and I am presented with a Mate terminal into which I can make no entries.
I'm also informed of an ECDSA fingerprint that's apparently auto-generated (it's
different from what I was given yesterday).
With the wired connection on the server T420 apparently "up" I cannot delete
its IPv6 address (the only address listed by ipconfig) nor can I add the
192.168.1.5 address. For the IPv6 address, the reply is "unknown host"; for the I
Pv4 address, the reply is "no such device".
For the client T420, I get the same "unknown host" response when I attempt to
delete its IPv6 address.
Note that there are two IPv6 addresses for each T420, depending on which
interface(s) is (are) "up" at the time ifconfig requests its data. With WiFi
disabled, there is only one IPv6 address and _no_ IPv4 address; that's with
networking still enabled, but with the Ethernet cable plugged in but not in
actual operation.
How do I force ifconfig to accept the necessary changes ? Because of IPv6's
propensity to hide malevolent actors (dig & dig -x rarely returning useful
answers) I see no need to have data flowing over that cable in IPv6 packets.
Make a new network connection profile and use that to edit the settings to match the linked article above. Use 10.0.0.1/10.0.0.2.
The IPv6 address starting with "fe" is a private address and is therefore meaningless, just like the IPv4 private address 169.254.x.x
However, it's strange enough that you seemed to be successfully log on via SSH but couldn't enter anything in the terminal.
I could test it using virtual machines and see what would happen...
Having composed a long treatise of misery describing the many network managers in Trisquel_9 and then losing
it while activating & deactivating WiFi and Wired connection 1, I can only say that Wired connection 1, at
least in the client T420, has an IPv4 address of 169.254.97.235, subnet mask 255.255.0.0, and also has an IPv6
address to which I would not entrust a pack of chewing gum. No wonder I could not get a working connection.
Aside: That IPv6 address starting with "fe" is in fact the hardware address of the Ethernet interface, according
to the Connection information link in the nm-tray application.
Am I to edit the file, /etc/network/interfaces ? It now consists of three lines:
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
There's also /etc/NetworkManager, which lists the following files:
conf.d dnsmasq.d NetworkManager.conf
dispatcher.d dnsmasq-shared.d system-connections
The directory system-connections contains two files pertaining to WiFi and one to 'Wired Connection 1':
[connection]
id=Wired connection 1
uuid=50e49b64-8f00-3bd4-8e5c-4463c226746e
type=ethernet
autoconnect-priority=-999
permissions=user:george:;
timestamp=1623873732
[ethernet]
auto-negotiate=true
mac-address=00:21:CC:C7:08:06
mac-address-blacklist=
[ipv4]
dns-search=
may-fail=false
method=link-local
[ipv6]
addr-gen-mode=stable-privacy
dns-search=
ip6-privacy=0
method=auto
Alas, no mention of an IPv4 address ...
There's also NetworkManager.conf:
cat NetworkManager.conf
[main]
plugins=ifupdown,keyfile
[ifupdown]
managed=false
[device]
wifi.scan-rand-mac-address=no
No revelations there, either.
Is it possible to go back to the default settings (including connection settings for all NICs, SSH server and clinet, and firewall, if existing)?
With default settings, the only thing that must be done is to set the IP addresses. At least this is the case for Debian.
And I still agree to install Trisquel in virtual machines to see whether I have the same problems (when I have some time).
Teenie bit of progress:
T420-Caps is the server; Wired connection 1: 10.0.0.2, 255.255.255.0; SSH started; wired connection up.
T420-X is the client; Wired connection 1: 10.0.0.5, 255.255.255.0; SSH started; wired connection up.
FileZilla, Connect to Remote desktop; Connect to Server: All respond: No route to host.
Best bet is FileZilla, as the password is transmitted with the connection request.
For the others, authentication is an iffy process.
When I reboot the client, the server drops its Wired connection, but that connection reconnects
when the client finishes booting up. Both wired connections are stable, but there's something
preventing SSH or even pings.
Started another thread describing Plan B:
https://trisquel.info/en/forum/hot-plug-devsda-order-accept-file-transfers
Putting client & server inside the same box makes the wired connection the USB bus.
Thanks for all your suggestions and troubleshooting tips.
- Anmelden oder Registrieren um Kommentare zu schreiben