How to scp back to local when I've already sshed into remote machine?

Given that you have an sshd running on your local machine, it's possible and you don't need to know your outgoing IP address. If SSH port forwarding is enabled, you can open a secure tunnel even when you already have an ssh connection opened, and without terminating it.

Assume you have an ssh connection to some server:

local $ ssh [email protected]
Password:
remote $ echo abc > abc.txt  # now we have a file here

OK now we need to copy that file back to our local server, and for some reason we don't want to open a new connection. OK, let's get the ssh command line by pressing Enter ~C (Enter, then tilde, then capital C):

ssh> help
Commands:
      -L[bind_address:]port:host:hostport    Request local forward
      -R[bind_address:]port:host:hostport    Request remote forward
      -D[bind_address:]port                  Request dynamic forward
      -KR[bind_address:]port                 Cancel remote forward

That's just like the regular -L/R/D options. We'll need -R, so we hit Enter ~C again and type:

ssh> -R 127.0.0.1:2222:127.0.0.1:22
Forwarding port.

Here we forward remote server's port 2222 to local machine's port 22 (and here is where you need the local SSH server to be started on port 22; if it's listening on some other port, use it instead of 22).

Now just run scp on a remote server and copy our file to remote server's port 2222 which is mapped to our local machine's port 22 (where our local sshd is running).

remote $ scp -P2222 abc.txt [email protected]:
[email protected]'s password:
abc.txt                   100%    4     0.0KB/s   00:00

We are done!

remote $ exit
logout
Connection to example.com closed.
local $ cat abc.txt
abc

Tricky, but if you really cannot just run scp from another terminal, could help.


I found this one-liner solution on SU to be a lot more straightforward than the accepted answer. Since it uses an environmental variable for the local IP address, I think that it also satisfies the OP's request to not know it in advance.

based on that, here's a bash function to "DownLoad" a file (i.e. push from SSH session to a set location on the local machine)

function dl(){
    scp "$1" ${CLIENT_IP%% *}:/home/<USER>/Downloads
}

Now I can just call dl somefile.txt while SSH'd into the remote and somefile.txt appears in my local Downloads folder.

extras:

  • I use rsa keys (ssh-copy-id) to get around password prompt
  • I found this trick to prevent the local bashrc from being sourced on the scp call

Note: this requires SSH access to local machine from remote (is this often the case for anyone?)


The other answers are pretty good and most users should be able to work with them. However, I found the accepted answer a tad cumbersome and others not flexible enough. A VPN server in between was also causing trouble for me with figuring out IP addresses.

So, the workaround I use is to generate the required scp command on the remote system using the following function in my .bashrc file:

function getCopyCommand {
  echo "scp user@remote:$(pwd)/$1 ."
}

I find rsync to be more useful if the local system is almost a mirror of the remote server (including the username) and I require to copy the directory structure also.

function getCopyCommand {
  echo "rsync -rvPR user@remote:$(pwd)/$1 /"
}

The generated scp or rsync command is then simply pasted on my local terminal to retrieve the file.