Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
server-administration:netcat-over-ssh [2011-04-18 21:20:01]
garrett.plasky Approved 		server-administration:netcat-over-ssh [2012-07-20 18:42:51]
garrett.plasky [Using DD over Netcat]
Line 34: Line 34:
 =====Using DD over Netcat===== =====Using DD over Netcat=====
 <note warning>Netcat opens an encryption-less connection from one host to another, which is why it outperforms SSH. If using the netcat method, take a moment to consider the implications of sending raw, unecrypted data over your network. We **strongly** recommend against using this method for WAN data transfers, unless you are doing so over an encrypted tunnel (e.g. VPN).</note> <note warning>Netcat opens an encryption-less connection from one host to another, which is why it outperforms SSH. If using the netcat method, take a moment to consider the implications of sending raw, unecrypted data over your network. We **strongly** recommend against using this method for WAN data transfers, unless you are doing so over an encrypted tunnel (e.g. VPN).</note>
 +
 +Further on the subject of the warning above: Because netcat does not use any sort of authentication mechanism, it is possible for someone to portscan your server, find the open netcat port, and inject arbitrary data into the stream thereby corrupting your <c>dd</c> operation. You may want to consider firewalling the server off prior, with something simple like restricting traffic to the netcat port to only the address of your remote transfer host.
  
 We will assume for the purposes of this tutorial that you have the <c>nc</c> version of netcat. If you have the the other, then the command line options will be slightly different but the idea is the same. You set up a listening server on the destination, and then you send data to the port you've specified form the source. Let's assume we are transferring a full disk image from serverA (/dev/sda) to serverB (dev/sdb). We are going to assume block size of incoming data for <c>dd</c> will be 16MB and that it will be bzip compressed. On serverB we would run the following: We will assume for the purposes of this tutorial that you have the <c>nc</c> version of netcat. If you have the the other, then the command line options will be slightly different but the idea is the same. You set up a listening server on the destination, and then you send data to the port you've specified form the source. Let's assume we are transferring a full disk image from serverA (/dev/sda) to serverB (dev/sdb). We are going to assume block size of incoming data for <c>dd</c> will be 16MB and that it will be bzip compressed. On serverB we would run the following:
Line 39: Line 41:
 <sxh plain>nc -l 19000|bzip2 -d|dd bs=16M of=/dev/sdb</sxh> <sxh plain>nc -l 19000|bzip2 -d|dd bs=16M of=/dev/sdb</sxh>
  
-This tells netcat to listen on port 19000 for incoming data, and then pipe that data to bzip for decompression, and then finally pipe the decompressed data to dd to be written to /dev/sdb. +This tells netcat to listen on port 19000 for incoming data, then pipe that data to bzip for decompression, and then finally pipe the decompressed data to dd to be written to /dev/sdb. 
  
 Once we have this listening (you won't see any output after you hit Enter), we can move on to starting the data transfer on serverA: Once we have this listening (you won't see any output after you hit Enter), we can move on to starting the data transfer on serverA: