Home » How To » How to Use SCP Command to Securely Transfer Files

How to Use SCP Command to Securely Transfer Files

SCP (Secure Copy) is a command-line utility that allows you to securely copy files and directories between two locations. SCP is used to transfer files and directories across the systems securely over the network. When we use scp command to copy files and directories from our local system to the remote system then in the backend it makes ssh connection to the remote system. In other words, we can say scp uses the same SSH security mechanism in the backend, it needs either password or keys for authentication.

With scp, you can copy a file or directory:

  • From your local system to a remote system.
  • From a remote system to your local system.
  • Between two remote systems from your local system.

When transferring data with scp, both the files and password are encrypted so that anyone snooping on the traffic doesn’t get anything sensitive. In this tutorial, we will see how to use the scp command through practical examples and detailed explanations of the most common scp options.

SCP Command Syntax

Before going into how to use the scp command, let’s start by reviewing the basic syntax.

The scp command syntax take the following form:

scp [OPTION] [user@]SRC_HOST:]mytechmint-file1 [user@]DEST_HOST:]mytechmint-file2
  • OPTION – scp options such as cipher, ssh configuration, ssh port, limit, recursive copy …etc.
  • [user@]SRC_HOST:]mytechmint-file1 – Source file.
  • [user@]DEST_HOST:]mytechmint-file2 – Destination file

Local files should be specified using an absolute or relative path, while remote file names should include a user and host specification.

scp provides a number of options that control every aspect of its behavior. The most widely used options are:

  • -P – Specifies the remote host ssh port.
  • -p – Preserves files modification and access times.
  • -q – Use this option if you want to suppress the progress meter and non-error messages.
  • -C – This option forces scp to compresses the data as it is sent to the destination machine.
  • -r – This option tells scp to copy directories recursively.
Related:  Top 10 Rolling Release Linux Distributions

The scp command relies on ssh for data transfer, so it requires an ssh key or password to authenticate on the remote systems. The colon (:) is how scp distinguish between local and remote locations. To be able to copy files, you must have at least read permissions on the source file and write permission on the target system. Be careful when copying files that share the same name and location on both systems, scp will overwrite files without warning. When transferring large files, it is recommended to run the scp command inside a screen or tmux session.

Copy Files and Directories Between Two Systems with scp

Copy a Local File to a Remote System with the scp Command

To copy a file from a local to a remote system run the following command:

scp mytechmint-file.txt remote_username@10.10.0.2:/remote/directory

Where mytechmint-file.txt is the name of the file we want to copy, remote_username is the user on the remote server, 10.10.0.2 is the server IP address. The /remote/directory is the path to the directory you want to copy the file to. If you don’t specify a remote directory, the file will be copied to the remote user home directory.

You will be prompted to enter the user password, and the transfer process will start.

remote_username@10.10.0.2's password:
mytechmint-file.txt 100% 0 0.0KB/s 00:00

Omitting the filename from the destination location copies the file with the original name. If you want to save the file under a different name, you need to specify the new file name:

scp mytechmint-file.txt remote_username@10.10.0.2:/remote/directory/newfilename.txt

If SSH on the remote host is listening on a port other than the default 22 then you can specify the port using the -P argument:

scp -P 2322 mytechmint-file.txt remote_username@10.10.0.2:/remote/directory

The command to copy a directory is much like as when copying files. The only difference is that you need to use the -r flag for recursive.

Related:  Linux Commands Frequently Used by Linux System Administrator

To copy a directory from a local to remote system, use the -r option:

scp -r /local/directory remote_username@10.10.0.2:/remote/directory

Copy a Remote File to a Local System using the scp Command

To copy a file from a remote to a local system, use the remote location as a source and local location as the destination.

For example to copy a file named mytechmint-file.txt from a remote server with IP 10.10.0.2 run the following command:

scp remote_username@10.10.0.2:/remote/mytechmint-file.txt /local/directory

If you haven’t set a passwordless SSH login to the remote machine, you will be asked to enter the user password.

Copy a File Between Two Remote Systems using the scp Command

Unlike rsync , when using scp you don’t have to log in to one of the servers to transfer files from one to another remote machine.

The following command will copy the file /files/mytechmint-file.txt from the remote host host1.com to the directory /files on the remote host host2.com.

scp user1@host1.com:/files/mytechmint-file.txt user2@host2.com:/files

You will be prompted to enter the passwords for both remote accounts. The data will be transferred directly from one remote host to the other.

To route the traffic through the machine on which the command is issued, use the -3 option:

scp -3 user1@host1.com:/files/mytechmint-file.txt user2@host2.com:/files

scp Command Options

     -1‘ Forces scp to use protocol 1.

-2‘ Forces scp to use protocol 2.-4‘ Forces scp to use IPv4 addresses only.

-6‘ Forces scp to use IPv6 addresses only.

-B‘ Selects batch mode (prevents asking for passwords or passphrases).

-C‘ Compression enable. Passes the -C flag to ssh to enable compression.

-c cipher
Selects the cipher to use for encrypting the data transfer. This option is directly passed to ssh.

-F ssh_config
Specifies an alternative per-user configuration file for ssh. This option is directly passed to ssh.

-i identity_file
Selects the file from which the identity (private key) for public key authentication is read. This option is directly passed to ssh.

-l limit
Limits the used bandwidth, specified in Kbit/s.

-o ssh_option
Can be used to pass options to ssh in the format used in ssh_config. This is useful for specifying options for which there is no separate scp command-line flag. For full details of the options listed below, and their possible values, see ssh_config.

-P port
Specifies the port to connect to on the remote host. Note that this option is written with a capital ‘P’, because -p is already reserved for preserving the times and modes of the file in rcp.

-p‘ Preserves modification times, access times, and modes from the original file.

-q‘ Quiet mode: disables the progress meter as well as warning and diagnostic messages from ssh(.

-r‘ Recursively copy entire directories. Note that scp follows symbolic links encountered in the tree traversal.

-S program
Name of program to use for the encrypted connection. The program must understand ssh options.

-v‘ Verbose mode. Causes scp and ssh(1) to print debugging messages about their progress. This is helpful in debugging connection, authentication, and configuration problems.

The scp utility exits 0 on success, and >0 if an error occurs.

To check more detailed manual of scp command use below command.

man scp

Leave a Comment