15.5 scp Command Line Utility

Syntax: scp [options] [user@host:]file1 [user@host:]file2

The scp command line utility copies files securely between hosts on a network. It uses Secure Shell sftp subsystem for data transfer, and uses the same authentication and provides the same security as Secure Shell. Scp will ask for passwords or passphrases if they are needed for authentication. Any file name may contain a host and user specification to indicate that the file is to be copied to/from that host.

Examples

This command line copies the file f1 from the host to the local machine and gives it the name f2:

scp user@host:f1 f2

This command copies the local file f1 to f2 on the remote host.

scp f1 user@host:f2

NOTE:You can reuse an existing Secure Shell connection. However, to do so you must explicitly enable this on each command line, or set the SSHConnectionReUse environment variable to Yes. For details, see Connection Reuse in Secure Shell Sessions.

Options

The following options are available:

-a

Transfer files in ASCII mode.

-b buffersize

Sets the maximum buffer size for one request.

-B

Sets batch mode on, which prevents asking for passwords or passphrases. Use passphraseless user keys to authenticate.

-c cipher

A comma-separated list of ciphers specified in order of preference. The default is "aes128-ctr,aes128-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour". If the connection is set to run in FIPS mode, the default is "aes128-ctr,aes128-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,3des-cbc".

Protocol version 1 (which is deprecated and not recommended) allows specification of a single cipher. The supported values are "3des", "blowfish", and "des".

-C

Enable compression.

-d

Force target to be a directory.

-D level

Sets the debug level. Allowed values are 1,2, and 3.

-F configfile

Specifies an alternative per-user configuration file. If a configuration file is given on the command line, the system-wide configuration file will be ignored.

-h

Displays a summary of command line options.

-H scheme

Specifies which SSH configuration scheme to use for this connection.

-i keyfile

Selects a file from which the identity (private key) for RSA or DSA authentication is read. Identity files may also be specified on a per-host basis in the configuration file. It is possible to have multiple -i options (and multiple identities specified in a configuration file). Path names containing spaces must be embedded inside double quotation marks.

-k directory

Specifies an alternate location for the config, host key, and user key files. Note: When -k is used, host keys are read and written from the specified location only if a known-hosts file already exists in that location. If no known-hosts file is found, host keys are read and written to the known-hosts file in the default location.

-o option

Can be used to give options in the format used in the configuration file. This is useful for specifying options for which there is no separate command-line flag. For a list of supported options, see the Configuration Keyword Reference.

--overwrite

Specifies whether or not to overwrite existing destination files. The allowed values are 'yes' and 'no'. The default is 'yes'.

-p

Preserve timestamps and file attributes.

-P port

Port to connect to on the remote host.

-q

Quiet mode. Causes all warning and diagnostic messages, including banners, to be suppressed.

-Q

Turns off display of the progress indicator.

-r

Copy directories recursively, including all subdirectories.

-u

Remove the source file after copying.

-v

Verbose mode. Causes ssh to display debugging messages about its progress. This is helpful in debugging connection, authentication, and configuration problems. Multiple -v options increases the verbosity. Maximum is 3 (-vvv).

-V

Display the version number and application information.

-z

By default filename matches are case-sensitive for all downloads. With this option, downloads that include wildcards in the server filename specification are not case-sensitive.

-1

Forces protocol version 1 only. This option also transfers file to OpenSSH servers using rcp through the ssh tunnel.

-2

Forces protocol version 2 only.

-4

Use only IPv4 addresses.

-6

Use only IPv6 addresses