1SCP(1)                    BSD General Commands Manual                   SCP(1)
2

NAME

4     scp — OpenSSH secure file copy
5

SYNOPSIS

7     scp [-346ABCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]
8         [-J destination] [-l limit] [-o ssh_option] [-P port] [-S program]
9         source ... target
10

DESCRIPTION

12     scp copies files between hosts on a network.  It uses ssh(1) for data
13     transfer, and uses the same authentication and provides the same security
14     as ssh(1).  scp will ask for passwords or passphrases if they are needed
15     for authentication.
16
17     The source and target may be specified as a local pathname, a remote host
18     with optional path in the form [user@]host:[path], or a URI in the form
19     scp://[user@]host[:port][/path].  Local file names can be made explicit
20     using absolute or relative pathnames to avoid scp treating file names
21     containing ‘:’ as host specifiers.
22
23     When copying between two remote hosts, if the URI format is used, a port
24     may only be specified on the target if the -3 option is used.
25
26     The options are as follows:
27
28     -3      Copies between two remote hosts are transferred through the local
29             host.  Without this option the data is copied directly between
30             the two remote hosts.  Note that this option disables the
31             progress meter and selects batch mode for the second host, since
32             scp cannot ask for passwords or passphrases for both hosts.
33
34     -4      Forces scp to use IPv4 addresses only.
35
36     -6      Forces scp to use IPv6 addresses only.
37
38     -A      Allows forwarding of ssh-agent(1) to the remote system.  The
39             default is not to forward an authentication agent.
40
41     -B      Selects batch mode (prevents asking for passwords or
42             passphrases).
43
44     -C      Compression enable.  Passes the -C flag to ssh(1) to enable com‐
45             pression.
46
47     -c cipher
48             Selects the cipher to use for encrypting the data transfer.  This
49             option is directly passed to ssh(1).
50
51     -F ssh_config
52             Specifies an alternative per-user configuration file for ssh.
53             This option is directly passed to ssh(1).
54
55     -i identity_file
56             Selects the file from which the identity (private key) for public
57             key authentication is read.  This option is directly passed to
58             ssh(1).
59
60     -J destination
61             Connect to the target host by first making an scp connection to
62             the jump host described by destination and then establishing a
63             TCP forwarding to the ultimate destination from there.  Multiple
64             jump hops may be specified separated by comma characters.  This
65             is a shortcut to specify a ProxyJump configuration directive.
66             This option is directly passed to ssh(1).
67
68     -l limit
69             Limits the used bandwidth, specified in Kbit/s.
70
71     -o ssh_option
72             Can be used to pass options to ssh in the format used in
73             ssh_config(5).  This is useful for specifying options for which
74             there is no separate scp command-line flag.  For full details of
75             the options listed below, and their possible values, see
76             ssh_config(5).
77
78                   AddressFamily
79                   BatchMode
80                   BindAddress
81                   BindInterface
82                   CanonicalDomains
83                   CanonicalizeFallbackLocal
84                   CanonicalizeHostname
85                   CanonicalizeMaxDots
86                   CanonicalizePermittedCNAMEs
87                   CASignatureAlgorithms
88                   CertificateFile
89                   ChallengeResponseAuthentication
90                   CheckHostIP
91                   Ciphers
92                   Compression
93                   ConnectionAttempts
94                   ConnectTimeout
95                   ControlMaster
96                   ControlPath
97                   ControlPersist
98                   GlobalKnownHostsFile
99                   GSSAPIAuthentication
100                   GSSAPIDelegateCredentials
101                   HashKnownHosts
102                   Host
103                   HostbasedAuthentication
104                   HostbasedKeyTypes
105                   HostKeyAlgorithms
106                   HostKeyAlias
107                   Hostname
108                   IdentitiesOnly
109                   IdentityAgent
110                   IdentityFile
111                   IPQoS
112                   KbdInteractiveAuthentication
113                   KbdInteractiveDevices
114                   KexAlgorithms
115                   LogLevel
116                   MACs
117                   NoHostAuthenticationForLocalhost
118                   NumberOfPasswordPrompts
119                   PasswordAuthentication
120                   PKCS11Provider
121                   Port
122                   PreferredAuthentications
123                   ProxyCommand
124                   ProxyJump
125                   PubkeyAcceptedKeyTypes
126                   PubkeyAuthentication
127                   RekeyLimit
128                   SendEnv
129                   ServerAliveInterval
130                   ServerAliveCountMax
131                   SetEnv
132                   StrictHostKeyChecking
133                   TCPKeepAlive
134                   UpdateHostKeys
135                   User
136                   UserKnownHostsFile
137                   VerifyHostKeyDNS
138
139     -P port
140             Specifies the port to connect to on the remote host.  Note that
141             this option is written with a capital ‘P’, because -p is already
142             reserved for preserving the times and modes of the file.
143
144     -p      Preserves modification times, access times, and modes from the
145             original file.
146
147     -q      Quiet mode: disables the progress meter as well as warning and
148             diagnostic messages from ssh(1).
149
150     -r      Recursively copy entire directories.  Note that scp follows sym‐
151             bolic links encountered in the tree traversal.
152
153     -S program
154             Name of program to use for the encrypted connection.  The program
155             must understand ssh(1) options.
156
157     -T      Disable strict filename checking.  By default when copying files
158             from a remote host to a local directory scp checks that the
159             received filenames match those requested on the command-line to
160             prevent the remote end from sending unexpected or unwanted files.
161             Because of differences in how various operating systems and
162             shells interpret filename wildcards, these checks may cause
163             wanted files to be rejected.  This option disables these checks
164             at the expense of fully trusting that the server will not send
165             unexpected filenames.
166
167     -v      Verbose mode.  Causes scp and ssh(1) to print debugging messages
168             about their progress.  This is helpful in debugging connection,
169             authentication, and configuration problems.
170

EXIT STATUS

172     The scp utility exits 0 on success, and >0 if an error occurs.
173

SEE ALSO

175     sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh_config(5),
176     sshd(8)
177

HISTORY

179     scp is based on the rcp program in BSD source code from the Regents of
180     the University of California.
181

AUTHORS

183     Timo Rinne <tri@iki.fi>
184     Tatu Ylonen <ylo@cs.hut.fi>
185
186BSD                             August 3, 2020                             BSD
Impressum