1SCP(1) BSD General Commands Manual SCP(1)
2
4 scp — OpenSSH secure file copy
5
7 scp [-346ABCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]
8 [-J destination] [-l limit] [-o ssh_option] [-P port] [-S program]
9 source ... target
10
12 scp copies files between hosts on a network. It uses ssh(1) for data
13 transfer, and uses the same authentication and provides the same security
14 as ssh(1). scp will ask for passwords or passphrases if they are needed
15 for authentication.
16
17 The source and target may be specified as a local pathname, a remote host
18 with optional path in the form [user@]host:[path], or a URI in the form
19 scp://[user@]host[:port][/path]. Local file names can be made explicit
20 using absolute or relative pathnames to avoid scp treating file names
21 containing ‘:’ as host specifiers.
22
23 When copying between two remote hosts, if the URI format is used, a port
24 may only be specified on the target if the -3 option is used.
25
26 The options are as follows:
27
28 -3 Copies between two remote hosts are transferred through the local
29 host. Without this option the data is copied directly between
30 the two remote hosts. Note that this option disables the
31 progress meter and selects batch mode for the second host, since
32 scp cannot ask for passwords or passphrases for both hosts.
33
34 -4 Forces scp to use IPv4 addresses only.
35
36 -6 Forces scp to use IPv6 addresses only.
37
38 -A Allows forwarding of ssh-agent(1) to the remote system. The
39 default is not to forward an authentication agent.
40
41 -B Selects batch mode (prevents asking for passwords or
42 passphrases).
43
44 -C Compression enable. Passes the -C flag to ssh(1) to enable com‐
45 pression.
46
47 -c cipher
48 Selects the cipher to use for encrypting the data transfer. This
49 option is directly passed to ssh(1).
50
51 -F ssh_config
52 Specifies an alternative per-user configuration file for ssh.
53 This option is directly passed to ssh(1).
54
55 -i identity_file
56 Selects the file from which the identity (private key) for public
57 key authentication is read. This option is directly passed to
58 ssh(1).
59
60 -J destination
61 Connect to the target host by first making an scp connection to
62 the jump host described by destination and then establishing a
63 TCP forwarding to the ultimate destination from there. Multiple
64 jump hops may be specified separated by comma characters. This
65 is a shortcut to specify a ProxyJump configuration directive.
66 This option is directly passed to ssh(1).
67
68 -l limit
69 Limits the used bandwidth, specified in Kbit/s.
70
71 -o ssh_option
72 Can be used to pass options to ssh in the format used in
73 ssh_config(5). This is useful for specifying options for which
74 there is no separate scp command-line flag. For full details of
75 the options listed below, and their possible values, see
76 ssh_config(5).
77
78 AddressFamily
79 BatchMode
80 BindAddress
81 BindInterface
82 CanonicalDomains
83 CanonicalizeFallbackLocal
84 CanonicalizeHostname
85 CanonicalizeMaxDots
86 CanonicalizePermittedCNAMEs
87 CASignatureAlgorithms
88 CertificateFile
89 ChallengeResponseAuthentication
90 CheckHostIP
91 Ciphers
92 Compression
93 ConnectionAttempts
94 ConnectTimeout
95 ControlMaster
96 ControlPath
97 ControlPersist
98 GlobalKnownHostsFile
99 GSSAPIAuthentication
100 GSSAPIDelegateCredentials
101 HashKnownHosts
102 Host
103 HostbasedAuthentication
104 HostbasedKeyTypes
105 HostKeyAlgorithms
106 HostKeyAlias
107 Hostname
108 IdentitiesOnly
109 IdentityAgent
110 IdentityFile
111 IPQoS
112 KbdInteractiveAuthentication
113 KbdInteractiveDevices
114 KexAlgorithms
115 LogLevel
116 MACs
117 NoHostAuthenticationForLocalhost
118 NumberOfPasswordPrompts
119 PasswordAuthentication
120 PKCS11Provider
121 Port
122 PreferredAuthentications
123 ProxyCommand
124 ProxyJump
125 PubkeyAcceptedKeyTypes
126 PubkeyAuthentication
127 RekeyLimit
128 SendEnv
129 ServerAliveInterval
130 ServerAliveCountMax
131 SetEnv
132 StrictHostKeyChecking
133 TCPKeepAlive
134 UpdateHostKeys
135 User
136 UserKnownHostsFile
137 VerifyHostKeyDNS
138
139 -P port
140 Specifies the port to connect to on the remote host. Note that
141 this option is written with a capital ‘P’, because -p is already
142 reserved for preserving the times and modes of the file.
143
144 -p Preserves modification times, access times, and modes from the
145 original file.
146
147 -q Quiet mode: disables the progress meter as well as warning and
148 diagnostic messages from ssh(1).
149
150 -r Recursively copy entire directories. Note that scp follows sym‐
151 bolic links encountered in the tree traversal.
152
153 -S program
154 Name of program to use for the encrypted connection. The program
155 must understand ssh(1) options.
156
157 -T Disable strict filename checking. By default when copying files
158 from a remote host to a local directory scp checks that the
159 received filenames match those requested on the command-line to
160 prevent the remote end from sending unexpected or unwanted files.
161 Because of differences in how various operating systems and
162 shells interpret filename wildcards, these checks may cause
163 wanted files to be rejected. This option disables these checks
164 at the expense of fully trusting that the server will not send
165 unexpected filenames.
166
167 -v Verbose mode. Causes scp and ssh(1) to print debugging messages
168 about their progress. This is helpful in debugging connection,
169 authentication, and configuration problems.
170
172 The scp utility exits 0 on success, and >0 if an error occurs.
173
175 sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh_config(5),
176 sshd(8)
177
179 scp is based on the rcp program in BSD source code from the Regents of
180 the University of California.
181
183 Timo Rinne <tri@iki.fi>
184 Tatu Ylonen <ylo@cs.hut.fi>
185
186BSD August 3, 2020 BSD