1SCP(1) BSD General Commands Manual SCP(1)
2
4 scp — OpenSSH secure file copy
5
7 scp [-346ABCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]
8 [-J destination] [-l limit] [-o ssh_option] [-P port] [-S program]
9 source ... target
10
12 scp copies files between hosts on a network.
13 It uses ssh(1) for data transfer, and uses the same authentication and
15 provides the same security as a login session. The scp protocol requires
16 execution of the remote user's shell to perform glob(3) pattern matching.
17 scp will ask for passwords or passphrases if they are needed for authen‐
19 tication.
20 The source and target may be specified as a local pathname, a remote host
22 with optional path in the form [user@]host:[path], or a URI in the form
23 scp://[user@]host[:port][/path]. Local file names can be made explicit
24 using absolute or relative pathnames to avoid scp treating file names
25 containing ‘:’ as host specifiers.
26 When copying between two remote hosts, if the URI format is used, a port
28 may only be specified on the target if the -3 option is used.
29 The options are as follows:
31 -3 Copies between two remote hosts are transferred through the local
33 host. Without this option the data is copied directly between
34 the two remote hosts. Note that this option disables the
35 progress meter and selects batch mode for the second host, since
36 scp cannot ask for passwords or passphrases for both hosts.
37 -4 Forces scp to use IPv4 addresses only.
39 -6 Forces scp to use IPv6 addresses only.
41 -A Allows forwarding of ssh-agent(1) to the remote system. The de‐
43 fault is not to forward an authentication agent.
44 -B Selects batch mode (prevents asking for passwords or
46 passphrases).
47 -C Compression enable. Passes the -C flag to ssh(1) to enable com‐
49 pression.
50 -c cipher
52 Selects the cipher to use for encrypting the data transfer. This
53 option is directly passed to ssh(1).
54 -F ssh_config
56 Specifies an alternative per-user configuration file for ssh.
57 This option is directly passed to ssh(1).
58 -i identity_file
60 Selects the file from which the identity (private key) for public
61 key authentication is read. This option is directly passed to
62 ssh(1).
63 -J destination
65 Connect to the target host by first making an scp connection to
66 the jump host described by destination and then establishing a
67 TCP forwarding to the ultimate destination from there. Multiple
68 jump hops may be specified separated by comma characters. This
69 is a shortcut to specify a ProxyJump configuration directive.
70 This option is directly passed to ssh(1).
71 -l limit
73 Limits the used bandwidth, specified in Kbit/s.
74 -o ssh_option
76 Can be used to pass options to ssh in the format used in
77 ssh_config(5). This is useful for specifying options for which
78 there is no separate scp command-line flag. For full details of
79 the options listed below, and their possible values, see
80 ssh_config(5).
81 AddressFamily
83 BatchMode
84 BindAddress
85 BindInterface
86 CanonicalDomains
87 CanonicalizeFallbackLocal
88 CanonicalizeHostname
89 CanonicalizeMaxDots
90 CanonicalizePermittedCNAMEs
91 CASignatureAlgorithms
92 CertificateFile
93 ChallengeResponseAuthentication
94 CheckHostIP
95 Ciphers
96 Compression
97 ConnectionAttempts
98 ConnectTimeout
99 ControlMaster
100 ControlPath
101 ControlPersist
102 GlobalKnownHostsFile
103 GSSAPIAuthentication
104 GSSAPIDelegateCredentials
105 HashKnownHosts
106 Host
107 HostbasedAcceptedAlgorithms
108 HostbasedAuthentication
109 HostKeyAlgorithms
110 HostKeyAlias
111 Hostname
112 IdentitiesOnly
113 IdentityAgent
114 IdentityFile
115 IPQoS
116 KbdInteractiveAuthentication
117 KbdInteractiveDevices
118 KexAlgorithms
119 KnownHostsCommand
120 LogLevel
121 MACs
122 NoHostAuthenticationForLocalhost
123 NumberOfPasswordPrompts
124 PasswordAuthentication
125 PKCS11Provider
126 Port
127 PreferredAuthentications
128 ProxyCommand
129 ProxyJump
130 PubkeyAcceptedAlgorithms
131 PubkeyAuthentication
132 RekeyLimit
133 SendEnv
134 ServerAliveInterval
135 ServerAliveCountMax
136 SetEnv
137 StrictHostKeyChecking
138 TCPKeepAlive
139 UpdateHostKeys
140 User
141 UserKnownHostsFile
142 VerifyHostKeyDNS
143 -P port
145 Specifies the port to connect to on the remote host. Note that
146 this option is written with a capital ‘P’, because -p is already
147 reserved for preserving the times and modes of the file.
148 -p Preserves modification times, access times, and modes from the
150 original file.
151 -q Quiet mode: disables the progress meter as well as warning and
153 diagnostic messages from ssh(1).
154 -r Recursively copy entire directories. Note that scp follows sym‐
156 bolic links encountered in the tree traversal.
157 -S program
159 Name of program to use for the encrypted connection. The program
160 must understand ssh(1) options.
161 -T Disable strict filename checking. By default when copying files
163 from a remote host to a local directory scp checks that the re‐
164 ceived filenames match those requested on the command-line to
165 prevent the remote end from sending unexpected or unwanted files.
166 Because of differences in how various operating systems and
167 shells interpret filename wildcards, these checks may cause
168 wanted files to be rejected. This option disables these checks
169 at the expense of fully trusting that the server will not send
170 unexpected filenames.
171 -v Verbose mode. Causes scp and ssh(1) to print debugging messages
173 about their progress. This is helpful in debugging connection,
174 authentication, and configuration problems.
175
177 The scp utility exits 0 on success, and >0 if an error occurs.
178
180 sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh_config(5),
181 sshd(8)
182
184 scp is based on the rcp program in BSD source code from the Regents of
185 the University of California.
186
188 Timo Rinne <tri@iki.fi>
189 Tatu Ylonen <ylo@cs.hut.fi>
190BSD January 26, 2021 BSD