1SCP(1) BSD General Commands Manual SCP(1)
2
4 scp — OpenSSH secure file copy
5
7 scp [-346ABCOpqRrsTv] [-c cipher] [-D sftp_server_path] [-F ssh_config]
8 [-i identity_file] [-J destination] [-l limit] [-o ssh_option]
9 [-P port] [-S program] source ... target
10
12 scp copies files between hosts on a network.
13
14 It uses ssh(1) for data transfer, and uses the same authentication and
15 provides the same security as a login session. The scp protocol requires
16 execution of the remote user's shell to perform glob(3) pattern matching.
17
18 scp will ask for passwords or passphrases if they are needed for authen‐
19 tication.
20
21 The source and target may be specified as a local pathname, a remote host
22 with optional path in the form [user@]host:[path], or a URI in the form
23 scp://[user@]host[:port][/path]. Local file names can be made explicit
24 using absolute or relative pathnames to avoid scp treating file names
25 containing ‘:’ as host specifiers.
26
27 When copying between two remote hosts, if the URI format is used, a port
28 cannot be specified on the target if the -R option is used.
29
30 The options are as follows:
31
32 -3 Copies between two remote hosts are transferred through the local
33 host. Without this option the data is copied directly between
34 the two remote hosts. Note that, when using the legacy SCP pro‐
35 tocol (the default), this option selects batch mode for the sec‐
36 ond host as scp cannot ask for passwords or passphrases for both
37 hosts. This mode is the default.
38
39 -4 Forces scp to use IPv4 addresses only.
40
41 -6 Forces scp to use IPv6 addresses only.
42
43 -A Allows forwarding of ssh-agent(1) to the remote system. The de‐
44 fault is not to forward an authentication agent.
45
46 -B Selects batch mode (prevents asking for passwords or
47 passphrases).
48
49 -C Compression enable. Passes the -C flag to ssh(1) to enable com‐
50 pression.
51
52 -c cipher
53 Selects the cipher to use for encrypting the data transfer. This
54 option is directly passed to ssh(1).
55
56 -D sftp_server_path
57 When using the SFTP protocol support via -M, connect directly to
58 a local SFTP server program rather than a remote one via ssh(1).
59 This option may be useful in debugging the client and server.
60
61 -F ssh_config
62 Specifies an alternative per-user configuration file for ssh.
63 This option is directly passed to ssh(1).
64
65 -i identity_file
66 Selects the file from which the identity (private key) for public
67 key authentication is read. This option is directly passed to
68 ssh(1).
69
70 -J destination
71 Connect to the target host by first making an scp connection to
72 the jump host described by destination and then establishing a
73 TCP forwarding to the ultimate destination from there. Multiple
74 jump hops may be specified separated by comma characters. This
75 is a shortcut to specify a ProxyJump configuration directive.
76 This option is directly passed to ssh(1).
77
78 -l limit
79 Limits the used bandwidth, specified in Kbit/s.
80
81 -O Use the legacy SCP protocol for file transfers instead of the
82 SFTP protocol. Forcing the use of the SCP protocol may be neces‐
83 sary for servers that do not implement SFTP or for backwards-com‐
84 patibility for particular filename wildcard patterns. This mode
85 is the default.
86
87 -o ssh_option
88 Can be used to pass options to ssh in the format used in
89 ssh_config(5). This is useful for specifying options for which
90 there is no separate scp command-line flag. For full details of
91 the options listed below, and their possible values, see
92 ssh_config(5).
93
94 AddressFamily
95 BatchMode
96 BindAddress
97 BindInterface
98 CanonicalDomains
99 CanonicalizeFallbackLocal
100 CanonicalizeHostname
101 CanonicalizeMaxDots
102 CanonicalizePermittedCNAMEs
103 CASignatureAlgorithms
104 CertificateFile
105 CheckHostIP
106 Ciphers
107 Compression
108 ConnectionAttempts
109 ConnectTimeout
110 ControlMaster
111 ControlPath
112 ControlPersist
113 GlobalKnownHostsFile
114 GSSAPIAuthentication
115 GSSAPIDelegateCredentials
116 HashKnownHosts
117 Host
118 HostbasedAcceptedAlgorithms
119 HostbasedAuthentication
120 HostKeyAlgorithms
121 HostKeyAlias
122 Hostname
123 IdentitiesOnly
124 IdentityAgent
125 IdentityFile
126 IPQoS
127 KbdInteractiveAuthentication
128 KbdInteractiveDevices
129 KexAlgorithms
130 KnownHostsCommand
131 LogLevel
132 MACs
133 NoHostAuthenticationForLocalhost
134 NumberOfPasswordPrompts
135 PasswordAuthentication
136 PKCS11Provider
137 Port
138 PreferredAuthentications
139 ProxyCommand
140 ProxyJump
141 PubkeyAcceptedAlgorithms
142 PubkeyAuthentication
143 RekeyLimit
144 SendEnv
145 ServerAliveInterval
146 ServerAliveCountMax
147 SetEnv
148 StrictHostKeyChecking
149 TCPKeepAlive
150 UpdateHostKeys
151 User
152 UserKnownHostsFile
153 VerifyHostKeyDNS
154
155 -P port
156 Specifies the port to connect to on the remote host. Note that
157 this option is written with a capital ‘P’, because -p is already
158 reserved for preserving the times and modes of the file.
159
160 -p Preserves modification times, access times, and modes from the
161 original file.
162
163 -q Quiet mode: disables the progress meter as well as warning and
164 diagnostic messages from ssh(1).
165
166 -R Copies between two remote hosts are performed by connecting to
167 the origin host and executing scp there. This requires that scp
168 running on the origin host can authenticate to the destination
169 host without requiring a password.
170
171 -r Recursively copy entire directories. Note that scp follows sym‐
172 bolic links encountered in the tree traversal.
173
174 -S program
175 Name of program to use for the encrypted connection. The program
176 must understand ssh(1) options.
177
178 -s Use the SFTP protocol for file transfers instead of the legacy
179 SCP protocol. Using SFTP avoids invoking a shell on the remote
180 side and provides more predictable filename handling, as the SCP
181 protocol relied on the remote shell for expanding glob(3) wild‐
182 cards.
183
184 A near-future release of OpenSSH will make the SFTP protocol the
185 default. This option will be deleted before the end of 2022.
186
187 -T Disable strict filename checking. By default when copying files
188 from a remote host to a local directory scp checks that the re‐
189 ceived filenames match those requested on the command-line to
190 prevent the remote end from sending unexpected or unwanted files.
191 Because of differences in how various operating systems and
192 shells interpret filename wildcards, these checks may cause
193 wanted files to be rejected. This option disables these checks
194 at the expense of fully trusting that the server will not send
195 unexpected filenames.
196
197 -v Verbose mode. Causes scp and ssh(1) to print debugging messages
198 about their progress. This is helpful in debugging connection,
199 authentication, and configuration problems.
200
202 The scp utility exits 0 on success, and >0 if an error occurs.
203
205 sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh_config(5),
206 sftp-server(8), sshd(8)
207
209 scp is based on the rcp program in BSD source code from the Regents of
210 the University of California.
211
213 Timo Rinne <tri@iki.fi>
214 Tatu Ylonen <ylo@cs.hut.fi>
215
216BSD August 11, 2021 BSD