1rcp(1) User Commands rcp(1)
2
6 rcp - remote file copy
7
9 rcp [-p] [-a] [-K] [-x] [-PN | -PO] [-k realm] filename1 filename2
10 rcp [-pr] [-a] [-K] [-x] [-PN | -PO] [-k realm] filename... directory
13
16 The rcp command copies files between machines. Each filename or direc‐
17 tory argument is either a remote file name of the form:
18 hostname:path
20 or a local file name (containing no : (colon) characters, or / (back‐
25 slash) before any : (colon) characters).
26 The hostname can be an IPv4 or IPv6 address string. See inet(7P) and
29 inet6(7P). Since IPv6 addresses already contain colons, the hostname
30 should be enclosed in a pair of square brackets when an IPv6 address is
31 used. Otherwise, the first occurrence of a colon can be interpreted as
32 the separator between hostname and path. For example,
33 [1080::8:800:200C:417A]:tmp/file
35 If a filename is not a full path name, it is interpreted relative to
40 your home directory on hostname. A path on a remote host can be quoted
41 using \, ", or ', so that the metacharacters are interpreted remotely.
42 Please notice that the kerberized versions of rcp are not IPv6-enabled.
43 rcp does not prompt for passwords. It either uses Kerberos authentica‐
46 tion which is enabled through command-line options or your current
47 local user name must exist on hostname and allow remote command execu‐
48 tion by rsh(1).
49 The rcp session can be kerberized using any of the following Kerberos
52 specific options : -a, -PN or -PO, -x, and -k realm. Some of these
53 options (-a, -x and -PN or -PO) can also be specified in the [appde‐
54 faults] section of krb5.conf(4). The usage of these options and the
55 expected behavior is discussed in the OPTIONS section below. If Ker‐
56 beros authentication is used, authorization to the account is con‐
57 trolled by rules in krb5_auth_rules(5). If this authorization fails,
58 fallback to normal rcp using rhosts occurs only if the -PO option is
59 used explicitly on the command line or is specified in krb5.conf(4). If
60 authorization succeeds, remote copy succeeds without any prompting of
61 password. Also notice that the -PN or -PO, -x, and -k realm options are
62 just supersets of the -a option.
63 rcp handles third party copies, where neither source nor target files
66 are on the current machine. Hostnames can also take the form
67 username@hostname:filename
69 to use username rather than your current local user name as the user
73 name on the remote host. rcp also supports Internet domain addressing
74 of the remote host, so that:
75 username@host.domain:filename
77 specifies the username to be used, the hostname, and the domain in
81 which that host resides. File names that are not full path names are
82 interpreted relative to the home directory of the user named username,
83 on the remote host.
84
86 The following options are supported:
87 -a This option explicitly enables Kerberos authentication and
89 trusts the .k5login file for access-control. If the autho‐
90 rization check by in.rshd(1M) on the server-side succeeds
91 and if the .k5login file permits access, the user is
92 allowed to carry out the rcp transfer.
93 -k realm Causes rcp to obtain tickets for the remote host in realm
96 instead of the remote host's realm as determined by
97 krb5.conf(4).
98 -K realm This option explicitly disables Kerberos authentication. It
101 canbe used to override the autologin variable
102 inkrb5.conf(4).
103 -p Attempts to give each copy the same modification times,
106 access times, modes, and ACLs if applicable as the original
107 file.
108 -PO Explicitly requests new (-PN) or old (-PO) version of the
111 -PN Kerberos "rcmd" protocol. The new protocol avoids many
112 security problems prevalant in the old one and is regarded
113 much more secure, but is not interoperable with older
114 (MIT/SEAM) servers. The new protocol is used by default,
115 unless explicitly specified using these options or through
116 krb5.conf(4). If Kerberos authorization fails when using
117 the old "rcmd" protocol, there is fallback to regular, non-
118 kerberized rcp. This is not the case when the new, more
119 secure "rcmd" protocol is used.
120 -r Copies each subtree rooted at filename; in this case the
123 destination must be a directory.
124 -x Causes the information transferred between hosts to be
127 encrypted. Notice that the command is sent unencrypted to
128 the remote system. All subsequent transfers are encrypted.
129
132 See largefile(5) for the description of the behavior of rcp when
133 encountering files greater than or equal to 2 Gbyte ( 2^31 bytes).
134 The rcp command is IPv6-enabled. See ip6(7P). IPv6 is not currently
137 supported with Kerberos V5 authentication.
138 For the kerberized rcp session, each user can have a private authoriza‐
141 tion list in a file .k5login in their home directory. Each line in this
142 file should contain a Kerberos principal name of the form princi‐
143 pal/instance@realm. If there is a ~/.k5login file, then access is
144 granted to the account if and only if the originater user is authenti‐
145 cated to one of the principals named in the ~/.k5login file. Otherwise,
146 the originating user is granted access to the account if and only if
147 the authenticated principal name of the user can be mapped to the local
148 account name using the authenticated-principal-name → local-user-name
149 mapping rules. The .k5login file (for access control) comes into play
150 only when Kerberos authentication is being done.
151
153 The following exit values are returned:
154 0 All files were copied successfully.
156 >0 An error occurred.
159 See the NOTES section for caveats on the exit code.
163
165 $HOME/.profile
166 $HOME/.k5login File containing Kerberos principals that are
168 allowed access
169 /etc/krb5/krb5.conf Kerberos configuration file
172
175 See attributes(5) for descriptions of the following attributes:
176 ┌─────────────────────────────┬─────────────────────────────┐
181 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
182 ├─────────────────────────────┼─────────────────────────────┤
183 │Availability │SUNWrcmdc │
184 ├─────────────────────────────┼─────────────────────────────┤
185 │CSI │Enabled │
186 └─────────────────────────────┴─────────────────────────────┘
187
189 cpio(1), ftp(1), rlogin(1), rsh(1), setfacl(1), tar(1), tar(1),
190 in.rshd(1M), hosts.equiv(4), krb5.conf(4), attributes(5), largefile(5),
191 krb5_auth_rules(5), inet(7P), inet6(7P), ip6(7P)
192
194 rcp is meant to copy between different hosts. Attempting to rcp a file
195 onto itself, as with:
196 example% rcp tmp/file myhost:/tmp/file
198 results in a severely corrupted file.
203 rcp might not correctly fail when the target of a copy is a file
206 instead of a directory.
207 rcp can become confused by output generated by commands in a
210 $HOME/.profile on the remote host.
211 rcp requires that the source host have permission to execute commands
214 on the remote host when doing third-party copies.
215 rcp does not properly handle symbolic links. Use tar or cpio piped to
218 rsh to obtain remote copies of directories containing symbolic links or
219 named pipes. See tar(1) and cpio(1).
220 If you forget to quote metacharacters intended for the remote host, you
223 get an incomprehensible error message.
224 rcp fails if you copy ACLs to a file system that does not support ACLs.
227 rcp is CSI-enabled except for the handling of username, hostname, and
230 domain.
231 When rcp is used to perform third-party copies where either of the
234 remote machines is not running Solaris, the exit code cannot be relied
235 upon. That is, errors could occur when success is reflected in the exit
236 code, or the copy could be completely successful even though an error
237 is reflected in the exit code.
238SunOS 5.11 23 Dec 2008 rcp(1)