Linux
BySilverMoon
OnMar15,2014
5Comments
Securecopy
Scp(SecureCopy)isacommandlinetooltocopyortransferfilesacrosshosts.Itusesthe
samekindofsecuritymechanismlikethesshprogram.Infactitusesansshconnectionin
thebackgroundtoperformthefiletransfer.scprefersbothtothe"protocol"thatdefines
howsecurecopyshouldworkandthe"program"(command)whichisinstalledasapartof
OpenSSHsuiteoftools.
Inthisquicktutorialweshalllookatafewexamplesthescpcommandandhowitcanbe
usedtotransferfilessecurely.
Installingscp
Scpisgenerallyinstalledbydefaultonmostlinuxdistrosasapartofopensshpackages.
Onubuntu/debianforexample,theopensshclientpackageprovidesthescpprogram.
$dpkgLopensshclient|grepscp
/usr/bin/scp
/usr/share/man/man1/scp.1.gz
ItstheOpenSSHpackagethatprovidesthessh,scp,sftpprogramsalongwithmanyother
tools.Sowedonothavetodoanythingextrainhere,excepttouseandlearntheprogram.
Usingscp
Thebasicsyntaxofscpisverysimpletomemorize.Itlookslikethis
$scpsource_file_pathdestination_file_path
Dependingonthehost,thefilepathshouldincludethefullhostaddress,portnumber,
usernameandpasswordalongwiththedirectorypath.
Soifyouare"sending"filefromyourlocalmachinetoaremotemachine(uploading)the
syntaxwouldlooklikethis
$scp~/my_local_file.txtuser@remote_host.com:/some/remote/directory
Whencopyingfilefromremotehosttolocalhost(downloading),itslooksjustthereverse
$scpuser@remote_host.com:/some/remote/directory~/my_local_file.txt
#justdownloadthefile
$scpuser@192.168.1.3:/some/path/file.txt.
Thatisprettymuchaboutusingscpforregulartasks.Apartfromit,thereareacoupleof
extraoptionsandfunctionsthatscpsupports.Letstakeaquickoverviewofthose.
Andyes,bydefaultscpwillalwaysoverwritefilesonthedestination.Ifyouneedtoavoid
that,useamorepowerfultoolcalledrsync.
1.Verboseoutput
Withverboseoutput,thescpprogramwouldoutputlotsofinformationaboutwhatitdoesin
thebackground.Thisisoftenusefulwhentheprogramfailsorisunabletocompletethe
request.Theverboseoutputwouldthenindicatetheexactpointwheretheprogramran
intoissues.
$scpv~/test.txtroot@192.168.1.3:/root/help2356.txt
Executing:program/usr/bin/sshhost192.168.1.3,userroot,commandscpvt/root/help2
OpenSSH_6.2p2Ubuntu6ubuntu0.1,OpenSSL1.0.1e11Feb2013
debug1:Readingconfigurationdata/home/enlightened/.ssh/config
debug1:Readingconfigurationdata/etc/ssh/ssh_config
debug1:/etc/ssh/ssh_configline19:Applyingoptionsfor*
debug1:Connectingto192.168.1.3[192.168.1.3]port22.
debug1:Connectionestablished.
.....OUTPUTTRUNCATED
Theoutputwouldbebigandcontaindetailedinformationabouthowtheconnectionis
made,whatconfigurationandidentityfilesarebeingusedandsoon.
2.Transfermultiplefiles
Multiplefilescanbespecifiedseparatedbyaspacelikethis
$scpfoo.txtbar.txtusername@remotehost:/path/directory/
Tocopymultiplefilesfromremotehosttocurrentlocaldirectory
$scpusername@remotehost:/path/directory/\{foo.txt,bar.txt\}.
$scproot@192.168.1.3:~/\{abc.log,cde.txt\}.
3.Copyentiredirectory(recursively)
Tocopyanentiredirectoryfromonehosttoanotherusetherswitchandspecifythe
directory
$scpvr~/Downloadsroot@192.168.1.3:/root/Downloads
4.Copyfilesacross2remotehosts
Scpcancopyfilesfrom1remotehosttoanotherremotehostaswell.
$scpuser1@remotehost1:/some/remote/dir/foobar.txtuser2@remotehost2:/some/remote/dir/
5.Speedupthetransferwithcompression
Asupercooloptiontospeedupthetransfertosavetimeandbandwidth.Allyouneedto
doisusetheCoptiontoenablecompression.Thefilesarecompressedontheflyand
decompressedonthedestination.
$scpvrC~/Downloadsroot@192.168.1.3:/root/Downloads
Intheaboveexamplewemovedtheentiredirectorywithcompressionenabled.Thespeed
gainwoulddependonhowmuchthefilescouldbecompressed.
6.Limitthebandwidthusage
Ifyoudonotwantscptotakeuptheentireavailablebandwidth,thenusetheloptionto
limitthemaximumspeedinKbit/s.
$scpvrCl400~/Downloadsroot@192.168.1.3:/root/Downloads
7.Connecttoadifferentportnumberonremotehost
Iftheremoteserverhassshdaemonrunningonadifferentport(defaultis22),thenyou
needtotellscptousethatparticularportnumberusingthe'P'option.
$scpvCP2200~/test.txtroot@192.168.1.3:/some/path/test.txt
8.Preservefileattributes
The'p'option(smallcase),wouldpreservemodificationtimes,accesstimes,andmodes
fromtheoriginalfile.
$scpCp~/test.txtroot@192.168.1.3:/some/path/test.txt
9.Quietmode
Inquietmode('q'option),thescpoutputwouldgetsuppressed,andwoulddisablethe
progressmeteraswellaswarninganddiagnosticmessages.
$scpvCq~/test.txtroot@192.168.1.3:/some/path/test.txt
10.Specifyidentityfile
Whenusingkeybased(passwordless)authentication,youwouldneedtospecifythe
identityfilewhichcontainstheprivatekey.Thisoptionisdirectlypassedtothessh
commandandworksthesameway.
$scpvCqiprivate_key.pem~/test.txtroot@192.168.1.3:/some/path/test.txt
11.Useadifferentssh_configfile
Usethe'F'optiontospecifyadifferentssh_configfile.
$scpvCF/home/user/my_ssh_config~/test.txtroot@192.168.1.3:/some/path/test.txt
12.Usedifferentcipher
ScpbydefaultusestheAEScipher/encryption.Sometimesyoumightwanttousea
differentcipher.Usingadifferentciphercanspeedupthetransferprocess.Forexample
blowfishandarcfourareknowntobefasterthanAES(butlesssecure).
$scpcblowfishC~/local_file.txtusername@remotehost:/remote/path/file.txt
Intheaboveexampleweusetheblowfishcipheralongwithcompression.Thiscangive
significantspeedboostdependingonavailablebandwidth.
Summary
Althoughscpisveryefficientattransferringfilesecurely,itlacksnecessaryfeaturesofafile
synchronisationtool.Allitcandoiscopypasteallthementionedfilesfromonelocationto
another.
AmorepowerfultoolisRsyncwhichnotonlyhasallfunctionsofscpbutaddsmore
featurestointelligentlysynchronisefilesacross2hosts.Forexample,itcancheckand
uploadonlythemodifiedfiles,ignoreexistingfilesandsoon.