Scp is an acronym for Secure Copy. It is used primarily for copying files over an ssh connection. The copied files are encrypted and assumed secure as ssh. If the files contain sensitive data copying them with SCP or similar encrypted protocol is the best solution. In this tutorial, we will look at how to use SCP in a detailed manner.
Install scp Command with ssh Package
Scp is provided by ssh packages in Linux distributions. So to install
scp we will install ssh but ssh is generally installed by default.
Ubuntu, Debian, Mint, Kali
scp is provided with the
ssh package. We will install the
ssh package with the following
apt install command.
$ sudo apt install ssh -y
We will use
yum package manager.
$ sudo dnf install ssh -y
$ sudo yum install ssh -y
Scp Command Syntax
To get a simple and fast help run SCP without any parameter like below. As we can see we use
scp command and provide options related to the connection. Then we will provide a username and remote hostname with
scp OPTIONS USERNAME@SOURCE_HOST:/FILES_DIRECTORIES USERNAME@DESTINATION_HOST:/FILES_DIRECTORIES
- OPTIONS will define the behavior of the
scpcommand like cipher type, recursive, speed, ssh port, and limit.
- USERNAME is the user of the remote system
- SOURCE_HOST is the host we want to copy files and folders which will be the source.
- DESTINATION_HOST is the destination host where source files and directories will be copied.
- FILES_DIRECTORIES are copied files and directories remote system paths and names.
Scp Command Help Information
To get more detailed help man scp command can be used like below. Scp Unix usage is not different from Linux Scp usage.
$ man scp
Copy Remote Files To Local System With Scp
We will copy files with scp command like below. While copying files scp will ask for credentials.
$ scp email@example.com:/home/ismail/Downloads/backup.tar.gz /home/ali
We have copied backup.tar.gz by providing
ismail user from local system to the
/home/ali. It is not asked for a password because I have already copied the required credentials.
Run Scp Command without Password with Certificate Authentication
If we want to use
scp in a passwordless and more secure manner, we need to setup SSH Key-based authentication. In order to set up key-based authentication, we need to have keys that can be created with the
ssh-keygen command like below.
After creating a key pair we will deploy the public key with the following command to the remote system by providing the user. It will ask a password for the user. After deployment, we can use ssh without a password.
$ ssh-copy-id root@localhost
Copy Local File To The Remote With Scp
We will copy the local file to the remote. As you will see there is no difference from copying from remote to local.
$ scp backup.tar.gz firstname.lastname@example.org:/home/ismail/Downloads
backup.tar.gzis the local file name we want to copy to the remote.
ismailis the username we will authenticate on the remote server.
192.168.122.233is the IP address of the remote system.
/home/ismail/Downlaodsis the remote system path we want to copy.
Copy Remote File To The Local With Scp
Alternatively, we can copy remote files and directories to the local system. We will specify the remote system as a source host. While specifying source host we may need to provide a user name explicitly. Then we will specify the destination which will be our local system path. In this example, we will copy the file named
test.tar.gz file into the local system path
/home/ismail. We will use
ali as a remote system user name.
$ scp email@example.com:/mnt/test.tar.gz /home/ismail/
Copy Folders Recursively With Scp
Up to now, we have copied single files from remote. To copy folders with its sub-folders can be done with a recursive parameter. Recursive parameter makes to copy entire directories recursively. We will use the
$ scp -r Downloads 192.168.122.233:/home/ismail/Documents
Copy Multiple Local Files To The Remote System
We can copy multiple local files to the remote system with SCP command. We will just provide the names of the local files for the source and in the last, we will provide the destination or remote system we want to copy. In this example, we will copy local files named
file3.tar.gz to the remote system.
$ scp file1.txt file2.txt file3.tar.gz firstname.lastname@example.org:/home/ismail/
Copy All Files For Specific File Type or Extension
In some cases, we may need to copy only specific file types or extensions. We can use the bash glob operator in order to generalize the file name and set the extension. In this example, we will copy all text files with the
*.txt extension into the remote system.
$ scp /home/ismail/*.txt email@example.com:/home/ismail
Compress Files While Copying With Scp
Scp encrypts files while copying and this makes some performance loss for the transmission. We can eliminate this performance loss by compressing files. Keep in mind that files are compressed for transfer not entirely. We will use
-C option for compression.
$ scp -C original-ks.cfg root@localhost:/root/original-ks.cfg
By providing -C parameter we have enabled compression for the transfer.
Use Different SSH Port For Scp
Ssh runs by default tcp/22 but sometimes it may be different from that. Scp assumes the port of ssh 22 too. We can change port like below. We will provide the port name with the
-P option and the port number.
$ scp -P 2222 original-ks.cfg root@localhost:/root/original-ks.cfg
We have provided port number with -P parameter and the value
Set Bandwidth Limit For Scp File Transfer
If our network capacity or bandwidth is limited or there is some heavy load which is important copying files with Scp will create extra load. We may need to limit the bandwidth usage of the Scp command. We can use the
-l option and provide the bandwidth we want to set for Scp command. In this example, we will set the bandwidth usage to the 100 kbps.
$ scp -l 100 Backup.tar.gz 192.168.122.233:/home/ismail/Documents
Verbose or Debug Mode For Scp
If there is a problem with the Scp file transfer or connection we have to troubleshoot the problem. So we need more information about the Scp where verbose or debug mode can be enabled with the
$ scp -r -v kafka_2.12-2.2.0 firstname.lastname@example.org:/home/ismail/backup/
Passing Password To Scp Command
We have already set up passwordless key-based authentication but we may need to use SCP with the password. In this case, we can provide a password with a simple app named sshpass to the SCP like below.
$ dnf install sshpass
We have installed it. Because it is separate from ssh tools.
$ sshpass -p "123456" scp original-ks.cfg root@localhost:/root/original-ks.cfg
Here -p for the password and “123456” is our password. Note that our password is not strong and it is easily hackable. Then we provide regular scp command.
How to Escape Spaces In The Path With Scp
If there are spaces in the local or remote path it may become a problem. Say we have a folder named “test 1”. There are two solutions for this
$ scp original-ks.cfg root@localhost:/root/Downloads/test\\\ 1/
We have simple add
\\\ before space in the folder name.
$ scp original-ks.cfg root@localhost:"'/root/Downloads/test 1/'"
We have added a single and double quote around path like above.
As we know SCP uses some encryption algorithms. Scp by default uses Triple-DES to encrypt network traffic. Triple-DES can cause some performance bottlenecks so faster Blowfish or aes128-ctr encryption algorithm usage will make transfers faster.
$ scp -c aes128-ctr tmux.tar ubu1:/home/ismail/backup/