SCP Command Format and Basic Usage
The SCP (Secure Copy Protocol) command is used to securely copy files and directories between a local host and a remote host, or between two remote hosts, using the SSH protocol. Its basic command format is:
scp [options] [source_path] [destination_path]Copy a File from Local to Remote Host
Copy the local file /home/abc.tar.gz to the /root/ directory on remote host 123.123.123.123, using a non-default SSH port 2233:
scp -P 2233 /home/abc.tar.gz [email protected]:/root/abc.tar.gzExplanation:
-P 2233: Specifies the SSH port number as 2233. This parameter can be omitted if the remote host uses the default port 22.[email protected]:/root/abc.tar.gz: Specifies the remote destination. The format isusername@host:path.
Copy a File from Remote Host to Local
Copy the file test.tar.gz from the /remote/ directory on remote host 10.23.185.16 to the local /local/ directory, preserving the file's original attributes (modification time, access time, permissions), and optionally rename it:
scp -P 2223 -p [email protected]:/remote/test.tar.gz /local/test.tar.gzExplanation:
-p: Preserves the source file's modification time, access time, and access permissions.-P 2223: Specifies the SSH port (note the uppercaseP).- The destination path
/local/test.tar.gzcan be customized, allowing you to rename the file during the copy.
Common SCP Command Options Explained
Below are common SCP command options and their descriptions:
-1: Forces the use of SSH1 protocol (obsolete; SSH2 is recommended).-2: Forces the use of SSH2 protocol (default for modern systems).-4: Forces the use of IPv4 addresses only.-6: Forces the use of IPv6 addresses only.-B: Uses batch mode; does not prompt for passwords or passphrases during transfer.-C: Enables compression; passes the-Cflag to SSH to improve efficiency for large file transfers.-p: Preserves the source file's modification time, access time, and access permissions.-q: Quiet mode; suppresses the transfer progress meter.-r: Recursively copies entire directories and their contents.-v: Verbose mode; outputs debug messages about the entire transfer process, useful for troubleshooting connection or configuration issues.-c cipher: Specifies the encryption cipher (e.g.,aes256-ctr); this option is passed directly to SSH.-F ssh_config: Specifies an alternative SSH configuration file path.-i identity_file: Specifies the path to the private key file for authentication (e.g.,~/.ssh/id_rsa).-l limit: Limits the bandwidth used for the transfer, in Kbit/s (e.g.,-l 800limits to 800 Kbit/s).-o ssh_option: Passes additional options in SSH configuration format (e.g.,-o StrictHostKeyChecking=no).-P port: Note the uppercase P; specifies the SSH connection port number (default is 22).-S program: Specifies the path to the program used for the encrypted connection; this program must understand SSH options.
Usage Tips and Important Notes
1. Specifying Port: If the remote SSH service runs on a non-default port, you must use the -P parameter (uppercase) to specify it. The lowercase -p is for preserving file attributes. These have different functions; be careful not to confuse them.
2. Recursive Directory Copy: When copying a directory, you must use the -r option, for example:
scp -r /local/directory/ user@remote-host:/remote/path/3. Using Key Authentication: For improved security and automation, it is recommended to configure SSH key pairs and specify the private key using the -i option:
scp -i ~/.ssh/my_key.pem file.txt user@host:/path/4. Bandwidth Limiting: Use the -l option to limit transfer speed when bandwidth is constrained or to avoid impacting other services.
5. Special Characters in Paths: If file or directory names contain spaces or other special characters, enclose the paths in quotes, for example: scp "local file.txt" user@host:"/remote path/".