Overview
In this tutorial, you will learn how to use the SCP command in Linux to securely copy files to remote hosts.
The scp command uses SSH to transfer data from one host to another, and uses the same authentication and security provided by SSH. As such, this is one of the most secure ways to transfer data between servers on a LAN network.
SCP Command Basics
To copy files or directories from one host to another you use the following syntax.
scp [options] source ... target- The
sourceis a list of files or directories to be copied to the target host. - The
targetis the host you are copying files to.
The following are common options related to SSH that can be set.
| Option | Description |
|---|---|
-4 | Forces scp to use IPv4 addresses only. |
-6 | Forces scp to use IPv6 addresses only |
-B | Selects batch mode. This mode surpasses any prompts for passwords or passphrases. |
-C | Compression enabled, which is passed to SSH. |
-c cipher | The cipher to be used by SSH |
-F ssh_config | Specifies an alternative per-user configuration file for ssh. |
-i identity_file | Selects the file from which the identity (private key) for public key authentication is read. |
-J destination | Connect to the target host by first making an scp connection to the jump host described by destination, and then establishing a TCP forwarding to the destination from there. Multiple jump hops may be specified separated by comma characters. |
-l limit | Limits the bandwidth, specified in Kbit/s. |
-o ssh_options | Used to pass options to SSH in the format used in ssh_config(5). |
SCP Files to a Target Server
The following example copies a directory path ~/app from the source host to a target host at 10.0.0.24. The SSH connection uses the lab_id_rsa private key for authentication.
scp -I ~/.ssh/lab_id_rsa ~/app 10.0.0.24:/opt/appSCP Multiple Files to a Target Server
In the following example, multiple directories from the source host are copied to the remote host. The directories are copied into the /opt/backups directory on the target host.
scp ~/app1 ~/app2 ~/app3 10.0.0.24:/optSCP over IPv4 Only
In this example we force the scp command to use IPv4 addresses only to copy files between two hosts.
scp -4 ~/app1 ~/app2 ~/app3 10.0.0.24:/optSCP over IPv6 Only
With IPv6 becoming even more common in enterprise organizations and the Internet, you may want to force IPv6 only when using the scp command.
scp -6 ~/app1 ~/app2 ~/app3 10.0.0.24:/optSCP Batch Mode to Suppress Passwords
When copying data between two hosts using the scp command in a script file or automated workflow, any password or passphrase prompts should be suppressed. The scp command has a -B flag that forces prompts to be ignored.
In order to use the scp batch mode the remote user must not have a password, which is strongly discouraged, or it must use SSH public/private key pairs for authentication.
scp -i ~/.ssh/backup_id_rsa ~/backup/files 10.0.0.4:/opt/backupsConclusion
The scp command is a very secure way of transferring data from one host to another. As it uses SSH to transfer data, the connections are very secure and support many of the options available to SSH.
Also, with its batch mode the scp command can be used in automated workflows, without worrying about password or passphrase prompts. So long as you have a private ssh key, with its public pair on the remote host, you can transfer data without being prompted to a password.
