Use the SCP command to transfer files securely
The Secure Copy Protocol (SCP) provides a secure method for transferring files between a local host and a remote host, or between two remote hosts. It leverages the Secure Shell (SSH) protocol for encryption, ensuring the confidentiality and integrity of the data during transmission. "SCP" often refers to both the protocol itself and the command-line program used to execute it. This article will guide you through using the scp
command effectively.
Step 1: Install SCP
On macOS and Linux systems, the scp
command is typically pre-installed as part of the OpenSSH suite. Therefore, no additional installation is usually required. However, if you encounter an error message like bash: scp: command not found
when attempting to use the command, it indicates that SCP is not installed on your local or remote server.
To install SCP, use the appropriate package manager for your operating system:
Fedora, Red Hat, or CentOS:
$ yum -y install openssh-clients
Debian or Ubuntu:
$ apt-get install openssh-client
Step 2: How to use SCP
Before demonstrating how to use the scp
command, let’s examine its basic syntax.
The scp
command syntax follows this general structure:
$ scp [OPTION] s_user@SHOST:file1 d_user@DHOST:file2
Where:
OPTION
represents various command-line options to modify the behavior of SCP.s_user
is the username on the source host.SHOST
is the hostname or IP address of the source host.file1
is the path to the file or directory to be copied on the source host.d_user
is the username on the destination host.DHOST
is the hostname or IP address of the destination host.file2
is the path to where the file or directory should be copied on the destination host.
Local files should be specified using an absolute or relative path. Remote file names require including a user and host specification in the format user@host:path
.
SCP offers several options to fine-tune its operation. Here are some of the most frequently used options:
-P port
: Specifies the port number to connect to on the remote host. This is useful if the SSH server is listening on a non-standard port.-r
: Enables recursive copying of directories.-v
: Enables verbose mode, providing more detailed output about the transfer process.-C
: Enables compression during the transfer, which can improve speed, especially on slower networks.-i identity_file
: Specifies the path to a private key file for authentication. This allows you to authenticate without entering a password.-3
: Routes the traffic through the machine from which the command is issued when transferring between two remote hosts.
Step 3: Using SCP
Copy Files and Directories Between Two Systems
To copy a file from your local system to a remote system, use the following command:
$ scp file1.txt <a href="/cdn-cgi/l/email-protection" data-cfemail="394b4c4a5c4b7908000b17080f011708170b0b">[email protected]</a>:/data/test
In this example, file1.txt
is the name of the file to be copied, ruser
is the username on the remote server, and 192.168.1.22
is the server’s IP address. The path /data/test
specifies the directory where you want to copy the file on the remote server. If you omit the remote directory, the file will be copied to the remote user’s home directory.
You will be prompted to enter the user’s password on the remote server before the transfer begins.
<a href="/cdn-cgi/l/email-protection" data-cfemail="f78582849285b7c6cec5d9c6c1cfd9c6d9c5c5">[email protected]</a>'s password:
file1.txt 100% 0 0.0KB/s 00:00
By default, the file is copied with its original name. To save the file with a different name on the remote server, specify the new name in the destination path:
$ scp file1.txt <a href="/cdn-cgi/l/email-protection" data-cfemail="f58780869087b5c4ccc7dbc4c3cddbc4dbc7c7">[email protected]</a>:/data/test/newfile.txt
If the SSH server on the remote host is listening on a port other than the default port 22, use the -P
argument to specify the port number:
$ scp -P 2222 file1.txt <a href="/cdn-cgi/l/email-protection" data-cfemail="f78582849285b7c6cec5d9c6c1cfd9c6d9c5c5">[email protected]</a>:/data/test
Copying a directory is similar to copying files. However, you must include the -r
flag to enable recursive copying:
$ scp -r /data/test <a href="/cdn-cgi/l/email-protection" data-cfemail="ff8d8a8c9a8dbfcec6cdd1cec9c7d1ced1cdcd">[email protected]</a>:/data/testRemote
To copy a file from a remote system to your local system, reverse the source and destination in the command. For example, to copy a file named test.txt
from a remote server with IP address 192.168.1.22
to your local /data
directory, use the following command:
$ scp <a href="/cdn-cgi/l/email-protection" data-cfemail="e69493958394a6d7dfd4c8d7d0dec8d7c8d4d4">[email protected]</a>:/data/test.txt /data
If you haven’t configured SSH key-based authentication, you will be prompted to enter the user’s password on the remote server.
Copy a File Between Two Remote Systems
Unlike rsync
, you don’t need to log in to one of the servers to transfer files between two remote machines when using SCP. The SCP command simplifies the process.
The following command will copy the file /folder/file.txt
from remote host web1.com
to remote host web2.com
‘s directory /files
.
$ scp user1@web1.com:/folder/file.txt <a href="/cdn-cgi/l/email-protection" data-cfemail="0a7f796f78384a7d6f683824696567">[email protected]</a>:/files
You will be prompted to enter the passwords for both remote accounts. The data will be transferred directly from one remote host to the other.
To route the traffic through the machine from which you issue the command, use the -3
option:
$ scp -3 user1@web1.com:/folder/file.txt <a href="/cdn-cgi/l/email-protection" data-cfemail="c5b0b6a0b7f785b2a0a7f7eba6aaa8">[email protected]</a>:/files
Alternative Solutions for Secure File Transfer
While SCP is a reliable method for secure file transfer, alternative solutions exist that offer different advantages and features. Here are two such alternatives:
1. Rsync over SSH
Rsync is a powerful file synchronization tool that can be used for secure file transfer over SSH. Unlike SCP, which copies entire files, rsync can transfer only the differences between files, making it significantly faster for synchronizing large files or directories that have only been partially modified.
Explanation:
Rsync uses an algorithm to identify the blocks of data that have changed between the source and destination files. It then transfers only these changed blocks, reducing the amount of data that needs to be transmitted. When used with the -e ssh
option, rsync establishes a secure connection using SSH, providing the same level of security as SCP.
Code Example:
rsync -avz -e ssh /local/directory/ <a href="/cdn-cgi/l/email-protection" data-cfemail="72070117004032051710405c111d1f">[email protected]</a>:/remote/directory/
In this example:
-a
: Archive mode; preserves permissions, ownership, timestamps, etc.-v
: Verbose mode.-z
: Enables compression.-e ssh
: Specifies that SSH should be used for the transfer./local/directory/
: The local directory to be synchronized.<a href="/cdn-cgi/l/email-protection" data-cfemail="12676177602052657770203c717d7f">[email protected]</a>:/remote/directory/
: The remote directory to synchronize with.
2. SFTP (SSH File Transfer Protocol)
SFTP is a more feature-rich protocol than SCP, offering interactive file transfer capabilities. It provides a command-line interface similar to FTP but operates over a secure SSH connection.
Explanation:
SFTP allows you to browse remote directories, upload and download files, create and delete directories, and perform other file management operations securely. This makes it suitable for more complex file transfer tasks that require more than just simple copying.
Code Example:
- Connect to the remote server:
sftp <a href="/cdn-cgi/l/email-protection" data-cfemail="7a080f091f083a4b4348544b4c42544b544848">[email protected]</a>
- Once connected, use SFTP commands to navigate and transfer files:
ls
: List files in the current remote directory.cd
: Change the current remote directory.get
: Download a file from the remote server to the local machine. Example:get remote_file.txt
put
: Upload a file from the local machine to the remote server. Example:put local_file.txt
bye
: Disconnect from the SFTP server.
SFTP provides a more interactive and versatile approach to secure file transfer compared to SCP, making it a better choice for tasks that involve more than just simple file copying.
Conclusion
This guide has demonstrated how to use the SCP command to transfer files securely. SCP is a straightforward and secure way to copy files between systems. We also explored two alternative methods: rsync over SSH and SFTP, highlighting their respective strengths and use cases. Understanding these different options allows you to choose the most appropriate tool for your specific file transfer needs.
Consider configuring SSH key-based authentication to avoid entering your password repeatedly when connecting to your Linux servers.