# What is scp command in linux?
SCP is a Secure Copy Protocol used for transferring files and directories between two computers. SCP allows you to copy files and directory from the local system to a remote system or remote system to a local system. It is based on the SSH protocol so you will need to provide an SSH password for authenticating the remote system before copying files.
# SCP vs SFTP
Both SCP and SFTP are alternatives for FTP. Both are used for transferring files and run over the TCP port 22. The major difference between both protocols are shown below:
- SFTP is interactive while SCP is a non-interactive protocol.
- Unlike SCP, you can perform many operations like, delete, rename, truncate, move files with SFTP.
- SCP is faster than SFTP.
- Both protocols run on the SSH and support public key authentication.
- You can not resume an interrupted file transfer with SCP. While SFTP allows you to resume an interrupted file transfer.
# How to Use SCP in Linux
The SCP command allows you to transfer files from the local system to a remote system or remote system to localsystem.
The basic syntax to transfer files from local system to the remote system is shown below:
scp [option] [local-file-path] [user@remote-ip:dest-path]
The basic syntax to transfer files from remote system to the local system is shown below:
scp [option] [user@remote-ip:dest-path] [local-file-path]
A brief explanation of each option is shown below:
- -C : Used to enable the compression.
- -i : Used to specify the private key file for authenticating a remote system.
- -l : Used to limit the bandwidth for transferring files.
- -P : Used to specify the SSH port to connect to the remote host.
- -p : Used to preserves modification times and access times from the original file.
- -r : Used to copy entire directories recursively.
- -v : Used to print debugging messages.
# SCP From Local to Remote
To copy a single file from the local system to the /opt directory on the remote system, run the following command:
scp file1.txt user@remote-ip:/opt/
To copy multiple files from the local system to the /opt directory on the remote system, run the following command:
scp file1.txt file2.txt user@remote-ip:/opt/
To copy /etc and all of its sub-directories recursively from the local system to the /mnt directory on the remote system, use the option -r with SCP as shown below:
scp -r /etc user@remote-ip:/mnt/
If you want to transfer a very large file and want to limit the bandwidth usage, you can use -l option to limit the bandwidth.
For example, copy a file named wordpress.tar.gz to the remote system and limit the bandwidth for SCP process to only 50 KB/sec then you can use the parameter -l and set it into 50 x 8 = 400 as shown below:
scp -l 400 wordpress.tar.gz user@remote-ip:/opt/
# SCP From Remote to Local
SCP also allows you to copy files and directories from the remote system to the local system.
To copy a file named /etc/resolv.conf from the remote system to the /mnt directory on the local system, run the following command:
scp user@remote-ip:/etc/resolv.conf /mnt/
If you want to preserves files modification and access times, you can use -p option with SCP command:
scp -p user@remote-ip:/etc/resolv.conf /mnt/
If your remote SSH server is listening on a port other than the default 22 then you can use the option -P to specify the port:
scp -P 2222 user@remote-ip:/etc/resolv.conf /mnt/
# SCP From Linux to Windows
In order to transfer files from the Linux to the Windows machine, An OpenSSH server must be installed on the Windows machine.
You can install an OpenSSH server on the Windows machine by following the below steps:
First, open the PowerShell as an Administrator user and run the following command to verify whether the OpenSSH features are available or not:
Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'
You should get the following output:
Name : OpenSSH.Client ~~~~ 0.0.1.0
State : NotPresent
Name : OpenSSH.Server ~~~~ 0.0.1.0
State : NotPresent
Now, install the OpenSSH server using the following command:
Add-WindowsCapability -Online -Name OpenSSH.Server ~~~~ 0.0.1.0
Next, install the OpenSSH client using the following command:
Add-WindowsCapability -Online -Name OpenSSH.Client ~~~~ 0.0.1.0
Once both are installed, start the SSH service and enable it to start at system reboot with the following command:
Set-Service -Name sshd -StartupType 'Automatic'
Next, configure Windows firewall to allow incomming connection for port 22:
New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
Next, verify the SSH connection using the following command:
You will be asked to provide your administrator password as shown below:
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is SHA256:2iwOBVfxWuPeQ5NV7050E0yA0h40nA9DtFJtWgnxEv4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
Once connected, you should get the following output:
You can now transfer files and directories from the Linux system to the Windows system.
For example, copy a file named file1.txt from the Linux system to the Windows system, run the following command:
scp file1.txt administrator@windows-IP:.
You will be asked to provide your Windows administrator password to transfer the file.
After copying file1.txt , you can find this file at C:\Users\Administrator\> on the Windows system.
# Setup Password Less Authentication for SCP
When you transfer files from the local system to the remote system, you will be asked to provide an SSH password for authenticating the remote system before copying files. You will need to setup the password-less authentication using SSH to disable the password authentication.
First, create a new 4096 bits SSH key on the local system with the following command:
ssh-keygen -t rsa
You will be asked to provide the key location and passphrase. Just press Enter to accept the default file location and also press Enter without specifying any passphrase as shown below:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/vyom/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/vyom/.ssh/id_rsa.
Your public key has been saved in /home/vyom/.ssh/id_rsa.pub.
The key fingerprint is:
The key's randomart image is:
+--[ RSA 2048]----+
|.+.+. ..+ |
|. . o *. |
| o . + o |
| . . o. o |
| . S |
| .. |
| o.E |
| .o+ . |
| o=+ |
Next, you need to copy the public key to the remote server in order to be able to login to your server without a password. You can copy it with the following command:
You will be asked to provide the remote username password to copy the public key to the remote server.
You can now able to copy files from the local system to the remote system without providing password.
In the above guide, you learned how to securely transfer files and directories between two systems using SCP. I hope this will helps you to save your lot of time.