The Ultimate Guide to SCP
Table Of Contents
- What is the SCP command in Linux?
- SCP vs SFTP
- How to Use SCP in Linux
- SCP From Local to Remote
- SCP From Remote to Local
- SCP From Linux to Windows
- Setup Password Less Authentication for SCP
What is the SCP command in Linux?
SCP is a Secure Copy Protocol that transfers files and directories between two computers. SCP allows you to copy files and directories from the local system to a remote system or remote system to a local system. It is based on the SSH protocol, so you must provide an SSH password for authenticating the remote system before copying files.
SCP vs SFTP
Both SCP and SFTP are alternatives for FTP. Both are used for transferring files and running over the TCP port 22. The significant difference between both protocols are shown below:
SFTP is interactive, while SCP is a non-interactive protocol.
Unlike SCP, you can perform many operations like deleting, renaming, truncating, and moving files with SFTP.
SCP is faster than SFTP.
Both protocols run on SSH and support public key authentication.
You can not resume an interrupted file transfer with SCP. At the same time, SFTP allows you to continue an interrupted file transfer.
How to Use SCP in Linux
The SCP command allows you to transfer files from the local system to a remote system and vice versa.
The basic syntax to transfer files from the local system to the remote system is shown below:
scp [option] [local-file-path] [user@remote-ip:dest-path]
The basic syntax to transfer files from the remote system to the local system is shown below:
scp [option] [user@remote-ip:dest-path] [local-file-path]
A brief explanation of each option is shown below:
-C: Used to enable compression.
-i: Used to specify the private key file for authenticating a remote system.
-l: Used to limit the bandwidth for transferring files.
-P: Used to specify the SSH port to connect to the remote host.
-p: Used to preserve modification times and access times from the original file.
-r: Used to copy entire directories recursively.
-v: Used to print debugging messages.
SCP From Local to Remote
To copy a single file from the local system to the /opt directory on the remote system, run the following command:
scp file1.txt user@remote-ip:/opt/
To copy multiple files from the local system to the /opt directory on the remote system, run the following command:
scp file1.txt file2.txt user@remote-ip:/opt/
To copy /etc., and all of its sub-directories recursively from the local system to the /mnt directory on the remote system, use the option -r with SCP as shown below:
scp -r /etc user@remote-ip:/mnt/
If you want to transfer a very large file and limit the bandwidth usage, you can use the -l option to limit the bandwidth.
For example, copy a file named wordpress.tar.gz to the remote system and limit the bandwidth for the SCP process to only 50 KB/sec. Then, you can use the parameter -l and set it to 50 x 8 = 400, as shown below:
scp -l 400 wordpress.tar.gz user@remote-ip:/opt/
SCP From Remote to Local
SCP also allows you to copy files and directories from the remote to the local system.
To copy a file named /etc/resolv.conf from the remote system to the /mnt directory on the local system, run the following command:
scp user@remote-ip:/etc/resolv.conf /mnt/
If you want to preserve files modification and access times, you can use the -p option with the SCP command:
scp -p user@remote-ip:/etc/resolv.conf /mnt/
If your remote SSH server is listening on a port other than the default 22, then you can use the option -P to specify the port:
scp -P 2222 user@remote-ip:/etc/resolv.conf /mnt/
SCP From Linux to Windows
To transfer files from the Linux to the Windows machine, an OpenSSH server must be installed on the Windows machine.
You can install an OpenSSH server on the Windows machine by following the below steps:
First, open the PowerShell as an Administrator user and run the following command to verify whether the OpenSSH features are available or not:
Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'
It would be best if you got the following output:
Name : OpenSSH.Client ~~~~ 0.0.1.0 State : NotPresent Name : OpenSSH.Server ~~~~ 0.0.1.0 State : NotPresent
Now, install the OpenSSH server using the following command:
Add-WindowsCapability -Online -Name OpenSSH.Server ~~~~ 0.0.1.0
Next, install the OpenSSH client using the following command:
Add-WindowsCapability -Online -Name OpenSSH.Client ~~~~ 0.0.1.0
Once both are installed, start the SSH service and enable it to start at system reboot with the following command:
Start-Service sshd Start-Service ssh-agent Set-Service -Name sshd -StartupType 'Automatic'
Next, configure the Windows firewall to allow incoming connection for port 22:
New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
Next, verify the SSH connection using the following command:
You will be asked to provide your administrator password as shown below:
The authenticity of host 'localhost (::1)' can't be established. ECDSA key fingerprint is SHA256:2iwOBVfxWuPeQ5NV7050E0yA0h40nA9DtFJtWgnxEv4. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts. administrator@localhost's password:
Once connected, you should get the following output:
You can now transfer files and directories from the Linux system to the Windows system.
For example, copy a file named file1.txt from the Linux system to the Windows system, and run the following command:
scp file1.txt administrator@windows-IP:.
You will be asked to provide your Windows administrator password to transfer the file.
After copying file1.txt, you can find this file at C:\Users\Administrator\> on the Windows system.
Setup Password Less Authentication for SCP
When you transfer files from the local system to the remote system, you will be asked to provide an SSH password for authenticating the remote system before copying files. In addition, you will need to set up password-less authentication using SSH to disable the password authentication.
First, create a new 4096 bits SSH key on the local system with the following command:
ssh-keygen -t rsa
You will be asked to provide the key location and passphrase. Just press Enter to accept the default file location and also press Enter without specifying any passphrase as shown below:
Generating public/private rsa key pair. Enter file in which to save the key (/home/vyom/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/vyom/.ssh/id_rsa. Your public key has been saved in /home/vyom/.ssh/id_rsa.pub. The key fingerprint is: 5c:06:99:96:ac:89:00:59:c5:ac:bb:5b:4a:f9:f2:1e vyom@newpc The key's randomart image is: +--[ RSA 2048]----+ |.+.+. ..+ | |. . o *. | | o . + o | | . . o. o | | . S | | .. | | o.E | | .o+ . | | o=+ | +-----------------+
Next, you need to copy the public key to the remote server to be able to login into your server without a password. You can copy it with the following command:
You will be asked to provide the remote username and password to copy the public key to the remote server.
You can now copy files from the local system to the remote system without providing a password.
The above guide taught you how to transfer files and directories between two systems using SCP securely. We hope this will helps you to save a lot of time.
Is SCP transfer encrypted?
SCP ultimately enables encryption and authentication and is used to transmit data to servers. SCP uses Secure Shell (SSH) techniques for authentication and data transfer to ensure the privacy of the data while it is in transit.
What is SCP vs SSH?
SSH is a protocol for creating a secure connection between two remote computers. This secure connection includes mechanisms for compression, encryption, and authentication. SCP is a protocol used to transmit files over a network of computers or internet networks when using an SSH connection.
Backup one server, database, or application for free forever.
Thank you for helping us improve!