DESCRIPTION
scp copies files between hosts on a network. It uses
ssh(1) for data transfer, and uses the same authentication and provides the same security as
ssh(1).
scp will ask for passwords or passphrases if they are needed for authentication.
File names may contain a user and host specification to indicate that the file is to be copied to/from that host. Local file names can be made explicit using absolute or relative pathnames to avoid
scp treating file names containing ‘:’ as host specifiers. Copies between two remote hosts are also permitted.
The options are as follows:
-
-1
-
Forces scp to use protocol 1.
-
-2
-
Forces scp to use protocol 2.
-
-3
-
Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. Note that this option disables the progress meter.
-
-4
-
Forces scp to use IPv4 addresses only.
-
-6
-
Forces scp to use IPv6 addresses only.
-
-B
-
Selects batch mode (prevents asking for passwords or passphrases).
-
-C
-
Compression enable. Passes the -C flag to ssh(1) to enable compression.
-
-c cipher
-
Selects the cipher to use for encrypting the data transfer. This option is directly passed to ssh(1).
-
-F ssh_config
-
Specifies an alternative per-user configuration file for ssh. This option is directly passed to ssh(1).
-
-i identity_file
-
Selects the file from which the identity (private key) for public key authentication is read. This option is directly passed to ssh(1).
-
-l limit
-
Limits the used bandwidth, specified in Kbit/s.
-
-o ssh_option
-
Can be used to pass options to ssh in the format used in ssh_config(5). This is useful for specifying options for which there is no separate scp command-line flag. For full details of the options listed below, and their possible values, see ssh_config(5).
-
AddressFamily
-
-
BatchMode
-
-
BindAddress
-
-
CanonicalDomains
-
-
CanonicalizeFallbackLocal
-
-
CanonicalizeHostname
-
-
CanonicalizeMaxDots
-
-
CanonicalizePermittedCNAMEs
-
-
CertificateFile
-
-
ChallengeResponseAuthentication
-
-
CheckHostIP
-
-
Cipher
-
-
Ciphers
-
-
Compression
-
-
CompressionLevel
-
-
ConnectionAttempts
-
-
ConnectTimeout
-
-
ControlMaster
-
-
ControlPath
-
-
ControlPersist
-
-
GlobalKnownHostsFile
-
-
GSSAPIAuthentication
-
-
GSSAPIDelegateCredentials
-
-
HashKnownHosts
-
-
Host
-
-
HostbasedAuthentication
-
-
HostbasedKeyTypes
-
-
HostKeyAlgorithms
-
-
HostKeyAlias
-
-
HostName
-
-
IdentitiesOnly
-
-
IdentityAgent
-
-
IdentityFile
-
-
IPQoS
-
-
KbdInteractiveAuthentication
-
-
KbdInteractiveDevices
-
-
KexAlgorithms
-
-
LogLevel
-
-
MACs
-
-
NoHostAuthenticationForLocalhost
-
-
NumberOfPasswordPrompts
-
-
PasswordAuthentication
-
-
PKCS11Provider
-
-
Port
-
-
PreferredAuthentications
-
-
Protocol
-
-
ProxyCommand
-
-
ProxyJump
-
-
PubkeyAcceptedKeyTypes
-
-
PubkeyAuthentication
-
-
RekeyLimit
-
-
RhostsRSAAuthentication
-
-
RSAAuthentication
-
-
SendEnv
-
-
ServerAliveInterval
-
-
ServerAliveCountMax
-
-
StrictHostKeyChecking
-
-
TCPKeepAlive
-
-
UpdateHostKeys
-
-
UsePrivilegedPort
-
-
User
-
-
UserKnownHostsFile
-
-
VerifyHostKeyDNS
-
-
-P port
-
Specifies the port to connect to on the remote host. Note that this option is written with a capital ‘P’, because -p is already reserved for preserving the times and modes of the file.
-
-p
-
Preserves modification times, access times, and modes from the original file.
-
-q
-
Quiet mode: disables the progress meter as well as warning and diagnostic messages from ssh(1).
-
-r
-
Recursively copy entire directories. Note that scp follows symbolic links encountered in the tree traversal.
-
-S program
-
Name of program to use for the encrypted connection. The program must understand ssh(1) options.
-
-v
-
Verbose mode. Causes scp and ssh(1) to print debugging messages about their progress. This is helpful in debugging connection, authentication, and configuration problems.