Using Secure Copy Protocol to Transfer Files in Linux

Secure Copy Protocol (scp) helps to securely transfer files between hosts on a network. It relies on SSH (secure shell) using SFTP protocol to create a secure connection and encrypt the data during transit whether it is a single file or whole directory.

• scp uses the same authentication as SSH and provides the same security as a login session. It'll prompt for password or passphrases, if required.
• If SSH keys are configured between local and remote systems for the involved user(s), scp can run without any prompts to the user.

This article will show you how you can use scp with various options to transfer files in a Linux system.

scp Usage

The common syntax for using scp command in Linux is as shown below:

$ scp [options] [user1@][source_host:][source_path]<source_file> 
[user2@][destination_host:][destination path]<destination_file>

Where

• options are flags that we can use with the scp command
• user1 and user2 are the usernames on the source and destination hosts
• source_host and destination_host are the hostname or IP address of the source and destination machines
• source_path is the path of the source_file on source_host, either absolute or relative
• source_file is the name of the file on source_host
• destination_path is the path where source_file will be copied on the destination_host
• destination_file is the name that will be used for the copied file at the destination_host

Not all values are required by the scp command, and it assumes default values when optional parameters are skipped. We'll cover specific scp options and their usage in next section.

scp Command Options

Let's understand some of the options (flags) that are commonly used with the scp command.

Copying Single File

A single file can be copied using scp from local to remote system as ?

$ scp file1.txt remote_user@remote_host:/path/to/file/filename.txt 

Similarly, to copy a remote file on local system, keeping same filename as in remote host, use ?

$ scp remote_user@remote_host:/path/to/file/filename.txt /local/path/

Copying Multiple Files

Multiple files can be copied at once by specifying them as comma separated list:

$ scp file1.txt,file2.txt remote_user@remote_host:/path/to/file/ 

Copying Entire Directory

Complete directory (including their files and sub-directories) can be copied to the destination host by using option -r (recursive).

$ scp -r /path/to/local/directory remote_user@remote_host:/path/to/directory/ 

Preserving File Attributes

The original timestamp and permissions of a file can be preserved by using option -p flag with scp command as shown below:

$ scp -p file1.txt remote_user@remote_host:/path/to/file/ 

Specifying SSH Port

In case SSH server on remote host uses a non-standard port (default is 22/tcp), in such case use -P option to specify the port value along with the usual scp command as:

$ scp -P <port_number> file1.txt remote_user@remote_host:/path/to/file/

As an example, if we need to specify SSH port as 2222 for remote host with IP 192.168.1.10 while using scp, use:

$ scp -P 2222 file1.txt [email protected]:/var/tmp

Limiting Bandwidth

In case we need to put a threshold on the transfer speed, as in to avoid throttling the network capacity of the server, it can be controlled by using the option -l with scp. The value to be provided should be in Kbit/s.

$ scp -l <bandwidth> file1.txt remote_user@remote_host:/path/to/file/

For example, to limit bandwidth use to 500 Kbit/s, the scp command with -l flag would look like:

$ scp -l 500 file1.txt [email protected]:/var/tmp 

Verbose Output

When facing issues with scp or SSH connections while transferring files, verbose output can be enabled by using option -v. This allows printing of debugging messages. This is particularly helpful in debugging connection, authentication and configuration problems.

$ scp -v file1.txt remote_user@remote_host:/path/to/file/  

IPv4 and IPv6

To force scp to use either IPv4 or IPv6 addresses only, use -4 or -6 flags respectively. For forcing IPv4, the command would look like:

$ scp -4 file1.txt remote_user@remote_host:/path/to/file/ 

While for forcing IPv6 usage only, the command would be:

$ scp -6 file1.txt remote_user@remote_host:/path/to/file/ 

Enable Compression

We can enable compression with scp command using -C flag. This is helpful in situations with limited bandwidth and when transferring large files.

$ scp -C file1.txt remote_user@remote_host:/path/to/file/ 

Conclusion

scp is the tool of choice for transferring files from local to remote systems and vice-versa for anyone working with Linux systems. It offers ease-of-use while providing required security via authentication systems already in place on the system. It is built over SFTP with SSH and encrypts all information in transit.

As best practice, you can also set up SSH key-based authentication between servers, which is especially helpful for doing automation with scp command, since it allows transfers without prompting for passwords.