4 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
6 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
7 .\" All rights reserved
9 .\" Created: Sun May 7 00:14:37 1995 ylo
11 .\" $OpenBSD: scp.1,v 1.100 2021/08/11 14:07:54 naddy Exp $
13 .Dd $Mdocdate: August 11 2021 $
18 .Nd OpenSSH secure file copy
23 .Op Fl D Ar sftp_server_path
24 .Op Fl F Ar ssh_config
25 .Op Fl i Ar identity_file
26 .Op Fl J Ar destination
28 .Op Fl o Ar ssh_option
34 copies files between hosts on a network.
38 for data transfer, and uses the same authentication and provides the
39 same security as a login session.
40 The scp protocol requires execution of the remote user's shell to perform
45 will ask for passwords or passphrases if they are needed for
52 may be specified as a local pathname, a remote host with optional path
55 .Oo user @ Oc host : Op path ,
59 .No scp:// Oo user @ Oc host Oo : port Oc Op / path .
61 Local file names can be made explicit using absolute or relative pathnames
64 treating file names containing
68 When copying between two remote hosts, if the URI format is used, a
70 cannot be specified on the
76 The options are as follows:
79 Copies between two remote hosts are transferred through the local host.
80 Without this option the data is copied directly between the two remote
82 Note that, when using the legacy SCP protocol (the default), this option
83 selects batch mode for the second host as
85 cannot ask for passwords or passphrases for both hosts.
86 This mode is the default.
90 to use IPv4 addresses only.
94 to use IPv6 addresses only.
99 The default is not to forward an authentication agent.
101 Selects batch mode (prevents asking for passwords or passphrases).
108 to enable compression.
110 Selects the cipher to use for encrypting the data transfer.
111 This option is directly passed to
113 .It Fl D Ar sftp_server_path
114 When using the SFTP protocol support via
116 connect directly to a local SFTP server program rather than a
119 This option may be useful in debugging the client and server.
120 .It Fl F Ar ssh_config
121 Specifies an alternative
122 per-user configuration file for
124 This option is directly passed to
126 .It Fl i Ar identity_file
127 Selects the file from which the identity (private key) for public key
128 authentication is read.
129 This option is directly passed to
131 .It Fl J Ar destination
132 Connect to the target host by first making an
134 connection to the jump host described by
136 and then establishing a TCP forwarding to the ultimate destination from
138 Multiple jump hops may be specified separated by comma characters.
139 This is a shortcut to specify a
141 configuration directive.
142 This option is directly passed to
145 Limits the used bandwidth, specified in Kbit/s.
147 Use the legacy SCP protocol for file transfers instead of the SFTP protocol.
148 Forcing the use of the SCP protocol may be necessary for servers that do
149 not implement SFTP or for backwards-compatibility for particular filename
151 This mode is the default.
152 .It Fl o Ar ssh_option
153 Can be used to pass options to
155 in the format used in
157 This is useful for specifying options
158 for which there is no separate
161 For full details of the options listed below, and their possible values, see
164 .Bl -tag -width Ds -offset indent -compact
170 .It CanonicalizeFallbackLocal
171 .It CanonicalizeHostname
172 .It CanonicalizeMaxDots
173 .It CanonicalizePermittedCNAMEs
174 .It CASignatureAlgorithms
179 .It ConnectionAttempts
184 .It GlobalKnownHostsFile
185 .It GSSAPIAuthentication
186 .It GSSAPIDelegateCredentials
189 .It HostbasedAcceptedAlgorithms
190 .It HostbasedAuthentication
191 .It HostKeyAlgorithms
198 .It KbdInteractiveAuthentication
199 .It KbdInteractiveDevices
201 .It KnownHostsCommand
204 .It NoHostAuthenticationForLocalhost
205 .It NumberOfPasswordPrompts
206 .It PasswordAuthentication
209 .It PreferredAuthentications
212 .It PubkeyAcceptedAlgorithms
213 .It PubkeyAuthentication
216 .It ServerAliveInterval
217 .It ServerAliveCountMax
219 .It StrictHostKeyChecking
223 .It UserKnownHostsFile
227 Specifies the port to connect to on the remote host.
228 Note that this option is written with a capital
232 is already reserved for preserving the times and modes of the file.
234 Preserves modification times, access times, and modes from the
237 Quiet mode: disables the progress meter as well as warning and diagnostic
241 Copies between two remote hosts are performed by connecting to the origin
247 running on the origin host can authenticate to the destination host without
248 requiring a password.
250 Recursively copy entire directories.
253 follows symbolic links encountered in the tree traversal.
257 to use for the encrypted connection.
258 The program must understand
262 Use the SFTP protocol for file transfers instead of the legacy SCP protocol.
263 Using SFTP avoids invoking a shell on the remote side and provides
264 more predictable filename handling, as the SCP protocol
265 relied on the remote shell for expanding
269 A near-future release of OpenSSH will make the SFTP protocol the default.
270 This option will be deleted before the end of 2022.
272 Disable strict filename checking.
273 By default when copying files from a remote host to a local directory
275 checks that the received filenames match those requested on the command-line
276 to prevent the remote end from sending unexpected or unwanted files.
277 Because of differences in how various operating systems and shells interpret
278 filename wildcards, these checks may cause wanted files to be rejected.
279 This option disables these checks at the expense of fully trusting that
280 the server will not send unexpected filenames.
287 to print debugging messages about their progress.
289 debugging connection, authentication, and configuration problems.
304 is based on the rcp program in
306 source code from the Regents of the University of California.
308 .An Timo Rinne Aq Mt tri@iki.fi
309 .An Tatu Ylonen Aq Mt ylo@cs.hut.fi