The average cost of data breaches continues to grow every year. In 2024, statistics indicate that this cost has grown by the largest margin ever at 10 percent from 2023. The truth is, your organization could easily become part of this statistic because malicious actors are always snooping around on networks to find vulnerabilities. Having a secure way to transfer or share data is essential to protecting your organization.
The Secure Copy Protocol (SCP) is one way your organization can securely manage these transfers. It’s a command-line utility built on the Secure Shell (SSH) protocol that lets you securely transfer files between hosts.
SCP works by encrypting file contents and user credentials during transmission.
Read on to learn how to use the SCP command in Linux through 10 detailed examples.
Prerequisites
Before we tackle the examples, there are several requirements you should meet to use the SCP command.
First and foremost, you should have basic command-line knowledge, particularly Linux terminal commands.
You should also have SSH installed and configured on the machines sharing the files.
And lastly, you need authentication details, such as username and password or SSH login/keys.
Basic SCP Command Structure
The basic syntax for the SCP command is:
scp [options] source_file user@destination_host:path/to/destination
Let’s break down the above syntax:
- scp is the command itself.
- [options] represent the various flags that modify the behavior. Examples include -r for recursively copying directories and their contents, -p for preserving original file permissions and timestamps, and -l for limiting the bandwidth used during transfer.
- source_file represents the file or directory you want to copy.
- user@destination_host is the username and remote host.
- path/to/destination is the path on the remote server that will store the file.
Now that we know how this command works, let’s get into the examples.
Example 1: Copying a File from Local to Remote
Sometimes, you will need to copy files from a local client to a remote server, such as when backing up files or sending content to a web server.
To do this, you can use an SCP command as shown below:
scp /path/to/local/file.txt user@remote_host:/path/to/remote/directory/
This command transfers file.txt from your local machine to a specified directory on the remote server.
Say, for instance, you want to transfer a project report saved as report.txt in the documents folder on your local machine to a secure folder named secrets.folder on a remote server. Also, assume that the SSH username is strongdm and 192.168.1.10 is the IP address of the remote server. You’d run:
scp /home/local_user/documents/report.txt strongdm@192.168.1.10:/home/remote_user/secrets.folder/
Example 2: Copying a File from Remote to Local
If you need to access and save files stored on a remote server for local analysis or editing, you can use the following SCP command:
scp user@remote_host:/path/to/remote/file.txt /path/to/local/directory/
Say you need to download a log file named server_logs.txt from a remote server and save it on a local file named documents. The SSH username is strongdm, and the IP address of the remote server is 192.168.1.10.
The command to save it locally would be:
scp strongdm@192.168.1.10:/var/log/server_logs.txt /home/local_user/documents/
Example 3: Copying a Directory Recursively
Copying a directory recursively simply means creating an exact replica of the directory structure — its subdirectories and files within them in a new location.
You can perform this action using the following scp command:
scp -r /path/to/local/directory/ user@remote_host:/path/to/remote/directory/
Let’s examine an example of a recursive scp command:
scp -r /path/to/local/documents/strongdm@192.168.1.10:/path/to/remote/server_logs.txt
The -r (recursive) option tells scp to copy everything inside the local directory “documents” to the destination directory on the server named “server_logs.txt.”
Example 4: Using SCP with a Specific Port
If your remote server isn’t listening on the default SSH port (22), you can use the _P option to specify the port.
For instance, if your command looks like this:
scp -P 2222 /path/to/local/file.txt user@remote_host:/path/to/remote/directory/
The -P option tells scp to listen via SSH port 2222 for the connection to move folder “file.txt” from a local system to a remote server.
Example 5: Preserving File Permissions and Timestamps
It’s possible to preserve a file’s metadata on the remote server even after you copy it.
You can achieve this by using the -p option as shown below:
scp -p /path/to/local/file.txt user@remote_host:/path/to/remote/directory/
The -p option tells the scp command to preserve file.txt’s original attribute during the transfer from the local client to the remote server.
Example 6: Copying Multiple Files at Once
Usually, you need to copy several files simultaneously. Copying a file at a time when you have hundreds can be time-consuming and cumbersome.
You can list all the files you need to transfer in the command as shown below:
scp /path/to/file1.txt /path/to/file2.txt user@remote_host:/path/to/remote/directory/
This command will transfer file1.txt and file2.txt at the same time from the local system to the remote server’s specified directory.
Example 7: SCP with SSH Key Authentication
SSH key authentication removes the need to enter a password each time when copying files between computers or between local clients and remote servers.
To leverage this method, you must first generate and set up an SSH key on the remote server. Then, you can use the -i flag in SCP to specify the private key file.
To use SSH keys with SCP, first ensure that you have generated and set up an SSH key on the remote server.
Here’s how to generate SSH keys:
ssh-keygen -t rsa
Then, copy the public key to the remote host:
ssh-copy-id user@remote_host
Say the private key is ssh-id-rsa. You can now use the -i flag in SCP to specify the private key file like this:
scp -i /path/to/ssh-id-rsa /path/to/local/file.txt user@remote_host:/path/to/remote/directory/
Example 8: Limiting Transfer Speed
In cases where you worry about network congestion, dropped connections, or draining the bandwidth, you can limit the transfer speed.
This can be especially helpful if you’re transferring very large files.
You can use the -1 option to achieve this.
Take, for instance, this example:
scp -l 900 /path/to/local/file.txt user@remote_host:/path/to/remote/directory/
This command limits the transfer speed of file.txt to 900 Kbit/s (kilobits per second).
Example 9: Transferring Files Verbosely
Sometimes, you may need to track the inner workings of the file transfer between systems, such as the connection process and the debugging information about SSH.
To do so, you can leverage the -v option, which tells scp to enable verbose mode.
A sample command for transferring files verbose might look like this:
scp -v /path/to/local/file.txt user@remote_host:/path/to/remote/directory/
Example 10: Copying Between Two Remote Servers
Copying files between two remote servers can help expedite processes by bypassing local machines.
You can use a command that resembles the following:
scp user1@host1:/path/to/source/file.txt user2@host2:/path/to/destination/
This command transfers file.text between two remote servers without needing to download it on your computer.
Common SCP Command Errors
At some point, you will encounter errors and issues when working with scp commands.
For instance, if you get a “permission denied” error, it might mean that you lack sufficient privileges on the destination directory.
A “connection refused” error, on the other hand, usually means that you entered the wrong SSH port setting.
Lastly, if you receive a timeout pop-out, it could be due to network issues or incorrect host details, such as the IP address.
Alternatives to SCP
While SCP commands are usually simple and effective for basic transfers, they may not be suitable for specific scenarios.
A common alternative you may find helpful is rsync. This transfer tool offers advanced features like synchronization, bandwidth control, and incremental transfers. The most distinctive advantage is its ability to quickly recover after errors.
There's another alternative protocol called sftp that works similarly to scp but stands out due to its ability to create, list, and delete directories.
Lastly, another widely used file transfer protocol you can also leverage is ftp. It features a familiar command line and also has graphical tools for users without technical knowledge.
How StrongDM Enhances Secure File Transfers
While SCP facilitates secure file transfers, manually managing SSH access keys for these transfers can be overwhelming. Wasted time and lost productivity become issues if your organization deals with large databases.
With StrongDM, you can centralize this process. Our solution gives you a 360-degree view of your systems so you can see who’s doing what and when via detailed audit logs. StrongDM also seamlessly integrates with your existing security solutions. You don’t have to worry about extra purchases for integrations.
To see our product in action and how it can serve you, book a demo today.
