Securely Copy Files Remotely Using SCP

Secure copy (or scp as the program is called) is a program used to securely copy files between hosts on a network. In this post we cover the various use cases of scp.

3 min read

What is SCP used for?

SCP uses ssh for the underlying data transfer and authentication, so it inherits all the security benefits of ssh. It can be used to copy files:

  • from your local machine to a remote machine
  • from a remote machine to your local machine
  • between two remote machines

Auto authentication is possible if you've seup an ssh public/private key pair between two boxes.

Regarding configuration specifics, the ssh config file options in /etc/ssh/ssh_config apply to scp also.

Sample Usage

To copy a files from one host to another, use the following syntax:

scp [[user@]host1:]file1 ... [[user@]host2:]file2

Copying From Your Local Box to a Remote Box

So for example, if your username is "tutonics" and you're copying to a directory writeable by tutonics called "stuff" on the remote machine (e.g. 192.168.0.7):

scp myfile 192.168.0.7:/home/tutonics/stuff/

Note that you can omit the username if it's the same as the user issuing the command. An example of copying to a directory only writeable to root would be:

scp myfile root@192.168.0.7:/root/stuff/

You can rename the file by explicitly including the new name:

scp myfile root@192.168.0.7:/root/stuff/new_file_name

Copying From a Remote Box to Your Local Box

If your username is "tutonics" and you're copying from a directory writeable by tutonics called "stuff" on the remote machine (e.g. 192.168.0.7) to the current location:

scp tutonics@192.168.0.7:/home/tutonics/stuff/myfile ./

An example of copying a file called "somefile" owned by root to tutonics home directory would be:

scp root@192.168.0.7:/root/stuff/somefile /home/tutonics/
`You can rename the file by providing the new name also:`
scp root@192.168.0.7:/root/stuff/somefile /home/tutonics/new_file_name

Copying From a Remote Box to Another Remote Box

If your username is "tutonics" and you're copying from a directory writeable by tutonics called "stuff" on the remote machine (e.g. 192.168.0.7) to a directory writeable by tutonics on the same remote machine:

scp tutonics@192.168.0.7:/home/tutonics/stuff/myfile tutonics@192.168.0.7:/root/stuff/
`Obviously, we could have copied to a different remote machine if we wished:`
scp tutonics@192.168.0.7:/home/tutonics/stuff/myfile tutonics@192.168.0.110:/root/stuff/
`Also, you can copy between between different users (e.g. tutonics to root) if you have permission:`
scp tutonics@192.168.0.7:/home/tutonics/stuff/myfile root@192.168.0.110:/root/stuff/
`And you can rename the file if necessary:`
scp tutonics@192.168.0.7:/home/tutonics/stuff/myfile root@192.168.0.110:/root/stuff/new_file_name

Thanks to Timo Rinne and Tatu Ylonen for their work with scp.

Thank you for reading this article. Please share if you liked it.