Secure copy protocol

The SCP is a network protocol, based on the BSD RCP protocol, which supports file transfers between hosts on a network. SCP uses Secure Shell (SSH) for data transfer and uses the same mechanisms for authentication, thereby ensuring the authenticity and confidentiality of the data in transit. A client can send (upload) files to a server, optionally including their basic attributes (permissions, timestamps). Clients can also request files or directories from a server (download). SCP runs over TCP port 22 by default. Like RCP, there is no RFC that defines the specifics of the protocol. Function Normally, a client initiates an SSH connection to the remote host, and requests an SCP process to be started on the remote server. The remote SCP process can operate in one of two modes: • source mode, which reads files (usually from disk) and sends them back to the client, or • sink mode, which accepts the files sent by the client and writes them (usually to disk) on the remote host. For most SCP clients, source mode is generally triggered with the -f flag (from), while sink mode is triggered with -t (to). Issues using talkative shell profiles SCP does not expect text communicating with the SSH login shell. Text transmitted due to the SSH profile (e.g. echo "Welcome" in the .bashrc file) is interpreted as an error message, and a null line (echo "") causes SCP client to deadlock waiting for the error message to complete. ==scp program==

The SCP program is a software tool implementing the SCP protocol as a service daemon or client. It is a program to perform secure copying. Perhaps the most widely used SCP program is the OpenSSH command line scp program, which is provided in most SSH implementations. The scp program is the secure analog of the rcp command. The scp program must be part of all SSH servers that want to provide SCP service, as scp functions as SCP server too. Since OpenSSH 9.0, the program has been updated to use the newer, more secure SFTP protocol; an -O option is added for using SCP with old SCP-only servers. is like the syntax of cp (copy): Copying local file to a remote host: scp LocalSourceFile user@remotehost:directory/TargetFile Copying file from remote host and recursively copying folder (with -r switch) from remote host: scp user@remotehost:directory/SourceFile LocalTargetFile scp -r user@host:directory/SourceFolder LocalTargetFolder Note that if the remote host uses a port other than the default of 22, it can be specified in the command. For example, copying a file from host: scp -P 2222 user@host:directory/SourceFile TargetFile Other clients As the Secure Copy Protocol implements file transfers only, GUI SCP clients are rare, as implementing it requires additional functionality (directory listing at least). For example, WinSCP defaults to the SFTP protocol. Even when operating in SCP mode, clients like WinSCP are typically not pure SCP clients, as they must use other means to implement the additional functionality (like the ls command). This in turn brings platform-dependency problems. More comprehensive tools for managing files over SSH are SFTP clients. ==Security==

In 2019 vulnerability was announced related to the openssh SCP tool and protocol allowing users to overwrite arbitrary files in the SCP client target directory. ==See also==