JIYIK CN >

Scp copies files between two hosts over the network, and the data is encrypted during transmission. Its underlying layer uses ssh for data transmission. And it has the same authentication mechanism and the same security level as ssh.

When using scp to copy a file to another host, if the target file already exists, the default is to replace the target file's contents with the contents of the copied file. Of course, if the target file does not exist, the system will first create an empty target file, and then fill the contents of the copied file into the newly created target file.

Scp Options

In Linux, we know that there are two ways to view a command: one is through --help/-h; the other is through the man command. For simplicity, we use --help/-h to view the options of scp.

# scp –help
scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P port] [-S program] [[user@]host1:]file1 [...] [[user@]host2:]file2

We can see that scp includes all the above options. Let's introduce them one by one.

-1 Force scp to use ssh1 protocol.
-2 Force scp to use ssh2 protocol.
-4 Force scp to use IPV4 format address.
-6 Force scp to use IPV6 format address.
-B Use batch mode (no password or passphrase will be asked before transfer).
-C Enable compression mode, pass -C to ssh protocol to turn on compression.
-p Keep the modification time, access time and access rights of the source file.
-q Disable the transfer progress bar. -r Recursively copy the entire specified folder.
-c cipher Select the cipher method to encrypt the transmitted data. This option will be passed directly to ssh for use.
-F ssh_config Specifies a configuration file that can be used to replace ssh. This option is passed directly to ssh for use.
-i identity_file Read the key for RSA authentication from the specified file. This option is passed directly to ssh for use.
-l limit Limit the bandwidth that users can use, in Kbit/s.
-P port Here P is uppercase. Specify the port used to connect to the remote host.
-S program Specify the encryption program used for encrypted transmission connection.
-o ssh_option Pass options to ssh using the format used in ssh_config(5).

Scp usage examples

Example 1

# scp /phppro/Db.php root@192.168.18.130:/Db.php

This method only requires entering a password because the username root is specified. This is to remotely copy the local /phppro/Db.php file to the root directory of the host 192.168.18.130.

Example 2

# scp /phppro/Db.php 192.168.18.130:/Db.php

In this method, since no username is specified, you need to enter the username and password manually. Note that on some systems, if you do not specify a username, the root user will be used by default.

Example 3

# scp –r /phppro root@192.168.18.130:/phppro

Recursively copy the contents of the entire folder to the target folder. Similarly, if the target folder phppro does not exist, it will be created first.

Scp does not require a password to transfer

Through the above usage examples, we found that we have to enter the password every time according to the above method, which is really not very convenient to use. Especially if we need to use this command in a script to achieve automatic copying, the problem is even more acute. So we need a way to achieve transmission without entering a password.

At this time we can use the following method

# ssh-keygen –t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
f6:f7:1d:1e:43:79:a9:72:ed:1c:60:e6:74:8b:a4:8c root@localhost.localdomain

Let's look at the second line (Enter file in which to save the key (/root/.ssh/id_rsa):). Here we will be asked to enter the save path. Just press Enter and use the default. Let's look at the third line (Enter passphrase (empty for no passphrase):) and the fourth line (Enter same passphrase again:). Here we are asked to enter the verification password. The password entered here will replace the password of the specified account on the target host. That is to say, if we specify the root account of the target host, the password of this user is 123456. If we set abcdef in the password setting, then before each transmission, the system requires us to enter the password abcdef instead of the root account password 123456.

Of course, what we need is not to enter any password or passphrase every time we transmit. So here we should directly press Enter on the third and fourth lines without entering any string.

After the above command is executed, three files will be generated in the $HOME/.ssh/ directory: id_rsa (private key file), id_rsa.pub (public key file) and knonw_hosts file. Next, we will copy id_rsa.pub (public key file) to the $HOME/.ssh directory of the target host. After the copy is completed, rename the id_rsa.pub file under the target host to authorized_keys. After all these are done, you no longer need to enter passwords or passphrases when using scp to copy files remotely.

I personally think that mastering the scp command will be of great help to our future work. I hope this article can help you.