unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (OSF1-V5.1-alpha)
Page:
Section:
Apropos / Subsearch:
optional field



scp2(1)								      scp2(1)



NAME

  scp2,	scp - Secure Shell client remote copy application

SYNOPSIS

  scp2 [-D debug_level_spec] [-d] [-p] [-u] [-v] [-h] [-c cipher] [-S ssh2-
  path]	[-P ssh2 port#]	[-t] [-f] [-1] [-4] [-6] [-r] [-B] [-b buffer_size]
  [-N max_requests] [-a] [-q] [-Q] [-V]	[-o ssh2-option] [-i filename]
  [[user@] host	[port #]:] file	... [[user@] host [port	#]:] filename or
  directoryname

OPTIONS

  -D debug_level_spec
      Prints debug information to stderr. The debug_level_spec argument	is a
      number between 0 and 99, where 99	specifies that all debug information
      should be	displayed.

  -d  Makes sure that the destination file is a	directory. If it is not	a
      directory, the scp2 command will exit with an error message.

  -p  Preserves	file attributes	and timestamps.

  -u  Removes source files after copying. It is	similar	to moving a file with
      the mv command.

  -v  Displays information in verbose mode. This is equal to specifying	the
      -D 2 option.

  -h  Displays help.

  -c cipher
      Specifies	the encryption algorithm to use. Multiple -c options are
      allowed; a single	-c option can specify only one cipher.

  -S ssh2-path
      Specifies	the path used in connecting.

  -o ssh2-option
      Specifies	an option for the ssh2 command.

  -i file
      Specifies	the identity file to use.

  -P ssh2-port
      Specifies	the remote port. Ports can also	be defined on a	file-to-file
      basis.

  -t or	-f
      These options are	reserved for scp1 compatibility	mode.  If they are
      used with	the scp2 command, they are used	as arguments to	scp1 to	han-
      dle the connection.

  -1  Invokes scp1.  This argument must	be the first on	the command line and
      separate	from all other one-character arguments.	 It must not be	used
      when the -t or -f	options	are used.

  -4  Instruct ssh2 to use IPv4.

  -6  Instruct ssh2 to use IPv6.

  -r  Copies directories recursively.  Does not	follow symbolic	links.

  -B  Invokes batch mode.

  -b buffer_size
      Defines the maximum buffer size for one request. The default is 32768
      bytes.

  -N max_requests
      Defines the maximum number of concurrent requests. The default is	10.

  -a  Transfers	files using  ascii mode	(i.e., new lines will be converted on
      the fly).	You cannot  specify newline conventions	with the scp2 com-
      mand.  If	you need that feature, use the sftp2 command.

  -q  Quiet mode. Only fatal errors are	reported.

  -Q  Hides process indicator.

  -V  Displays the version.

DESCRIPTION

  The scp2 (secure copy) command creates a secure connection between a Secure
  Shell	client and a server to copy files. A secure connection provides
  client and server authentication, user authentication, data encryption,
  data integrity, and nonrepudiation. The scp2 command is intended as a
  secure replacement for the rcp command. Unlike rcp,  the scp2	command	asks
  for  passwords or passphrases	if they	are needed for authentication.

  After	the client, server and user are	authenticated, the Secure Shell
  server executes the command.	All communication with the remote command or
  shell	will be	 encrypted automatically and checked for integrity. The	ses-
  sion terminates when the command completes.

  A Secure Shell client	and server use public host keys	to authenticate	each
  other. When a	client connects	to a server for	the first time,	the user is
  prompted to accept a copy of the server's public host	key. If	the user
  accepts the key, a copy of the server's public host key is copied to the
  user's hostkeys directory on the client. The client uses this	public host
  key to authenticate the server on subsequent connects. (See ssh-agent2 and
  ssh-add2.)

  Any filename can contain a host, user, and port specification	to indicate
  that the file	is to be copied	to or from that	host.  Copies between two
  remote hosts are  permitted. The host	parameter can be enclosed in square
  brackets ([ ]) to allow the use of semicolons	(e.g., read: IPv6 addresses).
  The filename	can  contain globbing  patterns	(wildcards), and all special
  characters can be escaped to include them in the filename.   See sshre-
  gex(5) for more information about globbing patterns.

  You can also use the Secure Shell sftp2 command to create a secure network
  connection between a Secure Shell client and a server	to copy	files.

  See Security Administration for more information about Secure	Shell clients
  and servers and Secure Shell authentication.


NOTES

  The scp2 command uses	ssh2 in	network	connections. Therefore it is not
  installed as suid-root.  The scp2 command requires that the sftp-server
  subsystem  be	defined	in the sshd2 configuration file	on the server for
  scp2 to work.

EXIT STATUS

  0	  Operation was	successful.

  1, 2	  Operation resulted in	an undetermined	error within sshfilecopy.

  3	  Destination is not directory,	but it should be.

  4	  Connection to	host failed.

  5	  Connection lost.

  6	  File does not	exist.

  7	  No permission	to access file

  8	  Undetermined error from sshfilexfer.

  9	  File transfer	protocol mismatch.

EXAMPLES

  The following	example	shows how to copy files	from your local	system to a
  remote system:

       prompt>>scp localfile user@remotehost:/dest/dir/for/file/


  The following	example	shows how to copy files	from a remote system to	a
  local	system:

       prompt>>scp user@remotehost:/dir/for/file/remotefile /dest/dir/for/file


FILES

  /etc/ssh2/ssh2_config
      Specifies	Secure Shell client configuration information.

  /etc/ssh2/sshd2_config
      Specifies	Secure Shell server configuration information.

  $HOME/.ssh2/identification
      Contains information on how the user will	be authenticated when con-
      tacting a	specific host.	The identification file	has the	same general
      syntax as	the configuration files. The following keywords	can be used:

      IdKey   Followed by the file name	of a private key in the	$HOME/.ssh2
	      directory	used for identification	when contacting	a host.	If
	      there is more than one IdKey, they are tried in the order	that
	      they appear in the identification	file.

      PgpSecretKeyFile
	      Followed by the file name	of the user's OpenPGP private keyring
	      in the $HOME/.ssh2 directory.  The OpenPGP keys listed after
	      this line	are expected to	be found from this file. The keys
	      identified with IdPgpKey*-keywords are used like ones identi-
	      fied with	IdKey-keyword.

      IdPgpKeyName
	      Followed by the OpenPGP key name of the key in the PgpSecret-
	      KeyFile file.

      IdPgpKeyFingerprint
	      Followed by the OpenPGP key fingerprint of the key in the
	      PgpSecretKeyFile file.

      IdPgpKeyId
	      Followed by the OpenPGP key ID of	the key	in the PgpSecretKey-
	      File file.

  $HOME/.ssh2/authorization
      Contains information on how the server will verify the identity of an
      user.  The authorization file has	the same general syntax	as the confi-
      guration files.  The following keywords can be used:

      Key     Followed by the file name	of a public key	in the $HOME/.ssh2
	      directory	used for identification	when contacting	the host.
	      More than	one key	is acceptable for login.

      PgpPublicKeyFile
	      Followed by the file name	of the user's OpenPGP public keyring
	      in the $HOME/.ssh2directory.  OpenPGP keys listed	after this
	      line are expected	to be found from this file.  Keys identified
	      with PgpKey*-keywords are	used like ones identified with Key-
	      keyword.

      PgpKeyName
	      Followed by the OpenPGP key name.

      PgpKeyFingerprint
	      Followed by the OpenPGP key fingerprint.

      PgpKeyId
	      Followed by the OpenPGP key ID.

      Command Specifies	a forced command that will be executed on the server
	      when the user is authenticated.  If used,	it must	follow the
	      Key or PgpKey* keyword. The command supplied by the user (if
	      any) is put in the environment variable SSH2_ORIGINAL_COMMAND.

	      The command is run on a pseudoterminal if	the connection
	      requests a pseudoterminal; otherwise it is run without a termi-
	      nal.

	      This keyword might be useful for restricting certain public
	      keys to perform a	specific operation, such as a key that per-
	      mits remote backups but nothing else.

	      A	client can specify TCP/IP and/or X11 forwardings, unless they
	      are explicitly prohibited.

  $HOME/.ssh2/hostkeys/key_xxxx_yyyy.pub
      These files are the public keys of the hosts to which you	connect. They
      are updated automatically, unless	you set	the StrictHostKeyChecking
      parameter	to yes in the ssh2_config file.	If a host's key	changes, you
      should put the key here only if you are sure that	the new	key is valid;
      for example, you are sure	that there was no man-in-the-middle attack.
      The xxxx is the port on the server where the sshd2 deamon	runs, and the
      yyyy is the host (specified on the command line).

  /etc/ssh2/hostkeys/key_xxxx_yyyy.pub
      If a host	key is not found from the user's $HOME/.ssh2/hostkeys direc-
      tory, this is the	next location to be checked. These files must be
      updated manually.

  $HOME/.rhosts	and $HOME/.shosts
      Contains a list of remote	users who are not required to supply a pass-
      word when	they use Secure	Shell host-based authentication	with the ssh2
      command.

  /etc/hosts.equiv
      Contains the names of remote hosts and users that	are equivalent to the
      local host or user. An equivalent	host or	user is	allowed	to use the
      ssh2 command with	Secure Shell host-based	authentication without sup-
      plying a password.

  $HOME/.ssh2/knownhosts/xxxxyyyy.pub
      Contains the public host keys of hosts that users	need to	log in to
      when using host-based authentication.

      The xxxx is the fully qualified domain name (FQDN) and yyyy is the pub-
      lic key algorithm. Public	key algorithms are ssh-dss and ssh-rsa.	 For
      example, if the FQDN for a host is server1.foo.fi	and it has a key
      algorithm	of ssh-dss, the	host key would be server1.foo.fi.ssh-dss.pub
      in the knownhosts	directory.

      A	user must add the host name to a $HOME/.shosts file or an
      $HOME/.rhosts file.

  /etc/ssh2/knownhosts/xxxxyyyy.pub
      Same as the $HOME/.ssh2/knownhosts/xxxxyyyy.pub file, but	system-wide.
      This file	is overridden if the user puts a file with the same name in
      the $HOME/.ssh2/knownhosts directory.

LEGAL NOTICES

  SSH is a registered trademark	of SSH Communication Security Ltd.

SEE ALSO

  Commands: rcp(1), rlogin(1), rsh(1), sftp2(1), ssh-keygen2(1), ssh-
  agent2(1), ssh-add2(1), ssh2(1), telnet(1), sshd2(8)

  Guides: Security Administration