scp secure copy (remote file copy program)	Command
	SYNOPSIS DESCRIPTION Options AUTHORS HISTORY CAVEATS PORTABILITY AVAILABILITY SEE ALSO

---

SYNOPSIS

scp [-346ABCOpqRrsTv] [-c cipher] [-D sftp_server_path] [-F ssh_config] [-i identity_file] [-J destination] [-l limit] [-o option] [-P port] [-S program] [-X sftp_option] source [...] target

---

DESCRIPTION

scp copies files between hosts on a network.

scp uses the SFTP protocol over a ssh connection for data transfer, and uses the same authentication and provides the same security as a login session.

scp will ask for passwords or passphrases if they are needed for authentication.

The source and target may be specified as a local pathname, a remote host with optional path in the form [user@]host:[path] , or a URI in the form scp://[user@]host[:port][/path] . Local file names can be made explicit using absolute or relative pathnames to avoid scp treating file names containing : as host specifiers.

When copying between two remote hosts, if the URI format is used, a port may only be specified on the target if the -3 option is used.

Options

-3 

Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. Note that, when using the legacy SCP protocol (via the -O flag), this option selects batch mode for the second host as scp cannot ask for passwords or passphrases for both hosts. This mode is the default.

-4 

Forces scp to use IPv4 addresses only.

-6 

Forces scp to use IPv6 addresses only.

-A 

Allows forwarding of ssh-agent to the remote system. The default is not to forward an authentication agent.

-B 

Selects batch mode (prevents asking for passwords or passphrases).

-C 

Enables compression. Passes the -C flag to secsh to enable compression.

-c cypher 

Selects the cipher to use for encrypting the data transfer. This option is directly passed to secsh.

-D sftp_server_path 

Connect directly to a local SFTP server program rather than a remote one via ssh. This option may be useful in debugging the client and server.

-F ssh_config 

Specifies an alternative per-user configuration file for secsh. This option is directly passed to secsh.

-i identity_file 

Selects the file from which the identity (private key) for RSA authentication is read. This option is directly passed to secsh.

-J destination 

Connect to the target host by first making an scp connection to the jump host described by destination and then establishing a TCP forwarding to the ultimate destination from there. Multiple jump hops may be specified separated by comma characters. This is a shortcut to specify a ProxyJump configuration directive. This option is directly passed to secsh.

-l limit 

Limits the used bandwith to a specified limit, given in Kbit/s.

-O 

Use the legacy SCP protocol for file transfers instead of the SFTP protocol. Forcing the use of the SCP protocol may be necessary for servers that do not implement SFTP, for backwards- compatibility for particular filename wildcard patterns and for expanding paths with a ~ prefix for older SFTP servers.

-o option 

Can be used to pass options to ssh in the format used in ssh_config. This is useful for specifying options for which there is no separate scp command-line flag. For full details of the options listed below, and their possible values, see ssh_config.

AddressFamily
BatchMode
BindAddress
BindInterface
CanonicalDomains
CanonicalizeFallbackLocal
CanonicalizeHostname
CanonicalizeMaxDots
CanonicalizePermittedCNAMEs
CASignatureAlgorithms
CertificateFile
CheckHostIP
Ciphers
Compression
ConnectionAttempts
ConnectTimeout
ControlMaster
ControlPath
ControlPersist
GlobalKnownHostsFile
GSSAPIAuthentication
GSSAPIDelegateCredentials
HashKnownHosts
Host
HostbasedAcceptedAlgorithms
HostbasedAuthentication
HostKeyAlgorithms
HostKeyAlias
Hostname
IdentitiesOnly
IdentityAgent
IdentityFile
IPQoS
KbdInteractiveAuthentication
KbdInteractiveDevices
KexAlgorithms
KnownHostsCommand
LogLevel
MACs
NoHostAuthenticationForLocalhost
NumberOfPasswordPrompts
PasswordAuthentication
PKCS11Provider
Port
PreferredAuthentications
ProxyCommand
ProxyJump
PubkeyAcceptedAlgorithms
PubkeyAuthentication
RekeyLimit
RequiredRSASize
SendEnv
ServerAliveInterval
ServerAliveCountMax
SetEnv
StrictHostKeyChecking
TCPKeepAlive
UpdateHostKeys
User
UserKnownHostsFile
VerifyHostKeyDNS

-P port 

Specifies the port to connect to on the remote host. Note that this option is written with a capital P, because -p is already reserved for preserving the times and mode bits of the file.

-p 

Preserves modification times, access times, and modes from the original file.

-q 

Disables the progress meter.

-R 

Copies between two remote hosts are performed by connecting to the origin host and executing scp there. This requires that scp running on the origin host can authenticate to the destination host without requiring a password.

-r 

Recursively copies entire directories.

-S program 

Specifies the name of the program to use for the encrypted connection. The program must understand secsh options.

-T 

Disable strict filename checking. By default when copying files from a remote host to a local directory scp checks that the received filenames match those requested on the command-line to prevent the remote end from sending unexpected or unwanted files. Because of differences in how various operating systems and shells interpret filename wildcards, these checks may cause wanted files to be rejected. This option disables these checks at the expense of fully trusting that the server will not send unexpected filenames.

-v 

Verbose mode. Causes scp and secsh to print debugging messages about their progress. This is helpful in debugging connection, authentication, and configuration problems.

-X sftp_option 

Specify an option that controls aspects of SFTP protocol behaviour. The valid options are:

nrequests=value 

Controls how many concurrent SFTP read or write requests may be in progress at any point in time during a download or upload. By default 64 requests may be active concurrently.

buffer=value 

Controls the maximum buffer size for a single SFTP read/write operation used during download or upload. By default a 32KB buffer is used.

---

AUTHORS

Timo Rinne <tri@iki.fi> and Tatu Ylonen <ylo@cs.hut.fi>

---

HISTORY

scp is based on the rcp program in source code from the Regents of the University of California.

Since OpenSSH 9.0, scp has used the SFTP protocol for transfers by default.

---

CAVEATS

The legacy SCP protocol (selected by the -O flag) requires execution of the remote user's shell to perform glob() pattern matching. This requires careful quoting of any characters that have special meaning to the remote shell, such as quote characters.

---

PORTABILITY

All UNIX systems. Windows 10. Windows Server 2016. Windows Server 2019. Windows 11. Windows Server 2022. Windows Server 2025.

---

AVAILABILITY

PTC MKS Toolkit for System Administrators
PTC MKS Toolkit for Developers
PTC MKS Toolkit for Interoperability
PTC MKS Toolkit for Professional Developers
PTC MKS Toolkit for Professional Developers 64-Bit Edition
PTC MKS Toolkit for Enterprise Developers
PTC MKS Toolkit for Enterprise Developers 64-Bit Edition

---

SEE ALSO

Commands:

rcp, secsh, secsh-add, secsh-agent, secshd, secsh-keygen, sftp

PTC MKS Toolkit Connectivity Solutions Guide

---

PTC MKS Toolkit 10.5 Documentation Build 40.