Securely Transfer Files Using SCP Command
Transferring files to servers is a vital task in most software developers’ life. Usually, we use protocols like FTP (File Transfer Protocol), FTPS, SFTP to transfer files. In this tutorial, we are going to briefly discuss the available protocols and their differences. Also, the tutorial will explain how to transfer files from client to server, server to client and server to server using SCP.
What Are The Differences?
FTP is an old and insecure protocol that can be used to transfer files between local networks or computers connected through the Internet. However, FTP is not recommended to use to transfer files over the Internet anymore as it transfers usernames and passwords in cleartext. In addition to that, FTP provides an anonymous method that let you transfer files even without a username and password.
FTPS or FTP over SSL (Secure Socket Layer) is the same FTP but with an additional SSL layer to secure the connection. In FTPS, SSL has been implemented in two different methods called “implicit” and “explicit”. Implicit FTPS was the first attempt to secure the traditional, insecure FTP connections. Implicit FTP connections initiate a security negotiation using SSL before both authentication and file transfer. Then it uses the standard FTP to transfer the encrypted data.
The problem with Implicit FTP is, it is more strict and clients had to be compatible with it. Explicit FTP solves this compatibility issue by initiating the connection as a normal, insecure FTP connection over the standard port 21 and then it tries to upgrade it. So old, incompatible clients can still connect with the insecure method if it is allowed by the server.
SFTP or SSH File Transfer Protocol uses SSH to securely transfer files and directories over port 22.
SCP (Secure Copy Protocol)
Unlike FTP or FTPS protocols, SCP uses SSH (Secure Shell) protocol to transfer files. It is more popular in Unix based Operating Systems. One of the significant advantage of the
scp command which uses SCP protocol is, it can directly transfer files from server to server without downloading files/directories into an intermediate computer.
SCP Command Examples
Before trying out any of the below-mentioned commands, make sure that you can initiate a client to server SSH connection using this command. Replace the
server with your server’s actual username and IP address/domain name.
If you get any connection problems, check whether you have generated SSH keys in your client. If you have not yet done it, refer to the SSH Key Generation section of
this article. Then, make sure that your server public key is in the client’s
~/.ssh/known_hosts file and the client’s public key in the server’s
~/.ssh/authorized_keys file. If not you can just do it manually by copying and pasting or otherwise by using the
ssh-copy-id command from the client.
ssh-copy-id [email protected]
If you have multiple key pairs and need to copy a specific public key, mention it using
ssh-copy-id -i .ssh/id_rsa.pub [email protected]
Then, again try to connect to the server using the
ssh [email protected] command.
Client To Server (Local To Remote)
This command will copy the
file.txt file to the server’s home directory with the same name.
scp file.txt [email protected]:~/file.txt
If you need to copy directories recursively, use the
-r flag like this.
scp -r data_directory/ [email protected]:~/data_directory
Server To Client (Remote To Local)
This command will copy the
file.txt file in the server to the client.
scp [email protected]:~/file.txt file.txt
You can use the
-r flag as usual to copy directories.
Server To Server (Remote To Remote), Via Client
You can use the following command to copy a file (or directories with
-r flag) from server to server. But it will copy all the files and directories over the client.
scp -3 [email protected]_a:~/data.txt [email protected]_b:~/data.txt
Server To Server (Remote To Remote), Direct
This command will solve the above mentioned intermediate client problem. But most of the time it will not work until you make some changes. First, try to run the following command without the
-3 flag mentioned in the previous example like this.
scp [email protected]_a:~/data.txt [email protected]_b:~/data.txt
If it doesn’t work, do the following things.
- Select one server and assume it as a client.
- Generate SSH key pair as mention in the SSH Key Generation section of this article.
- Copy client’s (assumed client) public key to the server using the manual or
- Try to initiate an SSH connection from the client (assumed client) to the server.
Now you should be able to copy files and directories back and forth between the two servers without transferring them through the client.
Tip! DigitalOcean is giving away $200 free credits to build apps, host websites and explore many other services of their platform. Sign-up now!