How to Use the SCP Command to Securely Transfer Files in Linux

You probably already know that to copy a file is the CP command. But there’s another command, too: the SCP command. The SCP command is the “secured copy” command, but most people would probably refer to it as an “upload” or “download” function. The SCP command is used to transfer data between local and remote systems or between two remote systems.

Why do you need to use the SCP command?

If you know how to use the CP command, you know how to copy directories in Linux on a local computer. But sometimes the computers aren’t local. 

Whenever you transfer data over a network, you need your data encrypted. If your data isn’t properly encrypted and secured, others can steal it. Now, you might just be sending over data that isn’t very important, but that doesn’t mean that you shouldn’t always secure data — you could be surprised at what hackers can do when they can interfere with your information.

The SCP command is a little harder to use than the regular CP command, but that’s primarily because it requires host information to transfer the data, not because of the actual security. Because the SCP command is a little deprecated (discussed later), it’s most likely to come up in Linux interview questions rather than real-world scenarios.

How do you use the Linux SCP command?

The Linux SCP command is the same as the CP command except that it always requires host information, whereas the CP command only requires it when you’re transferring from network to network. You would use this command as follows:

$scp [user:host]<old_file> [user:host]<new_file>

What the above command will do is copy the <old_file> to the <new_file> using the user/host information that’s plotted out. To get your user host information, you’ll need access to the host machine.

While the SCP command does require host information, it only requires host information for the network locations. If you were copying a file from your own computer, for instance, you’d do this:

$scp <old_file> [user:host]<new_file>

Likewise, if you were copying a file from a network computer to your own computer, you’d do this:

$scp [user:host]<old_file> <new_file>

So, keep in mind the fact that you are going to need to know your username and your host when you try to copy files to and from a system.

Because you’re not so much copying as really downloading and uploading, you are likely to see that the file has been uploading for some time. You may get a progress bar if it’s taking a while. 

You can rename a file in Linux using the CP command, but if you’re using a remote host, you need to use SCP instead.

Logging into remote systems with SCP

You may have noticed that when you use SCP, you only put in a user name rather than a password. Of course, if you’ve secured your devices properly (or the other administrator has), every single user has a password. 

When copying a file from a remote location or copying files and directories to a remote location, you’ll be prompted to enter a password for the remote system.

You can get around this by having an SSH key-based authentication system with the remote server or remote host. An SSH key-based system will let you copy multiple files or download a file locally without having to enter your password over and over again. You will already be using a Secure Shell system with SCP, but the key-based system enables you to use it without having to enter in credentials each time.

Options when using SCP with Linux

There are a few important options when using SCP with Linux. When you’re moving files locally, you really need to pay attention to -r (recursive) and -a (all). But here’s what you need to think about with SCP:

• -r. This will recursively copy entire directories, which means that it will also copy over subdirectories. You usually want to use this flag.
• -C. This flag will ensure that the files are properly compressed.
• -l. This flag limits the amount of bandwidth that’s used during the transfer.
• -o. This flag is the ssh_option flag; it can pass options directly to the SSH module.
• -P. This flag can be used to select a port on the host.
• -p. This flag will ensure that metadata is still accessible on the original file.
• -q. This flag removes the progress meter, as well as any warnings or errors.
• -v. This flag makes warnings and errors more verbose.

Being aware of these options can help you with troubleshooting. If it seems as though your files or directories aren’t being copied correctly, you can use the verbose (-v) function to find out more. If you don’t want to go through the progress meter and want everything to happen silently, you can use the quiet (-q) command.

Alternatives and controversy with SCP

While SCP is still used frequently, especially when transferring small files quickly, it’s actually somewhat deprecated. Many people believe that SCP is not a great way to transfer files because it’s slow, cumbersome, and not as secure as it could be. Since Linux is primarily used for secure, efficient exchanges, that isn’t optimal.

Rsync is an alternative that’s frequently used, which also uses SSH. But although rsync does use SSH technology, it’s also known to be much faster and more efficient. rsync computes locally and then transfers as little data as possible, which is important for transferring large files or large volumes of files.

Another alternative is SFTP, which will be familiar to most people who have worked with servers. SFTP is a Secure File Transfer Protocol. SFTP is more interactive and easier to use than SCP and uses an interactive prompt system. Of course, if you’re using Linux with a GUI, you can also use a visual version of SFTP.

Transferring files is a big deal, which is why a lot of solutions are available such as Nat, Syncthing, Perkeep, and Magic Wormhole. These applications can make it easier to transfer files without having to do everything through the command line. 

When and why to use the Linux SCP command

As you can see, you can use the Linux SCP command any time you want to upload files to a remote location, download files from a remote location, or move files from one remote location to another. You will need the appropriate credentials to do so. SCP is a more secure method of file transfer than CP.

However, SCP is not the ideal solution for copying files or copying a directory in Linux; SFTP and rsync are both more frequently used. If you’re concerned about security or efficiency, you should use one of these other options. While there are many options in Linux, many of them are depreciated; the only way to know which commands are truly best is to educate yourself on how Linux is used. Feel free to explore the realms of Linux further with Udemy’s Linux courses where you can get started learning basic skills or master your understanding of Linux for either personal growth or career progression.