SCP Port: Secure Copy Protocol Definition & Examples

Desirée Jaimovich July 14, 2022
- 7 min read

The SCP port has proven to be a very useful tool for SysAdmins. In short, the Secure Copy Protocol (SCP) is a method for securely transferring computer files between a local host and a remote host, or between two remote hosts. It is based on the Secure Shell (SSH) protocol.

 

 

In other words, SCP servers help you transfer files to and from servers, computers, and other networking devices using a secure SSH tunnel. 

File Transfer Protocol (FTP) and SCP protocol are both file transfer protocols but have some differences. FTP establishes a dual-port connection, which allows it to be fast and convenient but lacks security. In contrast, SCP runs on an SSH network, which makes it more secure but is limited to a single closed network and works for a single file transfer at a time.

Now, we are going to get technical, but the process it’s pretty straightforward.

How to use Secure Copy Protocol (SCP) to transfer files

The SCP client can upload files to the SSH server or request the download of files and directories for downloading.

SCP is a native command in most operating systems, such as macOS, Windows, or Linux. It can be found by typing the “scp” command on the computer. In the case of Windows, it could be helpful to install a transfer application such as PuTTy.

How to use SCP in a remote location

SCP can also be used remotely if a remote host is specified as both the source and the destination. In this sense, a file can be transferred from one remote directory to another directory that is on the same server. 

The SCP command is like this: 

scp xuser@thishost.com:/main/someuser/dira/file.txt xuser@thishost.com:/main/someuser/dirb

SCP can also be used when a file transfers from one host to another.

SCP ports

SCP port runs over TCP port 22 by default, which is also the same default port for SSH. Some system administrators choose to change this port, mainly for security reasons.

To choose a different port when using the SCP command, it is necessary to use -P switch followed by the port number selected. 

scp -P <Port> <User>@<IP/Host>:<File> <DestinationDirectory>

How to download or upload files using SCP on a different port?

If you want to change the default port, you should write the new port. For example, 80, after -P: so it would be “scp -P 80” and the rest of the command.

The -P flag is also required to upload files with SCP on a different port. Therefore, when uploading files, the file destination directory must also be placed at the end of the command.

How to download or upload directories using SCP on a different port?

The syntax is very similar when downloading directories, only that the -r flag must be added to the -P flag. Then, you should type “scp -rP 80” and the rest of the command.

It is necessary to add the r-flag, To upload directories using SCP with a different port, just as required when uploading files. 

How to modify the remote default SSH port?

To change the default SSH port, it is required to edit the SSH configuration file. To do so on most Linux distributions, it is necessary to run the following command:

sudo nano /etc/ssh/sshd_config

Then, you should look for the line containing “Port 22” and change it for the number of port you want to use with SCP. After the changes are saved. Later, restart the SSH service by running the following command: 

sudo systemctl restart ssh

The SCP command syntax

A basic SCP command syntax is as follows:

scp [OPTION] [user@]SRC_HOST:]file1 [user@]DEST_HOST:]file2

OPTION - SCP options include ssh configuration, ssh port, limit, and recursive copy, among other things.  

  • [user@]SRC_HOST:]file1: refers to the source file.

  • [user@]DEST_HOST:]file2: refers to the destination file.

Local files should be specified using an absolute or relative path, while remote file names must include a user and host specification.

The SCP command requires an SSH key or password to authenticate on the remote systems.

The colon (:) is how SCP distinguishes between local and remote locations.

Here's a screenshot of the SCP command on Windows:

Options and their meanings

  • -1: forces scp to use protocol 1. This is an older protocol.
  • -2: forces scp to use protocol 2. It is an older protocol.
  • -3: copies between two remote hosts are transferred through the local host. The data is copied directly between the two remote hosts without this option. 
  • -4: forces scp to use IPv4 addresses only.
  • -6: forces scp to use IPv6 addresses only.
  • -B: uses batch mode. SCP cannot authenticate the session by asking the user to introduce a password. That means a non-interactive authentication method is required. 
  • -C: This option enables compression, which passes the -C flag to ssh.
  • [-c cipher]: this alternative uses the cipher to encrypt the data transfer. 
  • [-F ssh_config]: specifies an alternative per-user configuration file for ssh. This option is directly passed to ssh.
  • [-i dentity_file]: it chooses the file which offers the key for RSA authentication.
  • [-I limit]: it can be used to determine the bandwidth.
  • [-o ssh_option]: it can be used to pass options to ssh in the format used in ssh_config. This is useful for specifying options for which there is no separate scp command-line flag.
  • -P port: determines the port number to connect to on the remote host. This option is written with a capital "P" because -p is reserved for preserving the times and modes of the file in rcp.
  • -p: preserves modification times, access times, and modes from the original file.
  • -q: disables the progress meter.
  • -r: it is used to copy entire directories recursively.
  • -S program: the program's name for the encrypted connection. The program must understand ssh options.

3 SCP command examples:

1. Copy a file from a local to a remote system

To copy a file from a local to a remote system, run the following command: 

scp file.txt remote_username@ 23.65. 75.88:/remote/directory

The “file.txt” is the name of the file you want to copy, whereas the remote_username is the user on the remote server, and 23.65.75.88 is the server IP address. 

Finally, the “/remote/directory” is the path to the directory where you want to copy the file. The file will be copied to the remote user's home directory if a remote directory is not specified. Also, if you want to save the file under a different name, it is necessary to establish that new name: 

scp file.txt remote_username@23.65.75.88:/remote/directory/newfilename.txt.

You can also change the SCP ports as previously mentioned. Otherwise, the default port will be 22.

2. Copy a remote file to a local system using the SCP command

To copy a file from a remote to a local system, you must use the remote location as a source and the local location as the destination. Using this command, in which we keep on using the same server IP address as in the last example:

scp remote_username@23.65.75.88:/remote/file.txt /local/directory

Then you will be required to enter the password, and the process will begin.

3. Copy a file between two remote systems using the SCP command

The following command will copy the file from the remote host to the directory/files on the remote machine: 

scp user1@host1.com:/files/file.txt user2@host2.com:/files

Afterward, you will be required to enter the password for both accounts.

Frequently Asked Questions

What is an SCP server?

An  SCP server refers to transferring data to an SSH server, which provides all the benefits of SSH: security, encryption, and confidentiality.

What's the main difference between SCP and RCP?

The Secure Copy Protocol (SCP) is a secure implementation of the RCP (Remote Copy Protocol), a protocol for transferring files across a network. The main difference between the SCP and the RCP is the security layer. 

What is the difference between CP and SCP?

CP and SCP are two different commands used to copy files, but the difference is that SCP protects the data while copying across an SSH (Secure Shell) connection by encrypting the files and the passwords.

Read other articles like this : Cybersecurity, Protocols

Evaluate InvGate as Your ITSM Solution

30-day free trial - No credit card needed