Tuesday, May 24, 2011

Secure Copy or SCP

Secure Copy or SCP is a means of securely transferring computer files between a local and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol.
The term SCP can refer to one of two related things, the SCP protocol or the SCP program.
Reference: www.wikipedia.org

SCP protocol

The SCP protocol is a network protocol that supports file transfers. The SCP protocol, which runs on port 22, is based on the BSD RCP protocol which is tunneled through the Secure Shell (SSH) protocol to provide encryption and authentication. SCP might not even be considered a protocol itself, but merely a combination of RCP and SSH. The RCP protocol performs the file transfer and the SSH protocol performs authentication and encryption. SCP protects the authenticity and confidentiality of the data in transit. It hinders the ability for packet sniffers to extract usable information from the data packets.

How it works

For upload, the client feeds the server with files to be uploaded, optionally including their basic attributes (permissions, timestamps). This is an advantage over the common FTP protocol, which does not have provision for uploads to include the original date/timestamp attribute.
For downloads, the client sends a request for files or directories to be downloaded. When downloading a directory, the server feeds the client with its subdirectories and files. Thus the download is server-driven, which imposes a security risk when connected to a malicious server.

SCP program

The SCP program is a software tool implementing the SCP protocol as a service daemon or client. It is a program to perform secure copying. The SCP server program is typically the same program as the SCP client.
Perhaps the most widely used SCP program is the command line scp program, which is provided in most SSH implementations. The scp program is the secure analog of the rcp command. The scp program must be part of all SSH servers that want to provide SCP service, as scp functions as SCP server too.
Some SSH implementations provide the scp2 program, which uses the SFTP protocol instead of SCP, but provides the very same command line interface as scp. scp is then typically a symbolic link to scp2.
Typically, a syntax of scp program is like the syntax of cp:
Copying file to host:

scp SourceFile user@host:directory/TargetFile

Copying file from host:
scp user@host:/directory/SourceFile TargetFile
scp user@host:/directory/SourceFile TargetFolder

Note that if the remote host uses a port other than the default of 22, you can specify it in the command. For example, copying a file from host:
scp -P 2222 user@host:directory/SourceFile TargetFile

As the SCP protocol implements file transfers only, GUI SCP clients are rare, as implementing it requires additional functionality (directory listing at least). For example, WinSCP defaults to the SFTP protocol. Even when operating in SCP mode, clients like WinSCP are typically not pure SCP clients, as they must use other means to implement the additional functionality (like the ls command). This in turn brings platform-dependency problems. Thus it may not be possible to work with a particular SCP server using a GUI SCP client, even if you are able to work with the same server using a traditional command line client.
More comprehensive tools for managing files over SSH are SFTP clients.

No comments:

Post a Comment