diff options
Diffstat (limited to 'scp.1')
| -rw-r--r-- | scp.1 | 102 |
1 files changed, 63 insertions, 39 deletions
@@ -8,39 +8,26 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.66 2015/01/30 11:43:14 djm Exp $ +.\" $OpenBSD: scp.1,v 1.89 2020/04/30 18:28:37 jmc Exp $ .\" -.Dd $Mdocdate: January 30 2015 $ +.Dd $Mdocdate: April 30 2020 $ .Dt SCP 1 .Os .Sh NAME .Nm scp -.Nd secure copy (remote file copy program) +.Nd OpenSSH secure file copy .Sh SYNOPSIS .Nm scp -.Bk -words -.Op Fl 12346BCpqrv +.Op Fl 346BCpqrTv .Op Fl c Ar cipher .Op Fl F Ar ssh_config .Op Fl i Ar identity_file +.Op Fl J Ar destination .Op Fl l Ar limit .Op Fl o Ar ssh_option .Op Fl P Ar port .Op Fl S Ar program -.Sm off -.Oo -.Op Ar user No @ -.Ar host1 : -.Oc Ar file1 -.Sm on -.Ar ... -.Sm off -.Oo -.Op Ar user No @ -.Ar host2 : -.Oc Ar file2 -.Sm on -.Ek +.Ar source ... target .Sh DESCRIPTION .Nm copies files between hosts on a network. @@ -53,31 +40,44 @@ same security as will ask for passwords or passphrases if they are needed for authentication. .Pp -File names may contain a user and host specification to indicate -that the file is to be copied to/from that host. +The +.Ar source +and +.Ar target +may be specified as a local pathname, a remote host with optional path +in the form +.Sm off +.Oo user @ Oc host : Op path , +.Sm on +or a URI in the form +.Sm off +.No scp:// Oo user @ Oc host Oo : port Oc Op / path . +.Sm on Local file names can be made explicit using absolute or relative pathnames to avoid .Nm treating file names containing .Sq :\& as host specifiers. -Copies between two remote hosts are also permitted. +.Pp +When copying between two remote hosts, if the URI format is used, a +.Ar port +may only be specified on the +.Ar target +if the +.Fl 3 +option is used. .Pp The options are as follows: .Bl -tag -width Ds -.It Fl 1 -Forces -.Nm -to use protocol 1. -.It Fl 2 -Forces -.Nm -to use protocol 2. .It Fl 3 Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. -Note that this option disables the progress meter. +Note that this option disables the progress meter and selects batch mode +for the second host, since +.Nm +cannot ask for passwords or passphrases for both hosts. .It Fl 4 Forces .Nm @@ -110,6 +110,19 @@ Selects the file from which the identity (private key) for public key authentication is read. This option is directly passed to .Xr ssh 1 . +.It Fl J Ar destination +Connect to the target host by first making an +.Nm +connection to the jump host described by +.Ar destination +and then establishing a TCP forwarding to the ultimate destination from +there. +Multiple jump hops may be specified separated by comma characters. +This is a shortcut to specify a +.Cm ProxyJump +configuration directive. +This option is directly passed to +.Xr ssh 1 . .It Fl l Ar limit Limits the used bandwidth, specified in Kbit/s. .It Fl o Ar ssh_option @@ -128,17 +141,18 @@ For full details of the options listed below, and their possible values, see .It AddressFamily .It BatchMode .It BindAddress +.It BindInterface .It CanonicalDomains .It CanonicalizeFallbackLocal .It CanonicalizeHostname .It CanonicalizeMaxDots .It CanonicalizePermittedCNAMEs +.It CASignatureAlgorithms +.It CertificateFile .It ChallengeResponseAuthentication .It CheckHostIP -.It Cipher .It Ciphers .It Compression -.It CompressionLevel .It ConnectionAttempts .It ConnectTimeout .It ControlMaster @@ -153,9 +167,10 @@ For full details of the options listed below, and their possible values, see .It HostbasedKeyTypes .It HostKeyAlgorithms .It HostKeyAlias -.It HostName -.It IdentityFile +.It Hostname .It IdentitiesOnly +.It IdentityAgent +.It IdentityFile .It IPQoS .It KbdInteractiveAuthentication .It KbdInteractiveDevices @@ -168,19 +183,18 @@ For full details of the options listed below, and their possible values, see .It PKCS11Provider .It Port .It PreferredAuthentications -.It Protocol .It ProxyCommand +.It ProxyJump +.It PubkeyAcceptedKeyTypes .It PubkeyAuthentication .It RekeyLimit -.It RhostsRSAAuthentication -.It RSAAuthentication .It SendEnv .It ServerAliveInterval .It ServerAliveCountMax +.It SetEnv .It StrictHostKeyChecking .It TCPKeepAlive .It UpdateHostKeys -.It UsePrivilegedPort .It User .It UserKnownHostsFile .It VerifyHostKeyDNS @@ -211,6 +225,16 @@ to use for the encrypted connection. The program must understand .Xr ssh 1 options. +.It Fl T +Disable strict filename checking. +By default when copying files from a remote host to a local directory +.Nm +checks that the received filenames match those requested on the command-line +to prevent the remote end from sending unexpected or unwanted files. +Because of differences in how various operating systems and shells interpret +filename wildcards, these checks may cause wanted files to be rejected. +This option disables these checks at the expense of fully trusting that +the server will not send unexpected filenames. .It Fl v Verbose mode. Causes |