1. Overview

When we need to move files between Linux systems securely, the scp command is our go-to tool. It’s like copying files from one system and pasting them into another but using encryption to keep data safe while it’s being transferred over the network.

Usually, scp uses the default SSH port 22, but sometimes, we may set up our network to use a different port for SSH connections. This can be for security reasons or due to specific configurations.

In this tutorial, we’ll explain the scp command and explore some easy-to-follow examples of using it with different ports.

2. scp and Non-Default Ports

To effectively use scp, it’s important to understand how it interacts with SSH ports.

Let’s briefly look into using the scp command with a custom port and explore the concept of default and custom SSH ports.

2.1. Basic Syntax

The scp command is a powerful tool for securely transferring files between systems, but specifying the correct port number is crucial.

Although scp uses the default SSH port 22, we can easily switch to a different port using the P option:

scp -P <port_number> <options> <username>@source <username>@destination

Let’s break down the above syntax:

  • -P <port_number>: this is the part that tells scp to use a specific port number other than the default 22
  • <options>: any other option we may want to use with the scp command
  • <username>@source: the source file or directory
  • <username@destination: this is the destination file or directory

By specifying the port number, we ensure the scp command works, even if the remote server uses a non-default port for SSH connections.

2.2. Default Port vs. Custom Port

While port 22 is the usual go-to for scp, sometimes our SSH server might be listening on a different port. There are a couple of reasons why we might do this:

  • Beefing up security: By changing the default port, we can make it harder for unauthorized users to try and guess our SSH connection.
  • Working around the firewall: Network rules might sometimes block access to port 22, but switching to a custom port can help us bypass those restrictions.

Knowing whether our SSH server uses a custom port is key to using scp effectively. If we’re not sure, we can check with our system administrator or look at our server’s SSH configuration.

3. Using the -P Option

As mentioned earlier, the -P option is key to using scp when our server isn’t listening on the default port 22. We can easily transfer files by adding -P followed by the correct port number.

3.1. Usage

Let’s assume our SSH server is on port 2222:

$ scp -P 2222 my_document.txt baeldung@remote_host:/home/baeldung/documents/

This command instructs scp to copy my_document.txt to the remote_host server using port 2222.

Similarly, to download a file from a remote server using a custom port, we simply swap the source and destination:

$ scp -P 2222 baeldung@remote_host:/home/baeldung/documents/report.pdf ./

Here, -P 2222 specifies the custom port number for the connection. scp copies the file report.pdf from the remote server and sends it to the current directory.

Moreover, to copy a directory and all its content, we add the -r flag for recursive copying:

$ scp -P 2222 -r /local/path/to/files/* baeldung@remote_host:/home/baeldung/backup/

In this scenario, scp transfers the entire directory and its content to the remote server on port 2222.

Furthermore, the -P option isn’t limited to single files. In fact, we can also use it when transferring multiple files:

$ scp -P 2222 /home/baeldung/file1.txt /home/baeldung/file2.txt baeldung@remote_host:/home/baeldung/

In this example, both file1.txt and file2.txt are securely copied to the /home/baeldung/ directory on the remote server using port 2222.

We can also combine the -P option with other helpful scp options — for example, to compress the data before sending it (potentially speeding up the transfer) and get verbose output for troubleshooting:

$ scp -P 2222 -C -v important_data.zip baeldung@remote_host:/home/baeldung/archives/

Finally, by using the -P option, we unlock more flexibility of scp, enabling secure file transfer across various network configurations.

3.2. Common Mistakes

When using scp with custom ports, there are a few possible mistakes we need to look out for:

  • Forgetting the capital “P“: the -P option for specifying the port number must be capitalized, as using a lowercase “p” is interpreted as a different option altogether (preserving file timestamps)
  • Specifying the wrong port: we must double-check that we’re using the correct port number for the SSH server on the remote host, as a simple typo can lead to a “Connection refused” error
  • Firewall issues: firewalls can block non-standard ports, so we have to make sure the custom SSH port is open in our firewall settings
  • Wrong position of the -P option: the -P option needs to come before the file paths and usernames, as scp can’t understand anything otherwise
  • Not using quotation marks for safety: if our file paths or server names have spaces, we have to put them inside quotation marks to prevent scp from getting confused

By being mindful of these common pitfalls, we can avoid unnecessary frustration and ensure our file transfers go smoothly.

4. Simplifying With SSH Config File

Using the -P option whenever we want to scp to a server with a custom port can get tedious. Luckily, a handy tool called the SSH config file can make our lives easier.

The SSH config file, typically located at ~/.ssh/config, is like a personal address book for our remote servers. It enables us to store details like server nicknames, usernames, and, most importantly, custom ports.

This way, we can skip typing out all that information whenever we want to scp a file.

Moreover, the SSH config file is a plain text file where we can specify various parameters for different hosts. Each configuration entry begins with the Host keyword, followed by the HostName or a pattern that matches multiple hostnames.

Within each entry, we can define options such as the port number, username, and more.

Let’s take a peek at what an SSH config file might look like:

Host my_work_server1 
        User baeldung
        Port 2222

Host my_work_server2
        User nick
        Port 2222

Now, let’s break this down:

  • Host: this is the nickname given to our server that we can use instead of typing out the full server address
  • HostName: specifies the actual address (IP or domain name) of the server
  • User: this is the username we use to log in
  • Port: the SSH port number the server is listening on

By adding entries like this to our SSH config file, we can drastically simplify our scp commands.

For instance, instead of inputting all the details directly on the command line:

$ scp -P 2222 /home/baeldung/file.txt [email protected]:/home/baeldung/

We can write:

$ scp /home/user/file.txt my_work_server1:/home/baeldung/

The SSH config file does the heavy lifting, automatically filling in the port number, username, and hostname for us. This becomes even more powerful when managing multiple servers with different custom ports.

5. Conclusion

In this article, we’ve explored the ins and outs of using the scp command for secure file transfers. We’ve learned how to adapt scp to work with custom SSH ports using the -P option. This makes it easier to transfer files when our SSH server isn’t running on the default port 22.

We’ve also discovered how to use the SSH config file to streamline our workflow. By storing server information like usernames and custom ports, we can simplify our scp commands and avoid repetitive typing.

Armed with this knowledge, we’re now equipped to tackle a wide range of file transfer scenarios with confidence. Whether we’re managing multiple servers or just need to securely copy a few files, scp and its -P option have us covered.

Notify of
Inline Feedbacks
View all comments