Once you've got a console window to type into, you can just type pscp
on its own to bring up a usage message. This tells you the version of PSCP you're using, and gives you a brief summary of how to use PSCP:
Z:\owendadmin>pscp PuTTY Secure Copy client Release 0.50 Usage: pscp [options] [user@]host:source target pscp [options] source [source...] [user@]host:target pscp [options] -ls user@host:filespec Options: -p preserve file attributes -q quiet, don't show statistics -r copy directories recursively -v show verbose messages -P port connect to specified port -pw passw login with specified password
(PSCP's interface is much like the Unix scp
command, if you're familiar with that.)
To receive (a) file(s) from a remote server:
pscp [options] [user@]host:source target
So to copy the file /etc/hosts
from the server example.com
as user fred
to the file c:\temp\example-hosts.txt
, you would type:
pscp fred@example.com:/etc/hosts c:\temp\example-hosts.txt
To send (a) file(s) to a remote server:
pscp [options] source [source...] [user@]host:target
So to copy the local file c:\documents\csh-whynot.txt
to the server example.com
as user fred
to the file /tmp/csh-whynot
you would type:
pscp c:\documents\csh-whynot.txt fred@example.com:/tmp/csh-whynot
You can use wildcards to transfer multiple files in either direction, like this:
pscp c:\documents\*.doc fred@example.com:docfiles pscp fred@example.com:source/*.c c:\source
However, in the second case (using a wildcard for multiple remote files) you may see a warning like this:
warning: remote host tried to write to a file called 'terminal.c' when we requested a file called '*.c'. If this is a wildcard, consider upgrading to SSH 2 or using the '-unsafe' option. Renaming of this file has been disallowed.
This is due to a fundamental insecurity in the old-style SCP protocol: the client sends the wildcard string (*.c
) to the server, and the server sends back a sequence of file names that match the wildcard pattern. However, there is nothing to stop the server sending back a different pattern and writing over one of your other files: if you request *.c
, the server might send back the file name AUTOEXEC.BAT
and install a virus for you. Since the wildcard matching rules are decided by the server, the client cannot reliably verify that the filenames sent back match the pattern.
PSCP will attempt to use the newer SFTP protocol (part of SSH 2) where possible, which does not suffer from this security flaw. If you are talking to an SSH 2 server which supports SFTP, you will never see this warning.
If you really need to use a server-side wildcard with an SSH 1 server, you can use the -unsafe
command line option with PSCP:
pscp -unsafe fred@example.com:source/*.c c:\source
This will suppress the warning message and the file transfer will happen. However, you should be aware that by using this option you are giving the server the ability to write to any file in the target directory, so you should only use this option if you trust the server administrator not to be malicious (and not to let the server machine be cracked by malicious people).
user
The login name on the remote server. If this is omitted, and host
is a PuTTY saved session, PSCP will use any username specified by that saved session. Otherwise, PSCP will attempt to use the local Windows username.
host
The name of the remote server, or the name of an existing PuTTY saved session. In the latter case, the session's settings for hostname, port number, cipher type and username will be used.
source
One or more source files. Wildcards are allowed. The syntax of wildcards depends on the system to which they apply, so if you are copying from a Windows system to a UNIX system, you should use Windows wildcard syntax (e.g. *.*
), but if you are copying from a UNIX system to a Windows system, you would use the wildcard syntax allowed by your UNIX shell (e.g. *
).
If the source is a remote server and you do not specify a full pathname (in UNIX, a pathname beginning with a /
(slash) character), what you specify as a source will be interpreted relative to your home directory on the remote server.
target
The filename or directory to put the file(s). When copying from a remote server to a local host, you may wish simply to place the file(s) in the current directory. To do this, you should specify a target of .
. For example:
pscp fred@example.com:/home/tom/.emacs .
...would copy /home/tom/.emacs
on the remote server to the current directory.
As with the source
parameter, if the target is on a remote server and is not a full path name, it is interpreted relative to your home directory on the remote server.
These are the command line options that PSCP accepts.
-p
preserve file attributesBy default, files copied with PSCP are timestamped with the date and time they were copied. The -p
option preserves the original timestamp on copied files.
-q
quiet, don't show statisticsBy default, PSCP displays a meter displaying the progress of the current transfer:
mibs.tar | 168 kB | 84.0 kB/s | ETA: 00:00:13 | 13%
The fields in this display are (from left to right), filename, size (in kilobytes) of file transferred so far, estimate of how fast the file is being transferred (in kilobytes per second), estimated time that the transfer will be complete, and percentage of the file so far transferred. The -q
option to PSCP suppresses the printing of these statistics.
-r
copies directories recursivelyBy default, PSCP will only copy files. Any directories you specify to copy will be skipped, as will their contents. The -r
option tells PSCP to descend into any directories you specify, and to copy them and their contents. This allows you to use PSCP to transfer whole directory structures between machines.
-v
show verbose messagesThe -v
option to PSCP makes it print extra information about the file transfer. For example:
Logging in as "fred". fred@example.com's password: Sending command: scp -v -f mibs.tar Connected to example.com Sending file modes: C0644 1320960 mibs.tar mibs.tar | 1290 kB | 67.9 kB/s | ETA: 00:00:00 | 100% Remote exit status 0 Closing connection
This information may be useful for debugging problems with PSCP.
-P port
connect to specified portIf the host
you specify is a saved session, PSCP uses any port number specified in that saved session. If not, PSCP uses the default SSH port, 22. The -P
option allows you specify the port number to connect to for PSCP's SSH connection.
-pw passw
login with specified passwordIf a password is required to connect to the host
, PSCP will interactively prompt you for it. However, this may not always be appropriate. If you are running PSCP as part of some automated job, it will not be possible to enter a password by hand. The -pw
option to PSCP lets you specify the password to use on the command line.
Since specifying passwords in scripts is a bad idea for security reasons, you might want instead to consider using public-key authentication; see section 4.2.4.
PSCP returns an ERRORLEVEL
of zero (success) only if the files were correctly transferred. You can test for this in a batch file, using code such as this:
pscp file*.* user@hostname: if errorlevel 1 echo There was an error
Like PuTTY, PSCP can authenticate using a public key instead of a password. There are two ways you can do this.
Firstly, PSCP can use PuTTY saved sessions in place of hostnames (see section 4.2.1.2). So you would do this:
pscp sessionname:file localfile
, where sessionname
is replaced by the name of your saved session.Secondly, PSCP will attempt to authenticate using Pageant if Pageant is running (see chapter 7). So you would do this:
For more general information on public-key authentication, see chapter 6.