X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/75bae1395a48cf9d15bcf8514189a348f623c022..39a938f7a5e16b4be9bee493251238710fbff396:/doc/pscp.but diff --git a/doc/pscp.but b/doc/pscp.but index b9fd4bdd..e5f1778c 100644 --- a/doc/pscp.but +++ b/doc/pscp.but @@ -1,4 +1,4 @@ -\versionid $Id: pscp.but,v 1.17 2001/09/24 22:00:46 simon Exp $ +\define{versionidpscp} \versionid $Id$ \#FIXME: Need examples @@ -7,6 +7,10 @@ \i{PSCP}, the PuTTY Secure Copy client, is a tool for transferring files securely between computers using an SSH connection. +If you have an SSH 2 server, you might prefer PSFTP (see \k{psftp}) +for interactive use. PSFTP does not in general work with SSH 1 +servers, however. + \H{pscp-starting} Starting PSCP PSCP is a command line application. This means that you cannot just @@ -37,17 +41,27 @@ use PSCP: \c Z:\owendadmin>pscp \c PuTTY Secure Copy client -\c Release 0.50 +\c Release 0.XX \c Usage: pscp [options] [user@]host:source target -\c pscp [options] source [source...] [user@]host:target -\c pscp [options] -ls user@host:filespec +\c pscp [options] source [source...] [user@]host:target +\c pscp [options] -ls [user@]host:filespec \c Options: \c -p preserve file attributes \c -q quiet, don't show statistics \c -r copy directories recursively \c -v show verbose messages +\c -load sessname Load settings from saved session \c -P port connect to specified port +\c -l user connect with specified username \c -pw passw login with specified password +\c -1 -2 force use of particular SSH protocol version +\c -C enable compression +\c -i key private key file for authentication +\c -batch disable all interactive prompts +\c -unsafe allow server-side wildcards (DANGEROUS) +\c -V print version information +\c -sftp force use of SFTP protocol +\c -scp force use of SCP protocol (PSCP's interface is much like the Unix \c{scp} command, if you're familiar with that.) @@ -67,11 +81,11 @@ To send (a) file(s) to a remote server: \c pscp [options] source [source...] [user@]host:target -So to copy the local file \c{c:\\documents\\csh-whynot.txt} to the -server \c{example.com} as user \c{fred} to the file -\c{/tmp/csh-whynot} you would type: +So to copy the local file \c{c:\\documents\\foo.txt} to the server +\c{example.com} as user \c{fred} to the file \c{/tmp/foo} you would +type: -\c pscp c:\documents\csh-whynot.txt fred@example.com:/tmp/csh-whynot +\c pscp c:\documents\foo.txt fred@example.com:/tmp/foo You can use wildcards to transfer multiple files in either direction, like this: @@ -80,12 +94,11 @@ direction, like this: \c pscp fred@example.com:source/*.c c:\source However, in the second case (using a wildcard for multiple remote -files) you may see a warning like this: - -\c warning: remote host tried to write to a file called 'terminal.c' -\c when we requested a file called '*.c'. -\c If this is a wildcard, consider upgrading to SSH 2 or using -\c the '-unsafe' option. Renaming of this file has been disallowed. +files) you may see a warning saying something like \q{warning: +remote host tried to write to a file called 'terminal.c' when we +requested a file called '*.c'. If this is a wildcard, consider +upgrading to SSH 2 or using the '-unsafe' option. Renaming of this +file has been disallowed}. This is due to a fundamental insecurity in the old-style SCP protocol: the client sends the wildcard string (\c{*.c}) to the @@ -101,7 +114,8 @@ pattern. PSCP will attempt to use the newer SFTP protocol (part of SSH 2) where possible, which does not suffer from this security flaw. If you are talking to an SSH 2 server which supports SFTP, you will -never see this warning. +never see this warning. (You can force use of the SFTP protocol, +if available, with \c{-sftp} - see \k{pscp-usage-options-backend}.) If you really need to use a server-side wildcard with an SSH 1 server, you can use the \c{-unsafe} command line option with PSCP: @@ -160,6 +174,14 @@ directory on the remote server. \S{pscp-usage-options} Options +PSCP accepts all the general command line options supported by the +PuTTY tools, except the ones which make no sense in a file transfer +utility. See \k{using-general-opts} for a description of these +options. (The ones not supported by PSCP are clearly marked.) + +PSCP also supports some of its own options. The following sections +describe PSCP's specific command-line options. + These are the command line options that PSCP accepts. \S2{pscp-usage-options-p}\c{-p} preserve file attributes @@ -173,7 +195,7 @@ timestamp on copied files. By default, PSCP displays a meter displaying the progress of the current transfer: -\c mibs.tar | 168 kB | 84.0 kB/s | ETA: 00:00:13 | 13% +\c mibs.tar | 168 kB | 84.0 kB/s | ETA: 00:00:13 | 13% The fields in this display are (from left to right), filename, size (in kilobytes) of file transferred so far, estimate of how fast the @@ -190,43 +212,49 @@ PSCP to descend into any directories you specify, and to copy them and their contents. This allows you to use PSCP to transfer whole directory structures between machines. -\S2{pscp-usage-options-v}\c{-v} show \i{verbose} messages +\S2{pscp-usage-options-batch}\c{-batch} avoid interactive prompts -The \c{-v} option to PSCP makes it print extra information about the -file transfer. For example: +If you use the \c{-batch} option, PSCP will never give an +interactive prompt while establishing the connection. If the +server's host key is invalid, for example (see \k{gs-hostkey}), then +the connection will simply be abandoned instead of asking you what +to do next. -\c Logging in as "fred". -\c fred@example.com's password: -\c Sending command: scp -v -f mibs.tar -\c Connected to example.com -\c Sending file modes: C0644 1320960 mibs.tar -\c mibs.tar | 1290 kB | 67.9 kB/s | ETA: 00:00:00 | 100% -\c Remote exit status 0 -\c Closing connection +This may help PSCP's behaviour when it is used in automated +scripts: using \c{-batch}, if something goes wrong at connection +time, the batch job will fail rather than hang. -This information may be useful for debugging problems with PSCP. +\S2{pscp-usage-options-backend}\c{-sftp}, \c{-scp} force use of +particular protocol -\S2{pscp-usage-options-P}\c{-P port} connect to specified \i{port} +As mentioned in \k{pscp-usage-basics}, there are two different file +transfer protocols in use with SSH. Despite its name, PSCP (like many +other ostensible \cw{scp} clients) can use either of these protocols. -If the \c{host} you specify is a saved session, PSCP uses any port -number specified in that saved session. If not, PSCP uses the default -SSH port, 22. The \c{-P} option allows you specify the port number to -connect to for PSCP's SSH connection. +The older SCP protocol does not have a written specification and +leaves a lot of detail to the server platform. Wildcards are expanded +on the server. The simple design means that any wildcard specification +supported by the server platform (such as brace expansion) can be +used, but also leads to interoperability issues such as with filename +quoting (for instance, where filenames contain spaces), and also the +security issue described in \k{pscp-usage-basics}. -\S2{pscp-usage-options-pw}\c{-pw passw} login with specified \i{password} +The newer SFTP protocol, which is usually associated with SSH 2 +servers, is specified in a more platform independent way, and leaves +issues such as wildcard syntax up to the client. This makes it more +consistent across platforms, more suitable for scripting and +automation, and avoids security issues with wilcard matching. -If a password is required to connect to the \c{host}, PSCP will -interactively prompt you for it. However, this may not always be -appropriate. If you are running PSCP as part of some automated job, -it will not be possible to enter a password by hand. The \c{-pw} -option to PSCP lets you specify the password to use on the command -line. +Normally PSCP will attempt to use the SFTP protocol, and only fall +back to the SCP protocol if SFTP is not available on the server. -Since specifying passwords in scripts is a bad idea for security -reasons, you might want instead to consider using public-key -authentication; see \k{pscp-pubkey}. +The \c{-scp} option forces PSCP to use the SCP protocol or quit. -\S{pscp-pubkey} Return value +The \c{-sftp} option forces PSCP to use the SFTP protocol or quit. +When this option is specified, PSCP looks harder for an SFTP server, +which may allow use of SFTP with SSH 1 depending on server setup. + +\S{pscp-retval} Return value PSCP returns an \cw{ERRORLEVEL} of zero (success) only if the files were correctly transferred. You can test for this in a batch file, @@ -238,7 +266,7 @@ using code such as this: \S{pscp-pubkey} Using public key authentication with PSCP Like PuTTY, PSCP can authenticate using a public key instead of a -password. There are two ways you can do this. +password. There are three ways you can do this. Firstly, PSCP can use PuTTY saved sessions in place of hostnames (see \k{pscp-usage-basics-host}). So you would do this: @@ -252,7 +280,11 @@ username to log in as (see \k{config-username}). hostname: type \c{pscp sessionname:file localfile}, where \c{sessionname} is replaced by the name of your saved session. -Secondly, PSCP will attempt to authenticate using Pageant if Pageant +Secondly, you can supply the name of a private key file on the command +line, with the \c{-i} option. See \k{using-cmdline-identity} for more +information. + +Thirdly, PSCP will attempt to authenticate using Pageant if Pageant is running (see \k{pageant}). So you would do this: \b Ensure Pageant is running, and has your private key stored in it. @@ -262,9 +294,3 @@ automatically detect Pageant and try to use the keys within it. For more general information on public-key authentication, see \k{pubkey}. - -\H{pscp-ixplorer} \i{Secure iXplorer} - -Lars Gunnarson has written a graphical interface for PSCP. You can -get it from his web site, at -\W{http://www.i-tree.org/}{www.i-tree.org}.