~mdw / sgt / putty / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Remove ghastly hack involving fxp_error_message.
[sgt/putty] / doc / pscp.but
CommitLineData
75bae139 1\versionid $Id: pscp.but,v 1.17 2001/09/24 22:00:46 simon Exp $
768ada0c 2
ded53fce 3\#FIXME: Need examples
768ada0c 4
e5b0d077 5\C{pscp} Using PSCP to transfer files securely
6
ffd64114 7\i{PSCP}, the PuTTY Secure Copy client, is a tool for transferring files
768ada0c 8securely between computers using an SSH connection.
9
10\H{pscp-starting} Starting PSCP
11
12PSCP is a command line application. This means that you cannot just
13double-click on its icon to run it and instead you have to bring up a
ffd64114 14\i{console window}. With Windows 95, 98, and ME, this is called an
768ada0c 15\q{MS-DOS Prompt} and with Windows NT and 2000 it is called a
16\q{Command Prompt}. It should be available from the Programs section
17of your Start Menu.
18
ffd64114 19To start PSCP it will need either to be on your \i{\c{PATH}} or in your
768ada0c 20current directory. To add the directory containing PSCP to your
21\c{PATH} environment variable, type into the console window:
22
8452efbc 23\c set PATH=C:\path\to\putty\directory;%PATH%
768ada0c 24
e35b2951 25This will only work for the lifetime of that particular console
26window. To set your \c{PATH} more permanently on Windows NT, use the
27Environment tab of the System Control Panel. On Windows 95, 98, and
28ME, you will need to edit your \c{AUTOEXEC.BAT} to include a \c{set}
29command like the one above.
768ada0c 30
31\H{pscp-usage} PSCP Usage
32
33Once you've got a console window to type into, you can just type
34\c{pscp} on its own to bring up a usage message. This tells you the
35version of PSCP you're using, and gives you a brief summary of how to
36use PSCP:
37
38\c Z:\owendadmin>pscp
39\c PuTTY Secure Copy client
40\c Release 0.50
41\c Usage: pscp [options] [user@]host:source target
42\c pscp [options] source [source...] [user@]host:target
43\c pscp [options] -ls user@host:filespec
44\c Options:
45\c -p preserve file attributes
46\c -q quiet, don't show statistics
47\c -r copy directories recursively
48\c -v show verbose messages
49\c -P port connect to specified port
50\c -pw passw login with specified password
51
52(PSCP's interface is much like the Unix \c{scp} command, if you're
53familiar with that.)
54
55\S{pscp-usage-basics} The basics
56
57To receive (a) file(s) from a remote server:
58
ded53fce 59\c pscp [options] [user@]host:source target
60
0b06900c 61So to copy the file \c{/etc/hosts} from the server \c{example.com} as
62user \c{fred} to the file \c{c:\\temp\\example-hosts.txt}, you would type:
ded53fce 63
64\c pscp fred@example.com:/etc/hosts c:\temp\example-hosts.txt
768ada0c 65
66To send (a) file(s) to a remote server:
67
ded53fce 68\c pscp [options] source [source...] [user@]host:target
69
0b06900c 70So to copy the local file \c{c:\\documents\\csh-whynot.txt} to the
71server \c{example.com} as user \c{fred} to the file
ded53fce 72\c{/tmp/csh-whynot} you would type:
73
74\c pscp c:\documents\csh-whynot.txt fred@example.com:/tmp/csh-whynot
768ada0c 75
a4196579 76You can use wildcards to transfer multiple files in either
77direction, like this:
78
79\c pscp c:\documents\*.doc fred@example.com:docfiles
80\c pscp fred@example.com:source/*.c c:\source
81
82However, in the second case (using a wildcard for multiple remote
83files) you may see a warning like this:
84
85\c warning: remote host tried to write to a file called 'terminal.c'
86\c when we requested a file called '*.c'.
87\c If this is a wildcard, consider upgrading to SSH 2 or using
88\c the '-unsafe' option. Renaming of this file has been disallowed.
89
90This is due to a fundamental insecurity in the old-style SCP
91protocol: the client sends the wildcard string (\c{*.c}) to the
92server, and the server sends back a sequence of file names that
93match the wildcard pattern. However, there is nothing to stop the
94server sending back a \e{different} pattern and writing over one of
95your other files: if you request \c{*.c}, the server might send back
96the file name \c{AUTOEXEC.BAT} and install a virus for you. Since
97the wildcard matching rules are decided by the server, the client
98cannot reliably verify that the filenames sent back match the
99pattern.
100
101PSCP will attempt to use the newer SFTP protocol (part of SSH 2)
102where possible, which does not suffer from this security flaw. If
103you are talking to an SSH 2 server which supports SFTP, you will
104never see this warning.
105
106If you really need to use a server-side wildcard with an SSH 1
107server, you can use the \c{-unsafe} command line option with PSCP:
108
109\c pscp -unsafe fred@example.com:source/*.c c:\source
110
111This will suppress the warning message and the file transfer will
112happen. However, you should be aware that by using this option you
113are giving the server the ability to write to \e{any} file in the
114target directory, so you should only use this option if you trust
115the server administrator not to be malicious (and not to let the
116server machine be cracked by malicious people).
117
ffd64114 118\S2{pscp-usage-basics-user} \c{user}
119
120The login name on the remote server. If this is omitted, and \c{host}
121is a PuTTY saved session, PSCP will use any username specified by that
122saved session. Otherwise, PSCP will attempt to use the local Windows
123username.
124
125\S2{pscp-usage-basics-host} \c{host}
126
127The name of the remote server, or the name of an existing PuTTY saved
128session. In the latter case, the session's settings for hostname, port
129number, cipher type and username will be used.
768ada0c 130
ffd64114 131\S2{pscp-usage-basics-source} \c{source}
768ada0c 132
ffd64114 133One or more source files. \i{Wildcards} are allowed. The syntax of
134wildcards depends on the system to which they apply, so if you are
135copying \e{from} a Windows system \e{to} a UNIX system, you should use
116934a6 136Windows wildcard syntax (e.g. \c{*.*}), but if you are copying \e{from}
ffd64114 137a UNIX system \e{to} a Windows system, you would use the wildcard
138syntax allowed by your UNIX shell (e.g. \c{*}).
768ada0c 139
ded53fce 140If the source is a remote server and you do not specify a full
141pathname (in UNIX, a pathname beginning with a \c{/} (slash)
142character), what you specify as a source will be interpreted relative
143to your home directory on the remote server.
144
ffd64114 145\S2{pscp-usage-basics-target} \c{target}
768ada0c 146
ded53fce 147The filename or directory to put the file(s). When copying from a
148remote server to a local host, you may wish simply to place the
149file(s) in the current directory. To do this, you should specify a
150target of \c{.}. For example:
151
152\c pscp fred@example.com:/home/tom/.emacs .
153
154...would copy \c{/home/tom/.emacs} on the remote server to the current
155directory.
156
157As with the \c{source} parameter, if the target is on a remote server
158and is not a full path name, it is interpreted relative to your home
159directory on the remote server.
768ada0c 160
161\S{pscp-usage-options} Options
162
ffd64114 163These are the command line options that PSCP accepts.
768ada0c 164
165\S2{pscp-usage-options-p}\c{-p} preserve file attributes
166
ffd64114 167By default, files copied with PSCP are \i{timestamp}ed with the date and
768ada0c 168time they were copied. The \c{-p} option preserves the original
169timestamp on copied files.
170
ffd64114 171\S2{pscp-usage-options-q}\c{-q} quiet, don't show \i{statistics}
768ada0c 172
173By default, PSCP displays a meter displaying the progress of the
174current transfer:
175
176\c mibs.tar | 168 kB | 84.0 kB/s | ETA: 00:00:13 | 13%
177
178The fields in this display are (from left to right), filename, size
179(in kilobytes) of file transferred so far, estimate of how fast the
180file is being transferred (in kilobytes per second), estimated time
181that the transfer will be complete, and percentage of the file so far
182transferred. The \c{-q} option to PSCP suppresses the printing of
183these statistics.
184
ffd64114 185\S2{pscp-usage-options-r}\c{-r} copies directories \i{recursive}ly
768ada0c 186
b3fa9b5e 187By default, PSCP will only copy files. Any directories you specify to
188copy will be skipped, as will their contents. The \c{-r} option tells
189PSCP to descend into any directories you specify, and to copy them and
190their contents. This allows you to use PSCP to transfer whole
191directory structures between machines.
192
ffd64114 193\S2{pscp-usage-options-v}\c{-v} show \i{verbose} messages
768ada0c 194
195The \c{-v} option to PSCP makes it print extra information about the
196file transfer. For example:
197
198\c Logging in as "fred".
199\c fred@example.com's password:
200\c Sending command: scp -v -f mibs.tar
201\c Connected to example.com
202\c Sending file modes: C0644 1320960 mibs.tar
203\c mibs.tar | 1290 kB | 67.9 kB/s | ETA: 00:00:00 | 100%
204\c Remote exit status 0
205\c Closing connection
206
207This information may be useful for debugging problems with PSCP.
208
ffd64114 209\S2{pscp-usage-options-P}\c{-P port} connect to specified \i{port}
768ada0c 210
d8507d01 211If the \c{host} you specify is a saved session, PSCP uses any port
b3fa9b5e 212number specified in that saved session. If not, PSCP uses the default
213SSH port, 22. The \c{-P} option allows you specify the port number to
214connect to for PSCP's SSH connection.
768ada0c 215
ffd64114 216\S2{pscp-usage-options-pw}\c{-pw passw} login with specified \i{password}
768ada0c 217
d8507d01 218If a password is required to connect to the \c{host}, PSCP will
219interactively prompt you for it. However, this may not always be
220appropriate. If you are running PSCP as part of some automated job,
b3fa9b5e 221it will not be possible to enter a password by hand. The \c{-pw}
d8507d01 222option to PSCP lets you specify the password to use on the command
223line.
224
225Since specifying passwords in scripts is a bad idea for security
226reasons, you might want instead to consider using public-key
6da38567 227authentication; see \k{pscp-pubkey}.
228
a4196579 229\S{pscp-pubkey} Return value
230
231PSCP returns an \cw{ERRORLEVEL} of zero (success) only if the files
232were correctly transferred. You can test for this in a batch file,
233using code such as this:
234
235\c pscp file*.* user@hostname:
236\c if errorlevel 1 echo There was an error
237
6da38567 238\S{pscp-pubkey} Using public key authentication with PSCP
239
240Like PuTTY, PSCP can authenticate using a public key instead of a
241password. There are two ways you can do this.
242
243Firstly, PSCP can use PuTTY saved sessions in place of hostnames
244(see \k{pscp-usage-basics-host}). So you would do this:
245
246\b Run PuTTY, and create a PuTTY saved session (see
247\k{config-saving}) which specifies your private key file (see
add788fc 248\k{config-ssh-privkey}). You will probably also want to specify a
249username to log in as (see \k{config-username}).
6da38567 250
251\b In PSCP, you can now use the name of the session instead of a
edcbf00a 252hostname: type \c{pscp sessionname:file localfile}, where
253\c{sessionname} is replaced by the name of your saved session.
6da38567 254
255Secondly, PSCP will attempt to authenticate using Pageant if Pageant
256is running (see \k{pageant}). So you would do this:
257
258\b Ensure Pageant is running, and has your private key stored in it.
259
260\b Specify a user and host name to PSCP as normal. PSCP will
261automatically detect Pageant and try to use the keys within it.
262
263For more general information on public-key authentication, see
264\k{pubkey}.
768ada0c 265
ffd64114 266\H{pscp-ixplorer} \i{Secure iXplorer}
768ada0c 267
268Lars Gunnarson has written a graphical interface for PSCP. You can
269get it from his web site, at
75bae139 270\W{http://www.i-tree.org/}{www.i-tree.org}.
Simon Tatham's PuTTY GUI SSH client; import of svn://svn.tartarus.org/sgt/putty