rcp - Copies files on the same host, between a local host
and a remote host, and between two remote hosts
rcp [-prx] source destination
Preserves the modification times and modes of the source
files in the copies sent to the destination; extended file
attributes (property list), including the access control
list (ACL), if any, are not copied. Without this option,
the umask command at the destination modifies the mode of
the destination file, and the modification time of the
destination file is set to the time the file is received.
Copies recursively, for directories only, each file and
subdirectory in the source directory into the destination
directory. Encrypts the data transmitted between the
local host and the remote host. This option requires that
the local and remote hosts be configured to use Kerberos
authentication in the same or trusting Kerberos realms.
Specifies the location from which to copy the file. The
source format is as follows:
[[username@]hostname:]/path
If you specify hostname: and path, the local user
name is used at the source host. If you specify a
user name, that name is used. The user name entered
for the source host determines the file access
privileges that the rcp command uses at that host.
Additionally, the user name given to a source host
determines the ownership and access modes of the
resulting source file or files.
If the source path is not specified or is not fully
qualified, the path is interpreted as the beginning
of the home directory for the source user account
and is equivalent to the cp command. Specifies the
location to which to copy the file. The destination
format is as follows:
[[username@]hostname:]/path
If you specify hostname: and path, the local user
name is used at the destination host. If you specify
a user name, that name is used. The user name
entered for the destination host determines the
file access privileges that the rcp command uses at
that host. Additionally, the user name given to a
destination host determines the ownership and
access modes of the resulting destination file or
files.
If the destination path is not specified or is not
fully qualified, the path is interpreted as the
beginning of the home directory for the remote user
account and is equivalent to the cp command.
The rcp command copies files on the same host, between a
local host and a remote host, and between two remote
hosts.
Metacharacters that must be interpreted at a remote host
must be quoted using \ (backslash), " " (double quotes),
or ' ' (single quotes). If you want to specify an IPv6
address for source or destination, you must prefix the
address with the \[ (backslash, left bracket) characters
and terminate the address with the \] (backslash, right
bracket) characters. Because the bracket characters are
shell metacharacters, you must precede them with the backslash
character.
By default, the mode and owner of an existing destination
file are preserved. Normally, if a destination file does
not exist, the mode of the destination file is equal to
the mode of the source file as modified by the umask command
at the destination host. If the -p option is set,
the modification time and mode of source files are preserved
at the destination host. If the file has extended
file attributes (property list), including the access control
list (ACL), they are not copied and the following
message is displayed: rcp: filename: proplist not copied
The way that the remote host authenticates a user and
transmits data depends on if the local and remote hosts
are using a basic connection or a secure connection (Kerberos
or Secure Shell). Basic and secure connections provide
user authentication; however, a secure connection
also provides client and server authentication, data
encryption, data integrity, and nonrepudiation.
Basic Connection [Toc] [Back]
A basic connection is one where the rcp command connects
to the remote host and the remote host authenticates the
user if one of the following conditions is satisfied: If
the local user ID is not the root user, and the name of
the local host is listed as an equivalent host in the
/etc/hosts.equiv file on the remote host. If the local
user ID is the root user or if the check of
/etc/hosts.equiv fails, the user's home directory on the
remote host must contain a $HOME/.rhosts file that lists
the local host name and user name. The $HOME/.rhosts file
must be owned by either the remote user or the root user,
and have permissions set to 600 (read and write by owner
only).
The rcp command allows access to the remote host if the
remote user account does not have a password defined.
However, for security reasons, use of a password on all
user accounts is recommended.
Secure Connection [Toc] [Back]
A secure connection is one where the rcp command connects
to the remote host by using either Kerberos or Secure
Shell. Kerberos and Secure Shell are client/server applications
that authenticate the client, server, and user;
encrypt data; and ensure data integrity and nonrepudiation.
See your system administrator to determine if your
system is running Kerberos or Secure Shell software. See
Security Administration for more information about Kerberos
and Secure Shell.
Kerberos [Toc] [Back]
Kerberos does not use the /etc/host.equiv file or the
$HOME/.rhosts file for authentication. Kerberos authenticates
by using secret-key cryptography and tickets between
Kerberos clients and Kerberos servers in the same or
trusting Kerberos realms. Once authenticated by Kerberos,
users receive a Kerberos Ticket Granting Ticket (TGT).
Users with a valid TGT are not prompted for a username or
password when the remote host is in the same or trusting
Kerberos realm.
To use Kerberos to copy a file, enter the rcp command with
the -x option.
Secure Shell [Toc] [Back]
Secure Shell authenticates users by using passwords, hostbased
identification, or public and private keys between
Secure Shell clients and servers.
By default, the rcp command will use Kerberos (with a
valid TGT) when a system is configured to use both Kerberos
and Secure Shell.
To use Secure Shell to copy files, enter the Secure Shell
scp2 (or scp) command instead of the rcp command. The scp2
command provides the same functionality and options as the
rcp command over a secure connection. See scp2(1) for more
information on using the Secure Shell scp2 command.
Alternatively, you can configure the rsh, rlogin, and rcp
commands and applications that use the rcmd() function to
automatically use a Secure Shell connection by enabling
the Secure Shell EnforceSecureRutils keyword in the
/etc/ssh2/ssh2_config file or in a user's
$HOME/.ssh2/ssh2_config file. When the EnforceSecureRutils
keyword is enabled: The sshd daemon runs and spawns the
srcmd child process; the rshd daemon does not run. The
rcp command can only use Secure Shell host-based authentication
to authenticate users.
See Security Administration for more information about
configuring Secure Shell host-based authentication and the
EnforceSecureRutils keyword.
After it is determined that Secure Shell will be used, all
authentication and communication between the client and
server will use the Secure Shell connection. A connection
is not established if a user cannot be authenticated.
The rcp command is confused by output generated by commands
in a file on the remote host. In particular, the
messages, where are you? and stty: Can't assign requested
address can result if output is generated by the startup
file.
To copy a file named localfile from the local host to a
remote host named host2, enter: $ rcp localfile
host2:/u/eng/fred To copy a remote file named newplan from
one remote host, host1, to another remote host, host2,
enter: $ rcp host1:/u/eng/fred/newplan host2:/u/eng/mary
To send a directory subtree report from the local host to
the home directory of a user named fred at a remote host
named host2, and preserve all modes and modification
times, enter: $ rcp -p -r report fred@host2:report
The remote file /u/fred/.rhosts includes an entry
specifying the local host and username. To copy a
file called localfile from the local host to a
remote host named host2 in the same Kerberos Realm
using encryption, enter: $ rcp -x localfile
host2:/u/eng/fred
Specifies remote hosts from which users can execute commands
on the local host (provided these users have an
account on the local host). Specifies remote users that
can use a local user account. Specifies Secure Shell
client configuration information. Specifies Secure Shell
server configuration information.
Commands: kinit(1), kdestroy(1), klist(1), rlogin(1),
rsh(1), rshd(8), ssh2(1), telnet(1)
Functions: rexec(3), rcmd(3)
Files: hosts.equiv(4), rhosts(4), ssh2_config(4)
Guides: Security Administration
rcp(1)
[ Back ] |
