 |
Index for
Section 1 |
|
 |
Alphabetical
listing for R |
|
 |
Bottom of
page |
|
rcp(1)
NAME
rcp - Copies files on the same host, between a local host and a remote
host, and between two remote hosts
SYNOPSIS
rcp [-prx] source destination
OPTIONS
-p Preserves the modification times and modes of the source files in the
copies sent to the destination; extended file attributes (property
list), including the access control list (ACL), if any, are not copied.
Without this option, the umask command at the destination modifies the
mode of the destination file, and the modification time of the
destination file is set to the time the file is received.
-r Copies recursively, for directories only, each file and subdirectory in
the source directory into the destination directory.
-x Encrypts the data transmitted between the local host and the remote
host. This option requires that the local and remote hosts be
configured to use Kerberos authentication in the same or trusting
Kerberos realms.
OPERANDS
source
Specifies the location from which the file is copied. The source format
is host name and path separated by a : (colon). For example:
hostname:/path
Local paths do not need to have a hostname specified and must have a \
(backslash) inserted before any colons embedded in the name.
destination
Specifies the location to which the file is copied. The destination
format is username and host name and path separated by a : (colon). For
example:
username@hostname:/path
If a hostname is not prefixed by username@, the local username is used
at the remote host. If a username is entered, that name is used. The
username entered for the remote host determines the file access
privileges that the rcp command uses at that host. Additionally, the
username given to a destination host determines the ownership and
access modes of the resulting destination file or files.
If the destination path is not specified or is not fully qualified, the
path is interpreted as the beginning of the home directory for the
remote user account and is equivalent to the cp command.
DESCRIPTION
The rcp command copies files on the same host, between a local host and a
remote host, and between two remote hosts.
Metacharacters that must be interpreted at a remote host must be quoted
using \ (backslash), " " (double quotes), or ' ' (single quotes). If you
want to specify an IPv6 address for source or destination, you must prefix
the address with the \[ (backslash, left bracket) characters and terminate
the address with the \] (backslash, right bracket) characters. Because the
bracket characters are shell metacharacters, you must precede them with the
backslash character.
By default, the mode and owner of an existing destination file are
preserved. Normally, if a destination file does not exist, the mode of the
destination file is equal to the mode of the source file as modified by the
umask command at the destination host. If the -p option is set, the
modification time and mode of source files are preserved at the destination
host. If the file has extended file attributes (property list), including
the access control list (ACL), they are not copied and the following
message is displayed: rcp: filename: proplist not copied
The way that the remote host authenticates a user and transmits data
depends on if the local and remote hosts are using a basic connection or a
secure connection (Kerberos or Secure Shell). Basic and secure connections
provide user authentication; however, a secure connection also provides
client and server authentication, data encryption, data integrity, and
nonrepudiation.
Basic Connection
A basic connection is one where the rcp command connects to the remote host
and the remote host authenticates the user if one of the following
conditions is satisfied:
· If the local user ID is not the root user, and the name of the local
host is listed as an equivalent host in the /etc/hosts.equiv file on
the remote host.
· If the local user ID is the root user or if the check of
/etc/hosts.equiv fails, the user's home directory on the remote host
must contain a $HOME/.rhosts file that lists the local host name and
user name. The $HOME/.rhosts file must be owned by either the remote
user or the root user, and have permissions set to 600 (read and write
by owner only).
The rcp command allows access to the remote host if the remote user account
does not have a password defined. However, for security reasons, use of a
password on all user accounts is recommended.
Secure Connection
A secure connection is one where the rcp command connects to the remote
host by using either Kerberos or Secure Shell. Kerberos and Secure Shell
are client/server applications that authenticate the client, server, and
user; encrypt data; and ensure data integrity and nonrepudiation. See your
system administrator to determine if your system is running Kerberos or
Secure Shell software. See Security Administration for more information
about Kerberos and Secure Shell.
Kerberos
Kerberos does not use the /etc/host.equiv file or the $HOME/.rhosts file
for authentication. Kerberos authenticates by using secret-key cryptography
and tickets between Kerberos clients and Kerberos servers in the same or
trusting Kerberos realms. Once authenticated by Kerberos, users receive a
Kerberos Ticket Granting Ticket (TGT). Users with a valid TGT are not
prompted for a username or password when the remote host is in the same or
trusting Kerberos realm.
To use Kerberos to copy a file, enter the rcp command with the -x option.
Secure Shell
Secure Shell authenticates users by using passwords, host-based
identification, or public and private keys between Secure Shell clients and
servers.
By default, the rcp command will use Kerberos (with a valid TGT) when a
system is configured to use both Kerberos and Secure Shell.
To use Secure Shell to copy files, enter the Secure Shell scp2 (or scp)
command instead of the rcp command. The scp2 command provides the same
functionality and options as the rcp command over a secure connection. See
scp2(1) for more information on using the Secure Shell scp2 command.
Alternatively, you can configure the rsh, rlogin, and rcp commands and
applications that use the rcmd() function to automatically use a Secure
Shell connection by enabling the Secure Shell EnforceSecureRutils keyword
in the /etc/ssh2/ssh2_config file or in a user's $HOME/.ssh2/ssh2_config
file. When the EnforceSecureRutils keyword is enabled:
· The sshd daemon runs and spawns the srcmd child process; the rshd
daemon does not run.
· The rcp command can only use Secure Shell host-based authentication to
authenticate users.
See Security Administration for more information about configuring Secure
Shell host-based authentication and the EnforceSecureRutils keyword.
After it is determined that Secure Shell will be used, all authentication
and communication between the client and server will use the Secure Shell
connection. A connection is not established if a user cannot be
authenticated.
RESTRICTIONS
The rcp command is confused by output generated by commands in a .cshrc
file on the remote host. In particular, the messages, where are you? and
stty: Can't assign requested address can result if output is generated by
the startup file.
EXAMPLES
1. To copy a file named localfile from the local host to a remote host
named host2, enter:
$ rcp localfile host2:/u/eng/fred
2. To copy a remote file named newplan from one remote host, host1, to
another remote host, host2, enter:
$ rcp host1:/u/eng/fred/newplan host2:/u/eng/mary
3. To send a directory subtree report from the local host to the home
directory of a user named fred at a remote host named host2, and
preserve all modes and modification times, enter:
$ rcp -p -r report fred@host2:report
The remote file /u/fred/.rhosts includes an entry specifying the local
host and username.
4. To copy a file called localfile from the local host to a remote host
named host2 in the same Kerberos Realm using encryption, enter:
$ rcp -x localfile host2:/u/eng/fred
FILES
/etc/hosts.equiv
Specifies remote hosts from which users can execute commands on the
local host (provided these users have an account on the local host).
$HOME/.rhosts
Specifies remote users that can use a local user account.
/etc/ssh2/ssh2_config
Specifies Secure Shell client configuration information.
/etc/ssh2/sshd2_config
Specifies Secure Shell server configuration information.
SEE ALSO
Commands: kinit(1), kdestroy(1), klist(1), rlogin(1), rsh(1), rshd(8),
ssh2(1), telnet(1)
Functions: rexec(3), rcmd(3)
Files: hosts.equiv(4), rhosts(4), ssh2_config(4)
Guides: Security Administration
|
Index for
Section 1 |
|
|
Alphabetical
listing for R |
|
 |
Top of
page |
|