rcp(1)rcp(1)NAMErcp - Copies files on the same host, between a local host and a remote
host, and between two remote hosts
SYNOPSISrcp [-prx] source destination
Preserves the modification times and modes of the source files in the
copies sent to the destination; extended file attributes (property
list), including the access control list (ACL), if any, are not copied.
Without this option, the umask command at the destination modifies the
mode of the destination file, and the modification time of the destina‐
tion file is set to the time the file is received. Copies recursively,
for directories only, each file and subdirectory in the source direc‐
tory into the destination directory. Encrypts the data transmitted
between the local host and the remote host. This option requires that
the local and remote hosts be configured to use Kerberos authentication
in the same or trusting Kerberos realms.
Specifies the location from which to copy the file. The source format
is as follows:
If you specify hostname: and path, the local user name is used
at the source host. If you specify a user name, that name is
used. The user name entered for the source host determines the
file access privileges that the rcp command uses at that host.
Additionally, the user name given to a source host determines
the ownership and access modes of the resulting source file or
If the source path is not specified or is not fully qualified,
the path is interpreted as the beginning of the home directory
for the source user account and is equivalent to the cp command.
Specifies the location to which to copy the file. The destina‐
tion format is as follows:
If you specify hostname: and path, the local user name is used
at the destination host. If you specify a user name, that name
is used. The user name entered for the destination host deter‐
mines the file access privileges that the rcp command uses at
that host. Additionally, the user name given to a destination
host determines the ownership and access modes of the resulting
destination file or files.
If the destination path is not specified or is not fully quali‐
fied, the path is interpreted as the beginning of the home
directory for the remote user account and is equivalent to the
The rcp command copies files on the same host, between a local host and
a remote host, and between two remote hosts.
Metacharacters that must be interpreted at a remote host must be quoted
using \ (backslash), " " (double quotes), or ' ' (single quotes). If
you want to specify an IPv6 address for source or destination, you must
prefix the address with the \[ (backslash, left bracket) characters and
terminate the address with the \] (backslash, right bracket) charac‐
ters. Because the bracket characters are shell metacharacters, you must
precede them with the backslash character.
By default, the mode and owner of an existing destination file are pre‐
served. Normally, if a destination file does not exist, the mode of
the destination file is equal to the mode of the source file as modi‐
fied by the umask command at the destination host. If the -p option is
set, the modification time and mode of source files are preserved at
the destination host. If the file has extended file attributes (prop‐
erty list), including the access control list (ACL), they are not
copied and the following message is displayed: rcp: filename: proplist
The way that the remote host authenticates a user and transmits data
depends on if the local and remote hosts are using a basic connection
or a secure connection (Kerberos or Secure Shell). Basic and secure
connections provide user authentication; however, a secure connection
also provides client and server authentication, data encryption, data
integrity, and nonrepudiation.
A basic connection is one where the rcp command connects to the remote
host and the remote host authenticates the user if one of the following
conditions is satisfied: If the local user ID is not the root user, and
the name of the local host is listed as an equivalent host in the
/etc/hosts.equiv file on the remote host. If the local user ID is the
root user or if the check of /etc/hosts.equiv fails, the user's home
directory on the remote host must contain a $HOME/.rhosts file that
lists the local host name and user name. The $HOME/.rhosts file must be
owned by either the remote user or the root user, and have permissions
set to 600 (read and write by owner only).
The rcp command allows access to the remote host if the remote user
account does not have a password defined. However, for security rea‐
sons, use of a password on all user accounts is recommended.
A secure connection is one where the rcp command connects to the remote
host by using either Kerberos or Secure Shell. Kerberos and Secure
Shell are client/server applications that authenticate the client,
server, and user; encrypt data; and ensure data integrity and nonrepu‐
diation. See your system administrator to determine if your system is
running Kerberos or Secure Shell software. See Security Administration
for more information about Kerberos and Secure Shell.
Kerberos does not use the /etc/host.equiv file or the $HOME/.rhosts
file for authentication. Kerberos authenticates by using secret-key
cryptography and tickets between Kerberos clients and Kerberos servers
in the same or trusting Kerberos realms. Once authenticated by Ker‐
beros, users receive a Kerberos Ticket Granting Ticket (TGT). Users
with a valid TGT are not prompted for a username or password when the
remote host is in the same or trusting Kerberos realm.
To use Kerberos to copy a file, enter the rcp command with the -x
Secure Shell authenticates users by using passwords, host-based identi‐
fication, or public and private keys between Secure Shell clients and
By default, the rcp command will use Kerberos (with a valid TGT) when a
system is configured to use both Kerberos and Secure Shell.
To use Secure Shell to copy files, enter the Secure Shell scp2 (or scp)
command instead of the rcp command. The scp2 command provides the same
functionality and options as the rcp command over a secure connection.
See scp2(1) for more information on using the Secure Shell scp2 com‐
Alternatively, you can configure the rsh, rlogin, and rcp commands and
applications that use the rcmd() function to automatically use a Secure
Shell connection by enabling the Secure Shell EnforceSecureRutils key‐
word in the /etc/ssh2/ssh2_config file or in a user's
$HOME/.ssh2/ssh2_config file. When the EnforceSecureRutils keyword is
enabled: The sshd daemon runs and spawns the srcmd child process; the
rshd daemon does not run. The rcp command can only use Secure Shell
host-based authentication to authenticate users.
See Security Administration for more information about configuring
Secure Shell host-based authentication and the EnforceSecureRutils key‐
After it is determined that Secure Shell will be used, all authentica‐
tion and communication between the client and server will use the
Secure Shell connection. A connection is not established if a user can‐
not be authenticated.
The rcp command is confused by output generated by commands in a file
on the remote host. In particular, the messages, where are you? and
stty: Can't assign requested address can result if output is generated
by the startup file.
To copy a file named localfile from the local host to a remote host
named host2, enter: $ rcp localfile host2:/u/eng/fred To copy a remote
file named newplan from one remote host, host1, to another remote host,
host2, enter: $ rcp host1:/u/eng/fred/newplan host2:/u/eng/mary To send
a directory subtree report from the local host to the home directory of
a user named fred at a remote host named host2, and preserve all modes
and modification times, enter: $ rcp-p -r report fred@host2:report
The remote file /u/fred/.rhosts includes an entry specifying the
local host and username. To copy a file called localfile from
the local host to a remote host named host2 in the same Kerberos
Realm using encryption, enter: $ rcp-x localfile
Specifies remote hosts from which users can execute commands on the
local host (provided these users have an account on the local host).
Specifies remote users that can use a local user account. Specifies
Secure Shell client configuration information. Specifies Secure Shell
server configuration information.
Commands: kinit(1), kdestroy(1), klist(1), rlogin(1), rsh(1), rshd(8),
Functions: rexec(3), rcmd(3)
Files: hosts.equiv(4), rhosts(4), ssh2_config(4)
Guides: Security Administration