Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
Secure Copy Protocol transfers files between hosts over SSH on port 22, encrypting data in transit; modern OpenSSH now favors SFTP as the backend.
SCP Definition: Secure Copy Protocol transfers files between hosts over SSH on port 22, encrypting data in transit; modern OpenSSH now favors SFTP as the backend.
SCP (Secure Copy Protocol) is a network protocol for securely copying files between a local and a remote host, or between two remote hosts. It runs over Secure Shell (SSH) on TCP port 22, inheriting SSH's encryption and authentication so file contents, credentials, and metadata are protected in transit, unlike legacy plaintext protocols such as FTP.
Mechanically, the scp client opens an SSH session to the remote host, authenticates (by password or public key), and then runs a remote copy process. Files stream over the encrypted channel established by SSH, giving confidentiality and integrity for the data path. The classic SCP protocol is based on the old BSD rcp command; because of design limitations and security concerns, modern OpenSSH reimplemented the scp command to use the SFTP protocol as its backend by default starting in OpenSSH 9.0.
This matters for security because file transfer is a common path for credential and data exposure. FTP and rcp send everything, including passwords, in cleartext, making them trivial to sniff. SCP closes that gap by tunneling transfers through SSH, so transfers to routers, servers, and backup systems cannot be passively intercepted. It also benefits from SSH host-key verification, which helps detect man-in-the-middle attempts.
For example, a system administrator pushing a configuration file to a remote server might run scp config.cfg admin@10.0.0.5:/etc/app/. The client authenticates with an SSH key, the file traverses the network inside an encrypted SSH tunnel, and an eavesdropper on the wire sees only ciphertext. Because the historical SCP protocol had known weaknesses (such as a server influencing which files the client writes), security-conscious environments increasingly prefer SFTP or rsync-over-SSH, but SCP remains widely used for quick, encrypted point-to-point copies.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →