|
Home > |
Utilities Reference Guide > SCP and PSCP
|
|---|
Use the scp (Linux/Unix) or pscp (Windows) command to securely move updates and certificates and other files from a source computer onto the SafeNet appliance, or to move appliance certificates or log files out to a client computer.
All packages from SafeNet are signed and encrypted and come with an authorization code (authcode) that must be provided to decrypt and use the package.
Note: In Windows, use PSCP.exe (provided with SafeNet HSM Client software) to transfer certificates, software updates, capability updates, logs, etc. The command syntax is similar to scp. PuTTY and PSCP have their own help.
scp [options] [<user>@]<host>:<source> <target>
scp [options] <source> [<source>...] [<user>@]<host>:<target>
scp [options] -ls <user>@<host>:<file_path>
Note: When using scp or pscp over an IPv6 network, enclose addresses in square brackets.
-p [] preserve file attributes.
-q [] quiet, don't show statistics
-r [] copy directories recursively
-S [<path-to-ssh>] specify the location of SSH
-v [] show verbose messages
-P port [] connect to specified port
-pw passw [] login with specified password
-unsafe [] allow server-side wildcards (DANGEROUS)
The following examples illustrate how to transfer files from a SafeNet HSM client to a SafeNet Network HSM, and from a SafeNet Network HSM to a SafeNet HSM client.
/usr/safenet/lunaclient/>scp test-file.txt admin@myluna:
admin@myluna's password: ********
test-file.txt | 0 kB | 0.1 kB/s | ETA: 00:00:00 | 100%
/usr/safenet/lunaclient/>
The colon is required. Type nothing after the colon when moving files onto
the SafeNet appliance. All files that are scp’d to the SafeNet appliance go
to a predetermined directory, which you cannot change (for security reasons).
While it is possible to change the filename during scp (by typing a new
filename after the colon in the scp command), this is not recommended
since most operations expect certain filenames and can fail if those are
not found.
/usr/safenet/lunaclient/>scp test-file.txt admin@myluna:different-file.txt
admin@myluna's password: ********
test-file.txt | 0 kB | 0.1 kB/s | ETA: 00:00:00 | 100%
/usr/safenet/lunaclient/>
If the arriving file carries an unexpected name, it might not be handled correctly by subsequent commands
If you have SSH located in a non-standard (UNIX) location, launch the scp command with the "-S" option (that's an uppercase "s"), followed by the path to SSH, before supplying the paths to the source and target files, like:
scp -S /usr/bin/ssh <source file> <dest file>
bash-2.05# scp admin@myLuna3:server.pem .
admin@myLuna3's password: *********
server.pem 100%
|*******************************************************| 928
00:00
Note the dot (.) at the end of the command, denoting “place the resulting file in the current directory”.