Transfers files between a local and a remote host or between two remote hosts.
rcp [ -p] [ -F] [ -k realm ] [-m] { { User@Host:File | Host:File | File } { User@Host:File | Host:File | File | User@Host:Directory | Host:Directory | Directory } | [ -r] { User@Host:Directory | Host:Directory |Directory } { User@Host:Directory | Host:Directory | Directory } }
The /usr/bin/rcp command is used to copy one or more files between the local host and a remote host, between two remote hosts, or between files at the same remote host.
If a Host is not prefixed by a User@ parameter, the local user name is used at the remote host. If a User@ parameter is entered, that name is used.
If the path for a file or directory on a remote host is not specified or is not fully qualified, the path is interpreted as beginning at the home directory for the remote user account. Additionally, any metacharacters that must be interpreted at a remote host must be quoted using a \ (backslash), a " (double quotation mark), or a ' (single quotation mark).
File Permissions and Ownership
By default, the permissions mode and ownership of an existing destination file are preserved. Usually, if a destination file does not exist, the permissions mode of the destination file is equal to the permissions mode of the source file as modified by the umask command (a special command in the Korn shell) at the destination host. If the rcp command -p flag is set, the modification time and mode of source files are preserved at the destination host.
The user name entered for the remote host determines the file access privileges the rcp command uses at that host. Additionally, the user name given to a destination host determines the ownership and access modes of the resulting destination file or files.
Using Standard Authentication
The remote host allows access if one of the following conditions is satisfied:
Although you can set any permissions for the $HOME/.rhosts file, it is recommended that the permissions of the .rhosts file be set to 600 (read and write by owner only).
In addition to the preceding conditions, the rcp command also allows access to the remote host if the remote user account does not have a password defined. However, for security reasons, the use of a password on all user accounts is recommended.
For Kerberos 5 Authentication
The remote host allows access only if all of the following conditions are satisfied:
rcp and Named Pipelines
Do not use the rcp command to copy named pipelines, or FIFOs, (special files created with the mknod -p command). The rcp command uses the open subroutine on the files that it copies, and this subroutine blocks on blocking devices like a FIFO pipe.
The SP Kerberos V4 rcp execution path does not support remote-to-remote copy as Kerberos does not support forwarding credentials. The message you would receive under these circumstances is the message indicating you do not have tickets and must use kinit to login. The message would be issued from the remote source machine. Please see the example below for using Kerberos to perform a remote-to-remote copy.
Item | Description |
---|---|
-p | Preserves the modification times and modes of the source files
in the copies sent to the destination only if the user has root authority
or is the owner of the destination. Without this flag, the umask command at the destination modifies
the mode of the destination file, and the modification time of the
destination file is set to the time the file is received. When this flag is not used, the umask being honored is the value stored in the appropriate database. It is not the value that is set by issuing the umask command. The permission and ownership values that result from the umask command do not affect those stored in the database. |
-r | Recursively copies, for directories only, each file and subdirectory in the source directory into the destination directory. |
-F | Causes the credentials to be forwarded. In addition, the credentials on the remote system will be marked forwardable (allowing them to be passed to another remote system). This flag will be ignored if Kerberos 5 is not the current authentication method. Authentication will fail if the current DCE credentials are not marked forwardable. |
-k realm | Allows the user to specify the realm of the remote station if it is different from the local systems realm. For these purposes, a realm is synonymous with a DCE cell. This flag will be ignored if Kerberos 5 is not the current authentication method. |
-m | Support for metacharacters in filenames. |
Item | Description |
---|---|
Host:File | Specifies the host name (Host) and file name (File)
of the remote destination file, separated by a : (colon). Note: Because
the rcp command assumes that a : (colon) terminates a host
name, you must insert a \ (backslash) before any colons that are embedded
in the local file and directory names.
|
User@Host:File | Specifies the user name (User@) that the rcp command uses to set ownership of the transferred file, the host name (Host), and file name (File) of the remote destination file. The user name entered for the remote host determines the file access privileges the rcp command uses at that host. |
File | Specifies the file name of the local destination file. |
Host:Directory | Specifies the host name (Host) and directory name (Directory)
of the remote destination directory. Note: Because the rcp command
assumes that a : (colon) terminates a host name, you must insert a
\ (backslash) before any colons that are embedded in the local file
and directory names.
|
User@Host:Directory | Specifies the user name (User@) the rcp command uses to set ownership of the transferred file, the host name (Host), and directory name (Directory) of the remote destination directory. The user name entered for the remote host determines the file access privileges the rcp command uses at that host. |
Directory | The directory name of the local destination directory. |
This command returns the following exit values:
Item | Description |
---|---|
0 | Successful completion. |
>0 | An error occurred. |
For security reasons, any $HOME/.klogin file must be owned by the remote user and only the AIX® owner ID should have read and write access (permissions = 600) to .klogin.
Attention RBAC users and Trusted AIX users: This command can perform privileged operations. Only privileged users can run privileged operations. For more information about authorizations and privileges, see Privileged Command Database in Security. For a list of privileges and the authorizations associated with this command, see the lssecattr command or the getcmdattr subcommand.
In the following examples, the local host is listed in the /etc/hosts.equiv file at the remote host.
rcp localfile host2:/home/eng/jane
The
file localfile from the local host is copied to the remote
host host2.rcp host1:/home/eng/jane/newplan host2:/home/eng/mary
The
file /home/eng/jane/newplan is copied from remote host host1 to
remote host host2./usr/lpp/ssp/rcmd/bin/rsh r05n07 'export KRBTKTFILE=/tmp/rcmdtkt$$; \
/usr/lpp/ssp/rcmd/bin/rcmdtgt; \
/usr/lpp/ssp/rcmd/bin/rcp /tmp/stuff r05n05:/tmp/stuff;'
The
root user sets the KRBTKTFILE environment variable to the name of
a temporary ticket-cache file and then obtains a service ticket by
issuing the rcmdtgt command. The rcp uses the service
ticket to authenticate from host r05n07 to host r05n05. Item | Description |
---|---|
$HOME/.klogin | Specifies remote users that can use a local user account. |
/usr/lpp/ssp/rcmd/bin/rcp | Link to AIX Secure /usr/bin/rsh that calls the SP Kerberos 4 rcp routine if applicable. |
Refer to the chapter on security in IBM® Parallel System Support Programs for AIX: Administration Guide for an overview. You can access this publication at the following Web site: http://www.rs6000.ibm.com/resource/aix_resource
Refer to the "RS/6000® SP Files and Other Technical Information" section of IBM Parallel System Support Programs for AIX: Command and Technical Reference for additional Kerberos information. You can access this publication at the following Web site: http://www.rs6000.ibm.com/resource/aix_resource