RCP(1) | User Commands | RCP(1) |
rcp - remote file copy
rcp [-p] [-a] [-K] [-x] [-PN | -PO] [-k realm] filename1 filename2
rcp [-pr] [-a] [-K] [-x] [-PN | -PO] [-k realm] filename... directory
The rcp command copies files between machines. Each filename or directory argument is either a remote file name of the form:
hostname:path
or a local file name (containing no : (colon) characters, or / (backslash) before any : (colon) characters).
The hostname can be an IPv4 or IPv6 address string. See inet(4P) and inet6(4P). Since IPv6 addresses already contain colons, the hostname should be enclosed in a pair of square brackets when an IPv6 address is used. Otherwise, the first occurrence of a colon can be interpreted as the separator between hostname and path. For example,
[1080::8:800:200C:417A]:tmp/file
If a filename is not a full path name, it is interpreted relative to your home directory on hostname. A path on a remote host can be quoted using \, ", or ', so that the metacharacters are interpreted remotely. Please notice that the kerberized versions of rcp are not IPv6-enabled.
rcp does not prompt for passwords. It either uses Kerberos authentication which is enabled through command-line options or your current local user name must exist on hostname and allow remote command execution by rsh(1).
The rcp session can be kerberized using any of the following Kerberos specific options : -a, -PN or -PO, -x, and -k realm. Some of these options (-a, -x and -PN or -PO) can also be specified in the [appdefaults] section of krb5.conf(5). The usage of these options and the expected behavior is discussed in the OPTIONS section below. If Kerberos authentication is used, authorization to the account is controlled by rules in krb5_auth_rules(7). If this authorization fails, fallback to normal rcp using rhosts occurs only if the -PO option is used explicitly on the command line or is specified in krb5.conf(5). If authorization succeeds, remote copy succeeds without any prompting of password. Also notice that the -PN or -PO, -x, and -k realm options are just supersets of the -a option.
rcp handles third party copies, where neither source nor target files are on the current machine. Hostnames can also take the form
username@hostname:filename
to use username rather than your current local user name as the user name on the remote host. rcp also supports Internet domain addressing of the remote host, so that:
username@host.domain:filename
specifies the username to be used, the hostname, and the domain in which that host resides. File names that are not full path names are interpreted relative to the home directory of the user named username, on the remote host.
The following options are supported:
-a
-k realm
-K realm
-p
-PO
-PN
-r
-x
See largefile(7) for the description of the behavior of rcp when encountering files greater than or equal to 2 Gbyte ( 2^31 bytes).
The rcp command is IPv6-enabled. See ip6(4P). IPv6 is not currently supported with Kerberos V5 authentication.
For the kerberized rcp session, each user can have a private authorization list in a file .k5login in their home directory. Each line in this file should contain a Kerberos principal name of the form principal/instance@realm. If there is a ~/.k5login file, then access is granted to the account if and only if the originating user is authenticated to one of the principals named in the ~/.k5login file. Otherwise, the originating user is granted access to the account if and only if the authenticated principal name of the user can be mapped to the local account name using the authenticated-principal-name → local-user-name mapping rules. The .k5login file (for access control) comes into play only when Kerberos authentication is being done.
The following exit values are returned:
0
>0
See the NOTES section for caveats on the exit code.
$HOME/.profile
$HOME/.k5login
/etc/krb5/krb5.conf
See attributes(7) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
CSI | Enabled |
cpio(1), ftp(1), rlogin(1), rsh(1), setfacl(1), tar(1), inet(4P), inet6(4P), ip6(4P), hosts.equiv(5), krb5.conf(5), attributes(7), krb5_auth_rules(7), largefile(7), in.rshd(8)
rcp is meant to copy between different hosts. Attempting to rcp a file onto itself, as with:
example% rcp /tmp/file myhost:/tmp/file
results in a severely corrupted file.
rcp might not correctly fail when the target of a copy is a file instead of a directory.
rcp can become confused by output generated by commands in a $HOME/.profile on the remote host.
rcp requires that the source host have permission to execute commands on the remote host when doing third-party copies.
rcp does not properly handle symbolic links. Use tar or cpio piped to rsh to obtain remote copies of directories containing symbolic links or named pipes. See tar(1) and cpio(1).
If you forget to quote metacharacters intended for the remote host, you get an incomprehensible error message.
rcp fails if you copy ACLs to a file system that does not support ACLs.
rcp is CSI-enabled except for the handling of username, hostname, and domain.
When rcp is used to perform third-party copies where either of the remote machines is not running Solaris, the exit code cannot be relied upon. That is, errors could occur when success is reflected in the exit code, or the copy could be completely successful even though an error is reflected in the exit code.
February 21, 2023 | OmniOS |