SCP-permission-denied-solved

SCP permission denied error – [Solved]

In my view “SCP permission denied” error, is the most common error in the world of Linux. So, whether you are Linux admin or newbie, Every one of us would have encountered this error. At least, once in a lifetime, that I can bet.

As a Linux user for many years. I have faced this issue during SCP and SSH operations. So I am sure, if you will land on this page, you will get the solution to all your “permission denied error in Linux”. Below mentioned are the samples of a few errors, you generally encounter. I am sure, at least one of the 9 solutions provided in this post will help you to resolve these issues.

scp-permission-denied-ec2
  • SCP permission denied
  • SCP permission denied (publickey)
  • Saving key “.ssh/id_rsa” failed: permission denied when SCP
  • SCP permission denied ec2
  • SCP permission denied AWS
  • SCP permission denied, please try again
  • SCP permission denied (publickey gssapi-keyex gssapi-with-mic)
  • SCP permission denied (publickey). lost connection

Before explaining anything, Let me tell you all these problems occurs during file copy using SCP. So let’s understand about SCP utility first –

What is SCP file transfer?

SCP stands for Secure copy. This program helps in copying a file or folder between two computers securely, whether local or remote. it uses SSH (secure shell) protocol in background. Additionally, The data and password are encrypted to secure sensitive information.

Using scp, you have option of file or directory copy between –

  • Local to the local system
  • Remote system to local system
  • Local system to remote system
  • Local system to AWS EC2 instance

How do you SCP?

There are a lot of options and switches to use with SCP command. Let me show you some basic commands, just to give you some understanding of SCP.

SCP syntax:-

$ scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]
[-l limit] [-o ssh_option] [-P port] [-S program]
[[user@]host1:]file1 … [[user@]host2:]file2
  • Visit scp man page for more information on options or syntax.
$ man scp

How to Copy local files to remote host with SCP

$ scp file user@host:path

Host :- can be IP address or hostname of remote system

: (colon) :- helps scp to identify remote host

Username:- on remote host

SSH key or password :- is required to copy file using scp

Path :- Absolute or relative path for local file or directory

For example –

$  scp test.txt user1@ubuntu:/tmp

Copy Remote file to local host

$ scp user@host:file path

How to Copy directories to local host using SCP

$ scp -r user@host:directory_path path

Copy file between two remote hosts

$ scp  user1@host1:file1.txt user2@host1:directory_path

Now when you know, what are basic scp commands. Time to know about public key authentication-

SCP requires a password to authenticate to the remote system. But in case you want to avoid it or using SCP in scripts, Public key is required.

Basically, you generate a public-private key pair on the client (local) and copy the public key to a remote system (server) into the authorized key.

To make you understand scp commands easily, i have shared my LAB details

Lab setup details –

Local server nameServer1 (Ubuntu 18.04)

Remote server nameServer2 (Ubuntu 20.04)

Source file/test/file1.txt

Target directory/remote-test

username dev

LAB-setup-scp

SCP permission denied issue

Scenario1-

I am trying to copy /test/file1.txt from server1 (local) to server2 (remote) in /remote-test directory. I am also getting permission denied.

$ scp "local-file" "user@remote-host:/path-to-remote-dir"

Reference output

SCP-permission-denied-error
scp-permission-denied-solutions

To resolve these error – perform below mentioned steps-

Solution 1 :- Double check your user and password

Please make sure, you have mentioned correct username and password in the command. This is one of the very basic mistakes, we do. So, you can try writing your password in notepad, copy and paste it in command prompt. When asked during SCP command.

i have validated username and password is correct in my case.

Solution 2 :- Check for remote path

Make sure, the path you have mentioned as the remote directory is correct. For example, in my case /remote-test is the remote directory and it’s correct.

Solution 3 :- Check for Read write access on remote directory

Double-check, whether your user mentioned in command have read-write (RW) access on the remote directory. For example, in my case “/remote-dir” must-have RW access to user “dev“.

Follow these steps to check –

-> Login to remote system (server2)

-> Run “ls” -ld command to check permissions of /remote-dir.

$ ls -ld "your-remote-dir"

Reference output

list-remote-directory-scp

So, if you will see in image, /remote-dir only allows read, write and execute (rwx) permission to root user only. For group and others, it has read and execute (r-x) permission. So my user “dev” will be treated as other, and it won’t be able to write. As a result, I am getting SCP permission denied error.

-> Now to resolve this error, assign Read-write-execute (rwx) permission to everyone.

$ sudo chmod 777 "path-to-your-remote-directory"

Reference output

chmod-777-to-resolve-scp-permission-denied-error

-> Run scp command again

scp-permission-denied-error-solved
Warning

Setting 777 permission on any directory is not secure. So once you are able to isolate the “SCP permission denied” issue. Either change ownership and set permission to 755.

If you are still facing permission denied error, move to next step

Solution 4 :- ownership issues (directory should be owned by user)

-> Login to your remote system (server2)

-> Change ownership of your remote directory for your user. For example, I will change ownership of /remote-dir to my user “dev” instead of “root“.

$ sudo chown -R dev:dev "path to your remote directory"

Reference output

change-ownership-files-directories

-> Run scp command and it must work for you

scp-permission-denied-fix

Solution 5 :- Diagnose problem with scp -v command

Try to use -v (verbose) option to diagnose the issue with scp command.

For example

$ scp -v /test/file1.txt dev@192.168.126.129:/remote-dir
output truncated -
debug1: Sending environment.
 debug1: Sending env LANG = en_IN
 debug1: Sending command: scp -v -t /remote-dir
 Sending file modes: C0644 0 file1.txt
 Sink: C0644 0 file1.txt
 scp: /remote-dir/file1.txt: Permission denied

Check message after scp -v -t command, if it shows permission denied, Follow solution 3 or 4 as described in the post. it will resolve your issue.

permission-denied-scp

Solution 6 :- Validate option -P is used for port not -p

When running SCP command Option -P is used to mention custom port, in case default port TCP 22 is not used. Sometimes, instead of -P, we use -p (lowercase) by mistake. For better understanding let me tell you the difference between these two –

  • -p (lowercase):- Preserve access, modification and modes from the original file.
  • -P (uppercase):- Specified customize port to connect remote host.

For example port 2314 is custom port instead of 22.

$ scp -P 2314  dev@192.168.126.129:/remote-dir/file1.txt /test/

SCP permission denied (publickey) – AWS EC2 instance

scp-permission-denied-ec2

Scenario 2-

Try below mentioned solution, in case of SCP permission denied (publickey) with AWS ec2 instance

If you have set up password-less authentication or you have permission key with you to authenticate remote system, you may encounter this error.

Have a check from Solution 1-6 mentioned in the post, if it doesn’t help move further –

Solution 7 :- Use -i option and provide “.pem” private key always

When you use SCP and don’t use -i option. It uses default ssh key under (~/.ssh/) directory. So always use -i option and provide the path to “.pem” key file.

For example “ubuntu.pem” is key file in my case.

$ scp -i ~/Desktop/ubuntu.pem ~/Desktop/test/code/www/index.html dev2@server:/var/www

Solution 8 :- if using permission key SSH is working but not SCP

If you are able to ssh to the remote host using -i option and not able to scp. It means you are hitting a bug.

So instead of using -i “path to .pem file”

$ scp -i ~/Desktop/ubuntu.pem ~/Desktop/test/code/www/index.html dev@server2:/var/www

use -o "IdentityFile" option.

$ scp -o IdentityFile ~/Desktop/ubuntu.pem ~/Desktop/test/code/www/index.html dev@server2:/var/www

Solution 9 :- Try removing your host entry from “known_hosts” file

Sometime, there may be issue due to old or incorrect host key. Delete that particular host from know_hosts file using editor or command as follows.

$ ssh-keygen -R hostname

or 

$ vim ~/.ssh/known_hosts

Frequently Asked Questions (FAQ’s)

FAQ-SCP

Can ssh but not SCP permission denied?

Answer
Run SCP command -vv option and try to debug the issue. Depending upon error, follow solution 1-9 mentioned in this post to resolve your issue.

Will SCP overwrite existing file?

Answer

Yes, SCP utility finds a file with the same name on target, and you have write permission on it. SCP command will overwrite it. You can change the permission of the target file or directory. So that SCP complaints about permission issue and can avoid overwriting. Alternatively, you can use rsync tool, which has a lot of options to sync data.

Does SCP copy or move?

Answer

SCP mean secure copy, as name suggest it only copy files or directories. There is no file movement occurs.

Why SCP is not working?

Answer

There may be many reasons if SCP is not working. check SCP “-vvv” option and try to debug, why it’s not working. I have given 9 solutions to tackle different permission denied errors. you can refer to them.

How do I know if SCP is working?

Answer

if the exit status of your command is “0 ” and you are able to copy your file or directory to remote host or AWS EC2 instance. You can be assured, SCP is working.

Why is permission denied error in Linux?

Answer

A lot of scenarios may be there for “permission denied error in Linux“. For example, if you don’t have read-write access on file or directory. Also, if you are trying to run a command which only root can run. You would need either root or sudo access to run these commands. For example, chmod or chown is one of these commands.

Video tutorial

If you need some video guidance. Check out this video on “SCP permission denied error“, The basic or common troubleshooting to start with.

x
scp permission denied error (Fixed) video
Conclusion

There is no limit to issues or errors when you are in the technical world or on the way of learning. But I think your question on “why am I getting permission denied with SCP” will be resolved, once you will read the solution mentioned in this post. One or other solution will resolve your issue depending upon error code.

I hope you will leave with smile on your face, once your permission denied issue during scp will get resolve.

See you soon in the next post. Till that time keep learning.

2 thoughts on “SCP permission denied error – [Solved]”

  1. Helllo ,
    when running below command in git bash :
    scp -r ./xyz/test_1/target/test.jar user@10.126.164.20:/home/desktop

    This is the error I am getting :
    scp: /home/desktop/test.jar: Permission denied

    after scp -v ( debug)
    scp -v -r ./xyz/test_1/target/test.jar user@10.126.164.20:/home/desktop

    $ debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
    debug1: channel 0: free: client-session, nchannels 1
    Transferred: sent 3428, received 4344 bytes, in 2.5 seconds
    Bytes per second: sent 1395.8, received 1768.7
    debug1: Exit status 1

    PLease let me know how to resolve this issue.

    1. Try copying “test.jar” to /tmp folder of the destination host (10.126.164.20). If it’s working, then it is a problem with permission on /home/desktop directory on your remote host. Try changing permission to 777 (remote directory) to test and see if it works. You can also debug more with SCP -vvv command.

Comments are closed.