In my view "SCP permission denied" error, is the most common error in the world of Linux. So, whether you are Linux admin or newbie, Every one of us would have encountered this error. At least, once in a lifetime, that I can bet.
As a Linux user for many years. I have faced this issue during SCP and SSH operations. So I am sure, if you will land on this page, you will get the solution to all your "permission denied error in Linux". Below mentioned are the samples of a few errors, you generally encounter. I am sure, at least one of the 9 solutions provided in this post will help you to resolve these issues.
- SCP permission denied
- SCP permission denied (publickey)
- Saving key ".ssh/id_rsa" failed: permission denied when SCP
- SCP permission denied ec2
- SCP permission denied AWS
- SCP permission denied, please try again
- SCP permission denied (publickey gssapi-keyex gssapi-with-mic)
- SCP permission denied (publickey). lost connection
Before explaining anything, Let me tell you all these problems occurs during file copy using SCP. So let's understand about SCP utility first -
Table of Contents
What is SCP file transfer?
SCP stands for Secure copy. This program helps in copying a file or folder between two computers securely, whether local or remote. it uses SSH (secure shell) protocol in background. Additionally, The data and password are encrypted to secure sensitive information.
Using scp, you have option of file or directory copy between -
- Local to the local system
- Remote system to local system
- Local system to remote system
- Local system to AWS EC2 instance
How do you SCP?
There are a lot of options and switches to use with SCP command. Let me show you some basic commands, just to give you some understanding of SCP.
$ scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P port] [-S program] [[user@]host1:]file1 … [[user@]host2:]file2
- Visit scp man page for more information on options or syntax.
$ man scp
How to Copy local files to remote host with SCP
$ scp file user@host:path
Host :- can be IP address or hostname of remote system
: (colon) :- helps scp to identify remote host
Username:- on remote host
SSH key or password :- is required to copy file using scp
Path :- Absolute or relative path for local file or directory
For example -
$ scp test.txt user1@ubuntu:/tmp
Copy Remote file to local host
$ scp user@host:file path
How to Copy directories to local host using SCP
$ scp -r user@host:directory_path path
Copy file between two remote hosts
$ scp user1@host1:file1.txt user2@host1:directory_path
Now when you know, what are basic scp commands. Time to know about public key authentication-
SCP requires a password to authenticate to the remote system. But in case you want to avoid it or using SCP in scripts, Public key is required.
Basically, you generate a public-private key pair on the client (local) and copy the public key to a remote system (server) into the authorized key.
To make you understand scp commands easily, i have shared my LAB details
Lab setup details -
Local server name - Server1 (Ubuntu 18.04)
Remote server name - Server2 (Ubuntu 20.04)
Source file - /test/file1.txt
Target directory - /remote-test
username - dev
SCP permission denied issue
I am trying to copy /test/file1.txt from server1 (local) to server2 (remote) in /remote-test directory. I am also getting permission denied.
$ scp "local-file" "user@remote-host:/path-to-remote-dir"
To resolve these error - perform below mentioned steps-
Solution 1 :- Double check your user and password
Please make sure, you have mentioned correct username and password in the command. This is one of the very basic mistakes, we do. So, you can try writing your password in notepad, copy and paste it in command prompt. When asked during SCP command.
i have validated username and password is correct in my case.
Solution 2 :- Check for remote path
Make sure, the path you have mentioned as the remote directory is correct. For example, in my case /remote-test is the remote directory and it's correct.
Solution 3 :- Check for Read write access on remote directory
Double-check, whether your user mentioned in command have read-write (RW) access on the remote directory. For example, in my case "/remote-dir" must-have RW access to user "dev".
Follow these steps to check -
-> Login to remote system (server2)
-> Run "ls" -ld command to check permissions of /remote-dir.
$ ls -ld "your-remote-dir"
So, if you will see in image, /remote-dir only allows read, write and execute (rwx) permission to root user only. For group and others, it has read and execute (r-x) permission. So my user "dev" will be treated as other, and it won't be able to write. As a result, I am getting SCP permission denied error.
-> Now to resolve this error, assign Read-write-execute (rwx) permission to everyone.
$ sudo chmod 777 "path-to-your-remote-directory"
-> Run scp command again
If you are still facing permission denied error, move to next step
Solution 4 :- ownership issues (directory should be owned by user)
-> Login to your remote system (server2)
-> Change ownership of your remote directory for your user. For example, I will change ownership of /remote-dir to my user "dev" instead of "root".
$ sudo chown -R dev:dev "path to your remote directory"
-> Run scp command and it must work for you
Solution 5 :- Diagnose problem with scp -v command
Try to use -v (verbose) option to diagnose the issue with scp command.
$ scp -v /test/file1.txt firstname.lastname@example.org:/remote-dir output truncated - debug1: Sending environment. debug1: Sending env LANG = en_IN debug1: Sending command: scp -v -t /remote-dir Sending file modes: C0644 0 file1.txt Sink: C0644 0 file1.txt scp: /remote-dir/file1.txt: Permission denied
Check message after scp -v -t command, if it shows permission denied, Follow solution 3 or 4 as described in the post. it will resolve your issue.
Solution 6 :- Validate option -P is used for port not -p
When running SCP command Option -P is used to mention custom port, in case default port TCP 22 is not used. Sometimes, instead of -P, we use -p (lowercase) by mistake. For better understanding let me tell you the difference between these two -
- -p (lowercase):- Preserve access, modification and modes from the original file.
- -P (uppercase):- Specified customize port to connect remote host.
For example port 2314 is custom port instead of 22.
$ scp -P 2314 email@example.com:/remote-dir/file1.txt /test/
SCP permission denied (publickey) - AWS EC2 instance
Try below mentioned solution, in case of SCP permission denied (publickey) with AWS ec2 instance -
If you have set up password-less authentication or you have permission key with you to authenticate remote system, you may encounter this error.
Have a check from Solution 1-6 mentioned in the post, if it doesn't help move further -
Solution 7 :- Use -i option and provide ".pem" private key always
When you use SCP and don't use -i option. It uses default ssh key under (
~/.ssh/) directory. So always use -i option and provide the path to ".pem" key file.
For example "ubuntu.pem" is key file in my case.
$ scp -i ~/Desktop/ubuntu.pem ~/Desktop/test/code/www/index.html dev2@server:/var/www
Solution 8 :- if using permission key SSH is working but not SCP
If you are able to ssh to the remote host using -i option and not able to scp. It means you are hitting a bug.
So instead of using -i "path to .pem file"
$ scp -i ~/Desktop/ubuntu.pem ~/Desktop/test/code/www/index.html dev@server2:/var/www
$ scp -o IdentityFile ~/Desktop/ubuntu.pem ~/Desktop/test/code/www/index.html dev@server2:/var/www
Solution 9 :- Try removing your host entry from "known_hosts" file
Sometime, there may be issue due to old or incorrect host key. Delete that particular host from know_hosts file using editor or command as follows.
$ ssh-keygen -R hostname or $ vim ~/.ssh/known_hosts
Frequently Asked Questions (FAQ's)
Can ssh but not SCP permission denied?
Run SCP command -vv option and try to debug the issue. Depending upon error, follow solution 1-9 mentioned in this post to resolve your issue.
Will SCP overwrite existing file?
Yes, SCP utility finds a file with the same name on target, and you have write permission on it. SCP command will overwrite it. You can change the permission of the target file or directory. So that SCP complaints about permission issue and can avoid overwriting. Alternatively, you can use rsync tool, which has a lot of options to sync data.
Does SCP copy or move?
SCP mean secure copy, as name suggest it only copy files or directories. There is no file movement occurs.
Why SCP is not working?
There may be many reasons if SCP is not working. check SCP "-vvv" option and try to debug, why it's not working. I have given 9 solutions to tackle different permission denied errors. you can refer to them.
How do I know if SCP is working?
if the exit status of your command is "0 " and you are able to copy your file or directory to remote host or AWS EC2 instance. You can be assured, SCP is working.
Why is permission denied error in Linux?
A lot of scenarios may be there for "permission denied error in Linux". For example, if you don't have read-write access on file or directory. Also, if you are trying to run a command which only root can run. You would need either root or sudo access to run these commands. For example, chmod or chown is one of these commands.
If you need some video guidance. Check out this video on "SCP permission denied error", The basic or common troubleshooting to start with.
There is no limit to issues or errors when you are in the technical world or on the way of learning. But I think your question on "why am I getting permission denied with SCP" will be resolved, once you will read the solution mentioned in this post. One or other solution will resolve your issue depending upon error code.
I hope you will leave with smile on your face, once your permission denied issue during scp will get resolve.
See you soon in the next post. Till that time keep learning.