What is an SCP server?
SCP, or secure copy protocol, is the means of securely transferring files between a local host and a remote host or between two remote hosts.
When we talk about an “SCP server,” we really mean “transferring data to an SSH server” which brings all the benefits of SSH’s security, encryption, and confidentiality along with it. As such, there’s no such thing as an SCP “server” per se. Rather, an SSH server is used to perform the file copy.
The best free SCP servers for Windows:
- SolarWinds Free SFTP and SCP Server EDITOR’S CHOICE A free SCP implementation for Windows from a leading network monitoring software producer. Get 100% free download.
- Files.com (FREE TRIAL) Implements SSH file transfers through SFTP and includes encrypted storage space as well.
- Bitvise An SFTP and SCP tool for Windows.
- FreeSSHd A free bundle of network utilities for Windows that includes SFTP.
- OpenSSH for Windows Text-based command-line tool for Windows that includes SCP.
- Cygwin for Windows Free SSH and SCP tool for Linux that has been adapted to run on windows.
- WinSCP Free file transfer client for Windows that implements SCP, SFTP, FTPS, FTP, WebDAV, and S3.
The best free SCP servers for Linux:
- OpenSSH SCP Server An SCP tool that is pre-installed on most Linux distros.
- Dropbear SCP Lightweight SCP server that is intended for use in embedded systems.
The best free SCP server for MacOS:
- MacOS native SCP Server An SCP server that is included in the Mac OS operating system.
SSH for SCP
SSH is the “Secure Shell,” which incorporates encryption to secure transmissions over unsecured networks. When implementing SCP, you need to create an SSH server. That service takes care of the extra security to make a standard network copy action into a Secure Copy transaction.
How does SCP compare to other file transfer protocols
There are many protocols that facilitate file transfers over the network. Some of the earlier ones that are still in use today are the File Transfer Protocol and the Trivial File Transfer Protocol (FTP and TFTP). Another, more secure method, is Secure Copy (SCP). While FTP can be made more secure by using Transport Layer Security (TLS), SCP is inherently more secure because it’s really just an SSH session used solely for transferring files. FTP with TLS/SSL is denoted as “FTPS.”
- 1 What is an SCP server?
- 2 SCP and SFTP: Secure Alternatives to FTP
- 3 Implementing an SCP Server
- 4 The best free SCP servers for Windows
- 5 The best free SCP servers for Linux
- 6 The best free SCP server for MacOS
- 7 Final words
SCP and SFTP: Secure Alternatives to FTP
Although FTP is still widely used on networks and the internet to this day, it is inherently insecure. Where login credentials are required for a session, the username and password are sent in plain text, meaning that any interceptor could read them.
SCP is one of the two secure alternatives for your FTP tasks. The other option is the Secure File Transfer Protocol (SFTP), also known as SSH FTP because, like SCP, it uses SSH for protection.
The Differences Between SCP and SFTP
The difference between SFTP and SCP is that the later is purely a file transfer system, whereas SFTP includes commands to query and change the remote computer’s directory structure.
FTP over SSH
To add to the confusion of secure FTP alternatives, you may also hear about “FTP over SSH.” This is more of a technique than a protocol. You open a standard FTP session within an SSH session, which is classified as “tunneling.” Once you understand that FTP requires two separate connections to form a session, you start to realize that FTP over SSH can soon get messy.
FTPS adds SSL
The FTPS methodology adds a procedure to include Secure Socket Layer (SSL) protection (replaced by Transport Layer Security) into an FTP session. This combination of protocols has security weaknesses, however, because the commands to begin security measures are sent in plain text and can be intercepted.
Substitute TFTP with SCP for Encryption
TFTP has no security measures at all and should only be used on physically secure private networks. You could substitute SCP for TFTP to add encryption to the distribution of configuration files on your network because it is a more lightweight secure file transfer system than SFTP.
Implementing an SCP Server
SCP gets its name from the Unix command
cp, which is commonly used to copy files. As Secure Copy was developed as “cp with encryption,” it is much easier to encounter it on Unix and Unix-like systems (Linux, Free BSD, and Linux variants). It is also usually implemented as a command. SCP servers, SCP utilities with graphical user interfaces, and SCP for Windows systems are very difficult to source. You can find it as a command in an SSH server package. So, in order to provide you with a list of SCP server options, we have also included SSH servers in this guide.
The best free SCP servers for Windows
SolarWinds maintains a comprehensive suite of IT tools which includes a combination SFTP/SCP Server. The application runs as a Windows service which means that its basic operation should be familiar to Windows systems administrators.
Unlike Linux-based SCP, SolarWinds SFTP/SCP Server supports the creation of virtual users. These are user accounts which can be used to authenticate into the SCP server for the purpose of copying files. But, the accounts are not native Windows accounts and therefore don’t actually exist on the system. This provides a decent level of security. In the event that an SCP account credential was compromised, it could not be used to log in to the system directly as a user.
SolarWinds SFTP/SCP Server is our 1st Choice. It offers a graphical interface and is focused on SCP rather than being a general SSH server. The alternatives for Windows are either expensive or come from little-known suppliers, which introduces risk.
100% FREE Tool: solarwinds.com/free-tools/free-sftp-server/
Files.com is a cloud-based file management system that includes storage space for backup and filesharing, plus a file transfer system that involves sending a link to an uploaded file rather than the file itself.
File transfers between the on-premises desktops and the Files.com remote server are protected with SSH as SFTP or with TLS, using the FTPS method. Although Files.com doesn’t precisely implement SCP, it’s SFTP implementation offers all the functionality of SCP with some command access extras.
Files.com reduces much of the need to transfer files because it holds files, so a file that needs to be distributed to many destinations only needs to be uploaded once. Once the file is resident on the Files.com encryption-protected server, users can email or message a secure link to all of the intended recipients of the file instead of transferring it again and again.
File sharing support collaboration and it is even possible to use productivity software directly on the Files.com server. These measures remove the need to send copies of files around the business, reducing the need for file transfers even further.
Files.com will interface with a long list of widely available SSH file transfer clients that run on Windows, Mac OS, and Linux. The service is free for a month thanks to the Files.com 30-day free trial.
- SSH used for SFTP
- FTPS also available
- Encrypted storage space
Since both SFTP and SCP run over SSH, the Bitvise SSH server supports both of these secure file transfer protocols.
Bitvise allows the use of either Windows native user accounts or virtual users. This provides a great deal of flexibility because there’s no need to create full-blown Windows user accounts in order to provide ad-hoc access to secured file directories.
Bitvise also allows systems administrators to restrict connections to SCP only. In many SCP implementations, SCP access implies SSH (shell) access. This is not usually an issue with Unix-like operation systems because those systems have account-level security baked in. But, with Windows systems, this access can inadvertently lead to unintended access to things like Power Shell. With that in mind, Bitvise supports the ability to allow SCP access, but disallow basic shell access.
FreeSSHd is what it sounds like. It is a Free SSH daemon for Windows. In Unix parlance, a daemon is akin to a Windows service.
FreeSSHd can run on any Windows system newer than and including Windows NT 4 (which is pretty much all of them) and creates a very small memory and resource footprint. It supports virtual users and an easy-to-use interface to monitor, and start or stop the service.
Open SSH is the grandaddy of all SSH servers. It has been around since 1999 when it was first released as part of the OpenBSD operating system. Technically, OpenSSH is a suite of tools, but most of the heavy lifting is done by the Open SSH program. It was designed to be ported to other operating system and because of that, it is probably the most widely used SSH server on the planet. Bundled with SSH comes SCP, so Open SSH likely takes the lead in the SCP category as well.
The Microsoft Open SSH server is under development still, but there is a pre-release version available here (as of Oct 17, 2017). It will take some Windows administrator chops as it mainly requires Power Shell command-line skills to get it set up and working.
While it may be in pre-release now, Open SSH has such a strong lineage that it will likely become the defacto SCP server in Windows just as it is in other operating systems now.
*Most Linux systems administrators are aware of an application project named Cygwin. It’s also fair to say that almost nobody else has heard of it, however, many Windows systems administrators can probably benefit from Cygwin.
Cygwin is an open source project that provides a Windows DLL file which contains a really large amount of POSIX API functions. What does this mean? It means that many Linux applications can be recompiled to use Cygwin and therefore those applications can be run on Windows.
Cygwin is mentioned in this article because there are many Linux SSH and SCP servers that ostensibly are only available as Linux packages, but digging a little deeper often reveals that they also have Cygwin packages. Windows systems administrators that are comfortable with a Linux application of any sort should investigate if a Cygwin package is available.
WinSCP is a free file transfer utility that runs on Windows. As well as implementing SCP, the tool can also give you straight FTP. In addition, you can select to transfer your files with SFTP, FTPS, WebDAV, and S3.
The interface gives you a choice of layout. One is the classic “system to system” layout, shown above. The second layout option emulates the Windows Explorer look and feel. You don’t have to use the GUI interface because the application also works at the command line. The command-line version can be run through batch files, which opens up the opportunity of scheduling file transfers to run periodically. Utilities within the GUI interface give the option of syncing directories between hosts.
The tool can be set to save login credential and it can also work with authentication methods, such as Kerberos, to strengthen access security. The tool itself can be secured with a password to make it harder for malicious colleagues to break into remote sites by accessing your computer.
This is a nice piece of software that you will enjoy using. If you feel guilty about the developer toiling for nothing so that you can enjoy the utility, make a donation at the WinSCP site where you downloaded the program.
The best free SCP servers for Linux
Most Linux distributions come with Open SSH installed, although it usually is not running by default. You’ll likely have to start the Open SSH daemon to allow SSH connections which will, in turn, allow SCP file copies.
The package name in most cases is openssh-server.
$ apt-cache search openssh-server openssh-server - secure shell (SSH) server, for secure access from remote machines
Installing it should be as simple as running your package manager’s install command.
$apt-get install openssh-server
Once the server is installed and running, existing system users will be able to use an SCP client to connect, and copy files to and from directories on the server where they have read permissions.
Unlike FTP which is usually set up to allow multiple users access to the same set of upload and download directories, SSH drops users into their home directory by default. You may have to tweak your file system permissions if you would like your users to be able to access other directories on the server.
There may be situations where a full-blown SCP server is not feasible or desirable. In that case, smaller-footprint SCP servers such as Dropbear can help. Dropbear is aimed at embedded systems such as routers that may need SSH or SCP functionality but it can be used as an SCP server on any POSIX compliant platform.
System administrators wishing to customize Dropbear will need to have some moderate skills. Tasks such as disabling basic SSH, but leaving SCP functioning, will require modifications to the Dropbear makefile, and a recompile of the executable.
The best free SCP server for MacOS
1. macOS’s native SCP server
As a Unix-like operating system, macOS has native support for SSH and, therefore, SCP. To enable SSH on your macOS computer, navigate to System Preferences -> Sharing Applet and enable the Remote Login option. This will enable SSH for all the users on the machine.
There are a lot of reasons to choose SCP over FTP and FTPS, but fewer reasons to choose SCP over SFTP. Both SCP and SFTP are actually special types of SSH sessions so they provide the same pros and cons of a standard SSH shell session. In contrast FTP and FTPS are less secure, so if you’re running either of those types of servers, you should migrate to either SCP or SFTP.