Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.4.6
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    EMS CLI Reference

    Home FortiClient 7.4.6 EMS CLI Reference
    7.4.6
    7.4.6
    7.4.5
    7.4.4

    execute scp

    execute scp

    copies files to/from a remote host using the SCP service

    For security reasons, you cannot freely transfer files from other hosts to EMS Virtual Appliance host using "scp", "ftp", or "sftp". You can only transfer files to/from an EMS Virtual Appliance by running the relevant commands from the EMS Virtual Appliance itself.

    Synopsis

    execute scp attempts to copy files to or from a remote host using the SCP service.

    If copying from a remote host to the local machine, include the --read flag; if copying from the local machine to a remote host, do not include the flag.

    Also include:

    • the local filepath (or local destination for a remote file) to the --local.file flag;
    • the remote filepath (or remote destination for a local file) to the --remote.file flag, and
    • any other --remote flags required to connect.

    Furthermore:

    • If writing to a remote host, the --local.file must be located in one of /exchange, /opt/forticlientems, or /var/log/forticlientems (or subfolders of these folders)
    • If reading from a remote host, --local.file must be located in either /exchange or /opt/forticlientems (or subfolders of these folders)
    execute scp [flags]

    Options

      -h, --help                     help for scp
      --local.file string        The /path/filename of the file to be copied (or destination of the file to be saved) on the local host. If no path is specified, the command will look for the file in the "/exchange" folder.
      --read                     Specifies that this command is to read a file from the remote host (rather than copy from)
      --remote.file string       The /path/filename of the file to be copied (or destination of the file to be saved) on the remote host. The remote filename on the target host can be different from the filename on your EMS Virtual Appliance. Examples: --remote.file "c:/workfolder/file20.txt" or --remote.file "/home/myuser/file20.txt"
      --remote.ip string         The IP of the remote host where the file will be copied to/from
      --remote.password string   The password for the remote user that will be used to connect to the remote host. If the password is not provided here, you will be prompted to enter the password when running the command.
      --remote.port int          If your SCP client is configured to use a different port than port 22, use the --remote.port option to specify the port. For example, --remote.port 3022
      --remote.user string       The user that will be used to connect to the remote host

    Examples

    • To transfer a file from the EMS Virtual Appliance to a Windows host (with SCP client service installed):
      emscli execute scp --remote.ip 172.10.10.10 --remote.user myuser --remote.file "c:/workfolder/file20.txt" --local.file file10.txt
    • To transfer a file (such as hotfix files from Fortinet support or public keys for migration from 7.2) from a Linux host (with SCP client service installed) to the EMS Virtual Appliance:
      emscli execute scp --read --remote.ip 172.10.10.10 --remote.user myuser --remote.file  "/home/myuser/file30.txt" --local.file file40.txt

    To collect EMS log and configuration files for troubleshooting, use the execute diagnostic command instead.

    See also

    • execute - for executing commands on the host
    • execute ftp - copies files to/from a remote host using the FTP service
    • execute sftp - copies files to/from a remote host using the SFTP service
    Previous
    Next

    execute scp

    execute scp

    copies files to/from a remote host using the SCP service

    For security reasons, you cannot freely transfer files from other hosts to EMS Virtual Appliance host using "scp", "ftp", or "sftp". You can only transfer files to/from an EMS Virtual Appliance by running the relevant commands from the EMS Virtual Appliance itself.

    Synopsis

    execute scp attempts to copy files to or from a remote host using the SCP service.

    If copying from a remote host to the local machine, include the --read flag; if copying from the local machine to a remote host, do not include the flag.

    Also include:

    • the local filepath (or local destination for a remote file) to the --local.file flag;
    • the remote filepath (or remote destination for a local file) to the --remote.file flag, and
    • any other --remote flags required to connect.

    Furthermore:

    • If writing to a remote host, the --local.file must be located in one of /exchange, /opt/forticlientems, or /var/log/forticlientems (or subfolders of these folders)
    • If reading from a remote host, --local.file must be located in either /exchange or /opt/forticlientems (or subfolders of these folders)
    execute scp [flags]

    Options

      -h, --help                     help for scp
      --local.file string        The /path/filename of the file to be copied (or destination of the file to be saved) on the local host. If no path is specified, the command will look for the file in the "/exchange" folder.
      --read                     Specifies that this command is to read a file from the remote host (rather than copy from)
      --remote.file string       The /path/filename of the file to be copied (or destination of the file to be saved) on the remote host. The remote filename on the target host can be different from the filename on your EMS Virtual Appliance. Examples: --remote.file "c:/workfolder/file20.txt" or --remote.file "/home/myuser/file20.txt"
      --remote.ip string         The IP of the remote host where the file will be copied to/from
      --remote.password string   The password for the remote user that will be used to connect to the remote host. If the password is not provided here, you will be prompted to enter the password when running the command.
      --remote.port int          If your SCP client is configured to use a different port than port 22, use the --remote.port option to specify the port. For example, --remote.port 3022
      --remote.user string       The user that will be used to connect to the remote host

    Examples

    • To transfer a file from the EMS Virtual Appliance to a Windows host (with SCP client service installed):
      emscli execute scp --remote.ip 172.10.10.10 --remote.user myuser --remote.file "c:/workfolder/file20.txt" --local.file file10.txt
    • To transfer a file (such as hotfix files from Fortinet support or public keys for migration from 7.2) from a Linux host (with SCP client service installed) to the EMS Virtual Appliance:
      emscli execute scp --read --remote.ip 172.10.10.10 --remote.user myuser --remote.file  "/home/myuser/file30.txt" --local.file file40.txt

    To collect EMS log and configuration files for troubleshooting, use the execute diagnostic command instead.

    See also

    • execute - for executing commands on the host
    • execute ftp - copies files to/from a remote host using the FTP service
    • execute sftp - copies files to/from a remote host using the SFTP service
    Previous
    Next