pscp.exe

PuTTY Secure Copy (pscp.exe)

System UtilitySecure Copy over SSHLightweight CLI Tool

CPU Usage

N/A

Memory

N/A

Location

N/A

Publisher

N/A

Note

For mission-critical deployments, integrate pscp.exe into signed deployment pipelines and log transfers with verbose output for auditability.

Recommended Action

Use pscp.exe only from official PuTTY sources, verify host keys before first use, and prefer key-based authentication to avoid interactive prompts. Maintain updated antivirus and monitor scripts that invoke pscp.exe to ensure secure and reliable file transfers.

What is pscp.exe?

pscp.exe is a lightweight command-line utility from the PuTTY family that transfers files securely between Windows hosts and remote systems over SSH. It is typically invoked in scripts or during manual file copies, and it relies on SSH keys or passwords for authentication. Its footprint is small, and it exits once a transfer completes, making it suitable for automation and batch operations.

pscp.exe performs file transfers using the SCP/SFTP protocol via the PuTTY SSH engine. It does not install as a service; instead, it runs, transfers files, and terminates. Authentication supports password or key-based methods, with host key verification to protect against tampering.

Is pscp-exe Safe?

pscp.exe is a legitimate utility from the PuTTY suite designed for secure file transfers over SSH. When obtained from the official PuTTY project pages or trusted software repositories, it is safe to use for routine administration, backups, and scripted deployments. As with any command-line tool, safety hinges on the source, host trust settings, and proper credential handling. Do not run pscp.exe from untrusted downloads or unknown paths, and always verify signatures before execution to minimize risk.

Is pscp-exe a Virus?

PSCP is not a virus when sourced from the official PuTTY distribution or reputable software vendors. However, malware may masquerade under the same name or place executable files in deceptive directories. Always verify the file's location, digital signature, and hash before executing, and avoid running pscp.exe from temporary or user-writable folders without proper verification.

How to Verify Legitimacy

Check File Location: Ensure pscp.exe resides under a PuTTY installation path, such as C:\Program Files\PuTTY\pscp.exe or C:\PuTTY\pscp.exe, not in AppData or Temp folders.
Verify Digital Signature: Open file properties and confirm a valid signature from PuTTY or Simon Tatham, indicating official provenance.
Check File Hash: Compute SHA-256 and compare to the official value published by PuTTY; mismatches indicate tampering.
Scan for Malware: Run a current antivirus/EDR scan on the binary and its directory to detect related threats.

Red Flags: If pscp.exe appears in User or Temp directories, lacks a valid digital signature, or is accompanied by unusual child processes, treat as suspicious and isolate until verified.

Why is it Running?

Reasons it's running:

Active file transfer: A local to remote or remote to local copy is in progress, so the process remains active until the transfer completes.
Scripted automation: A batch file, PowerShell script, or CI/CD pipeline invokes pscp.exe to move files as part of deployment or backup tasks.
Key-based authentication: If a script uses an SSH key without interactive prompts, pscp.exe runs to perform the authenticated transfer.
Scheduled tasks: IT tasks or maintenance jobs may periodically call pscp.exe to synchronize directories or deliver artifacts.
Host key verification: pscp.exe may pause briefly to verify the remote host's SSH key on first connection, appearing to run longer during first use.

Can I Disable or Remove It?

Common Problems

Common Causes & Solutions

: Check network connectivity, remote host reachability, and firewall rules; verify that SCP/SFTP is allowed and the remote server responds to SSH.
: Verify credentials, ensure correct key path and permissions, and confirm that the remote host accepts the key or password used.
: Accept the remote host key on first connection or update known_hosts with the correct fingerprint; avoid trusting unknown servers.
: Double-check local source path and remote destination path; verify working directory and quoting for spaces in paths.
: Ensure the destination directory exists and permissions allow write operations; run with elevated privileges if required.
: Confirm the remote server supports SCP or SFTP; use appropriate options (-scp or -sftp) and ensure the server allows the protocol.

Frequently Asked Questions

What is pscp.exe and what does it do?

pscp.exe is the PuTTY Secure Copy client for Windows. It copies files securely over SSH using SCP or SFTP, invoked from the command line, and is commonly used in scripts and automated deployments.

Is pscp.exe safe to run on Windows?

Yes, when obtained from the official PuTTY sources or trusted repositories, pscp.exe is safe for file transfers. Verify signatures and avoid running from untrusted locations to reduce risk.

How do I install pscp.exe?

Install PuTTY or download the standalone pscp.exe from the PuTTY project page, then place pscp.exe in a folder included in your system PATH for easy access.

How do I copy a file to a remote server with pscp.exe?

Use a command like: pscp.exe localfile username@remote:/path/to/destination. Include any required options for key-based authentication, port, or verbose output as needed.

Why does pscp.exe prompt for a password even if I have a key?

If the key is not loaded or not accepted by the server, pscp.exe will prompt for a password. Ensure the private key is specified and the public key is present on the remote server.

Can I use pscp.exe with SFTP or only SCP?

pscp.exe supports SCP by default and can also perform SFTP-like transfers when used with compatible server configurations or via SSH, though its primary mode is SCP.