Performs file transfer operations with another hardserver using an interface compatible with rcp.

Each non-option argument can have the form HOST:PATH where HOST is the dotted decimal IPv4 address, or colon-separated hexadecimal IPv6 address, or DNS name of the target machine; and PATH is the location of the file or directory to be copied. IPv6 addresses must be surrounded by square brackets.

If the filename contains an unquoted *, ?, or [, it’s considered to be a glob pattern; in this case, DESTINATION must be a directory.

Option Description

-a, --append

Appends to destination file. Implies --force.

-f, --force

Overwrites files that exist at the destination.

-k, --use-kneti

Uses a local module KNETI to authenticate this client to the remote server. If this option is not specified, the hardserver’s software KNETI is used instead.

-P, --port=PORT

Sets the port through which to connect to the remote server.
Default: 9004.


Specifies the ESN of the nToken to be used to authenticate the remote hardserver. Cannot be specified without the corresponding remote KNETI hash option.


Specifies the KNETI hash to authenticate the remote hardserver.

-s, --sync

Accepts less performance for greater reliability.

-t, --text

Converts line endings for locally read files.


Moves all source arguments to DIRECTORY.

Option to address HSMs

-m, --module=MODULE

Specifies the number of the module use KNETI to use. This option is ignored unless --use-kneti has been used as well.
If you only have one module, <MODULE> is 1.
Default: 1.

Help options

-h, --help

Displays help for nfcp.

-u, --usage

Displays a brief usage summary for nfcp.

-v, --version

Displays the version number of the Security World Software that deploys nfcp.

-V, --verbose

Shows more information on copy progress.