Can anyone monitor my ssh (scp) file transfers

Solution 1:

The SSH/SCP traffic will be practically impervious to snooping (presuming you validate server fingerprints the first time you're connecting to prevent man-in-the-middle shenanigans).

From an attackers point of view, it'll look a little like this XKCD comic:

http://xkcd.com/538/

Basically, an attacker will find it more useful to compromise the end points (perhaps by beating you with a $5 wrench) than to try to snoop the traffic itself.

Solution 2:

SCP is as secure as any other SSH based traffic, unless they're particularly talented and/or determined then your ISP or anyone else won't be able to tell what data you're sending at all, to them it'll look like just a hell of a lot of SSH traffic.

So I'm not saying it's impossible for them to know what you're up to (what are you up to? :) ) but it's improbable that they will.

Solution 3:

If you're using SSH, the data is encrypted. As long as your keys are secure, your data is secure. Anyone running a sniffer or netflow, etc, will only see that there's an SSH connection between the two IP addresses. The contents will be secure.

Now, you say "intercept", which I take to only mean "read" or possibly "hijack/inject." They could inject packets, but they won't decrypt into anything useful (to you or them.) They could block them, and you'd know about it right away.

What attack mode(s) are you concerned about?

Solution 4:

SSH is a fully encrypted protocol for point-to-point communication. They will see the source and the destination, but not the contents of the packets.

Secure Shell on Wikipedia

The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet.