1SFTP(1) BSD General Commands Manual SFTP(1)
2
4 sftp — secure file transfer program
5
7 sftp [-1246aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher]
8 [-D sftp_server_path] [-F ssh_config] [-i identity_file] [-l limit]
9 [-o ssh_option] [-P port] [-R num_requests] [-S program]
10 [-s subsystem | sftp_server] host
11 sftp [user@]host[:file ...]
12 sftp [user@]host[:dir[/]]
13 sftp -b batchfile [user@]host
14
16 sftp is an interactive file transfer program, similar to ftp(1), which
17 performs all operations over an encrypted ssh(1) transport. It may also
18 use many features of ssh, such as public key authentication and compres‐
19 sion. sftp connects and logs into the specified host, then enters an
20 interactive command mode.
21 The second usage format will retrieve files automatically if a non-inter‐
23 active authentication method is used; otherwise it will do so after suc‐
24 cessful interactive authentication.
25 The third usage format allows sftp to start in a remote directory.
27 The final usage format allows for automated sessions using the -b option.
29 In such cases, it is necessary to configure non-interactive authentica‐
30 tion to obviate the need to enter a password at connection time (see
31 sshd(8) and ssh-keygen(1) for details).
32 Since some usage formats use colon characters to delimit host names from
34 path names, IPv6 addresses must be enclosed in square brackets to avoid
35 ambiguity.
36 The options are as follows:
38 -1 Specify the use of protocol version 1.
40 -2 Specify the use of protocol version 2.
42 -4 Forces sftp to use IPv4 addresses only.
44 -6 Forces sftp to use IPv6 addresses only.
46 -a Attempt to continue interrupted transfers rather than overwriting
48 existing partial or complete copies of files. If the partial
49 contents differ from those being transferred, then the resultant
50 file is likely to be corrupt.
51 -B buffer_size
53 Specify the size of the buffer that sftp uses when transferring
54 files. Larger buffers require fewer round trips at the cost of
55 higher memory consumption. The default is 32768 bytes.
56 -b batchfile
58 Batch mode reads a series of commands from an input batchfile
59 instead of stdin. Since it lacks user interaction it should be
60 used in conjunction with non-interactive authentication. A
61 batchfile of ‘-’ may be used to indicate standard input. sftp
62 will abort if any of the following commands fail: get, put,
63 reget, reput, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod,
64 chown, chgrp, lpwd, df, symlink, and lmkdir. Termination on
65 error can be suppressed on a command by command basis by prefix‐
66 ing the command with a ‘-’ character (for example, -rm
67 /tmp/blah*).
68 -C Enables compression (via ssh's -C flag).
70 -c cipher
72 Selects the cipher to use for encrypting the data transfers.
73 This option is directly passed to ssh(1).
74 -D sftp_server_path
76 Connect directly to a local sftp server (rather than via ssh(1)).
77 This option may be useful in debugging the client and server.
78 -F ssh_config
80 Specifies an alternative per-user configuration file for ssh(1).
81 This option is directly passed to ssh(1).
82 -f Requests that files be flushed to disk immediately after trans‐
84 fer. When uploading files, this feature is only enabled if the
85 server implements the "fsync@openssh.com" extension.
86 -i identity_file
88 Selects the file from which the identity (private key) for public
89 key authentication is read. This option is directly passed to
90 ssh(1).
91 -l limit
93 Limits the used bandwidth, specified in Kbit/s.
94 -o ssh_option
96 Can be used to pass options to ssh in the format used in
97 ssh_config(5). This is useful for specifying options for which
98 there is no separate sftp command-line flag. For example, to
99 specify an alternate port use: sftp -oPort=24. For full details
100 of the options listed below, and their possible values, see
101 ssh_config(5).
102 AddressFamily
104 BatchMode
105 BindAddress
106 CanonicalDomains
107 CanonicalizeFallbackLocal
108 CanonicalizeHostname
109 CanonicalizeMaxDots
110 CanonicalizePermittedCNAMEs
111 CertificateFile
112 ChallengeResponseAuthentication
113 CheckHostIP
114 Cipher
115 Ciphers
116 Compression
117 CompressionLevel
118 ConnectionAttempts
119 ConnectTimeout
120 ControlMaster
121 ControlPath
122 ControlPersist
123 GlobalKnownHostsFile
124 GSSAPIAuthentication
125 GSSAPIDelegateCredentials
126 HashKnownHosts
127 Host
128 HostbasedAuthentication
129 HostbasedKeyTypes
130 HostKeyAlgorithms
131 HostKeyAlias
132 HostName
133 IdentitiesOnly
134 IdentityAgent
135 IdentityFile
136 IPQoS
137 KbdInteractiveAuthentication
138 KbdInteractiveDevices
139 KexAlgorithms
140 LogLevel
141 MACs
142 NoHostAuthenticationForLocalhost
143 NumberOfPasswordPrompts
144 PasswordAuthentication
145 PKCS11Provider
146 Port
147 PreferredAuthentications
148 Protocol
149 ProxyCommand
150 ProxyJump
151 PubkeyAuthentication
152 RekeyLimit
153 RhostsRSAAuthentication
154 RSAAuthentication
155 SendEnv
156 ServerAliveInterval
157 ServerAliveCountMax
158 StrictHostKeyChecking
159 TCPKeepAlive
160 UpdateHostKeys
161 UsePrivilegedPort
162 User
163 UserKnownHostsFile
164 VerifyHostKeyDNS
165 -P port
167 Specifies the port to connect to on the remote host.
168 -p Preserves modification times, access times, and modes from the
170 original files transferred.
171 -q Quiet mode: disables the progress meter as well as warning and
173 diagnostic messages from ssh(1).
174 -R num_requests
176 Specify how many requests may be outstanding at any one time.
177 Increasing this may slightly improve file transfer speed but will
178 increase memory usage. The default is 64 outstanding requests.
179 -r Recursively copy entire directories when uploading and download‐
181 ing. Note that sftp does not follow symbolic links encountered
182 in the tree traversal.
183 -S program
185 Name of the program to use for the encrypted connection. The
186 program must understand ssh(1) options.
187 -s subsystem | sftp_server
189 Specifies the SSH2 subsystem or the path for an sftp server on
190 the remote host. A path is useful for using sftp over protocol
191 version 1, or when the remote sshd(8) does not have an sftp sub‐
192 system configured.
193 -v Raise logging level. This option is also passed to ssh.
195
197 Once in interactive mode, sftp understands a set of commands similar to
198 those of ftp(1). Commands are case insensitive. Pathnames that contain
199 spaces must be enclosed in quotes. Any special characters contained
200 within pathnames that are recognized by glob(3) must be escaped with
201 backslashes (‘\’).
202 bye Quit sftp.
204 cd path
206 Change remote directory to path.
207 chgrp grp path
209 Change group of file path to grp. path may contain glob(3) char‐
210 acters and may match multiple files. grp must be a numeric GID.
211 chmod mode path
213 Change permissions of file path to mode. path may contain
214 glob(3) characters and may match multiple files.
215 chown own path
217 Change owner of file path to own. path may contain glob(3) char‐
218 acters and may match multiple files. own must be a numeric UID.
219 df [-hi] [path]
221 Display usage information for the filesystem holding the current
222 directory (or path if specified). If the -h flag is specified,
223 the capacity information will be displayed using "human-readable"
224 suffixes. The -i flag requests display of inode information in
225 addition to capacity information. This command is only supported
226 on servers that implement the “statvfs@openssh.com” extension.
227 exit Quit sftp.
229 get [-afPpr] remote-path [local-path]
231 Retrieve the remote-path and store it on the local machine. If
232 the local path name is not specified, it is given the same name
233 it has on the remote machine. remote-path may contain glob(3)
234 characters and may match multiple files. If it does and
235 local-path is specified, then local-path must specify a direc‐
236 tory.
237 If the -a flag is specified, then attempt to resume partial
239 transfers of existing files. Note that resumption assumes that
240 any partial copy of the local file matches the remote copy. If
241 the remote file contents differ from the partial local copy then
242 the resultant file is likely to be corrupt.
243 If the -f flag is specified, then fsync(2) will be called after
245 the file transfer has completed to flush the file to disk.
246 If either the -P or -p flag is specified, then full file permis‐
248 sions and access times are copied too.
249 If the -r flag is specified then directories will be copied
251 recursively. Note that sftp does not follow symbolic links when
252 performing recursive transfers.
253 help Display help text.
255 lcd path
257 Change local directory to path.
258 lls [ls-options [path]]
260 Display local directory listing of either path or current direc‐
261 tory if path is not specified. ls-options may contain any flags
262 supported by the local system's ls(1) command. path may contain
263 glob(3) characters and may match multiple files.
264 lmkdir path
266 Create local directory specified by path.
267 ln [-s] oldpath newpath
269 Create a link from oldpath to newpath. If the -s flag is speci‐
270 fied the created link is a symbolic link, otherwise it is a hard
271 link.
272 lpwd Print local working directory.
274 ls [-1afhlnrSt] [path]
276 Display a remote directory listing of either path or the current
277 directory if path is not specified. path may contain glob(3)
278 characters and may match multiple files.
279 The following flags are recognized and alter the behaviour of ls
281 accordingly:
282 -1 Produce single columnar output.
284 -a List files beginning with a dot (‘.’).
286 -f Do not sort the listing. The default sort order is lexi‐
288 cographical.
289 -h When used with a long format option, use unit suffixes:
291 Byte, Kilobyte, Megabyte, Gigabyte, Terabyte, Petabyte,
292 and Exabyte in order to reduce the number of digits to
293 four or fewer using powers of 2 for sizes (K=1024,
294 M=1048576, etc.).
295 -l Display additional details including permissions and own‐
297 ership information.
298 -n Produce a long listing with user and group information
300 presented numerically.
301 -r Reverse the sort order of the listing.
303 -S Sort the listing by file size.
305 -t Sort the listing by last modification time.
307 lumask umask
309 Set local umask to umask.
310 mkdir path
312 Create remote directory specified by path.
313 progress
315 Toggle display of progress meter.
316 put [-afPpr] local-path [remote-path]
318 Upload local-path and store it on the remote machine. If the
319 remote path name is not specified, it is given the same name it
320 has on the local machine. local-path may contain glob(3) charac‐
321 ters and may match multiple files. If it does and remote-path is
322 specified, then remote-path must specify a directory.
323 If the -a flag is specified, then attempt to resume partial
325 transfers of existing files. Note that resumption assumes that
326 any partial copy of the remote file matches the local copy. If
327 the local file contents differ from the remote local copy then
328 the resultant file is likely to be corrupt.
329 If the -f flag is specified, then a request will be sent to the
331 server to call fsync(2) after the file has been transferred.
332 Note that this is only supported by servers that implement the
333 "fsync@openssh.com" extension.
334 If either the -P or -p flag is specified, then full file permis‐
336 sions and access times are copied too.
337 If the -r flag is specified then directories will be copied
339 recursively. Note that sftp does not follow symbolic links when
340 performing recursive transfers.
341 pwd Display remote working directory.
343 quit Quit sftp.
345 reget [-Ppr] remote-path [local-path]
347 Resume download of remote-path. Equivalent to get with the -a
348 flag set.
349 reput [-Ppr] [local-path] remote-path
351 Resume upload of [local-path]. Equivalent to put with the -a
352 flag set.
353 rename oldpath newpath
355 Rename remote file from oldpath to newpath.
356 rm path
358 Delete remote file specified by path.
359 rmdir path
361 Remove remote directory specified by path.
362 symlink oldpath newpath
364 Create a symbolic link from oldpath to newpath.
365 version
367 Display the sftp protocol version.
368 !command
370 Execute command in local shell.
371 ! Escape to local shell.
373 ? Synonym for help.
375
377 ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3),
378 ssh_config(5), sftp-server(8), sshd(8)
379 T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
381 filexfer-00.txt, January 2001, work in progress material.
382BSD June 21, 2019 BSD