Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SFTP(1)			    General Commands Manual		       SFTP(1)

NAME
       sftp - OpenSSH secure file transfer

SYNOPSIS
       sftp  [-46AaCfNpqrv]  [-B  buffer_size]	[-b batchfile] [-c cipher] [-D
       sftp_server_path] [-F ssh_config] [-i identity_file]  [-J  destination]
       [-l limit] [-o ssh_option] [-P port] [-R	num_requests] [-S program] [-s
       subsystem | sftp_server]	destination

DESCRIPTION
       sftp is a file transfer program,	similar	to ftp(1), which performs  all
       operations  over	 an  encrypted ssh(1) transport.  It may also use many
       features	of ssh,	such as	public key authentication and compression.

       The destination may be specified	either as [user@]host[:path] or	 as  a
       URI in the form sftp://[user@]host[:port][/path.]

       If the destination includes a path and it is not	a directory, sftp will
       retrieve	files automatically if a non-interactive authentication	method
       is used;	otherwise it will do so	after successful interactive authenti-
       cation.

       If no path is specified,	or if the path is a directory, sftp  will  log
       in  to  the specified host and enter interactive	command	mode, changing
       to the remote directory if one was  specified.	An  optional  trailing
       slash can be used to force the path to be interpreted as	a directory.

       Since  the  destination	formats	 use  colon characters to delimit host
       names from path names or	port numbers, IPv6 addresses must be  enclosed
       in square brackets to avoid ambiguity.

       The options are as follows:

       -4     Forces sftp to use IPv4 addresses	only.

       -6     Forces sftp to use IPv6 addresses	only.

       -A     Allows forwarding	of ssh-agent(1)	to the remote system.  The de-
	      fault is not to forward an authentication	agent.

       -a     Attempt to continue interrupted transfers	rather than  overwrit-
	      ing  existing  partial or	complete copies	of files.  If the par-
	      tial contents differ from	those being transferred, then the  re-
	      sultant file is likely to	be corrupt.

       -B buffer_size
	      Specify  the size	of the buffer that sftp	uses when transferring
	      files.  Larger buffers require fewer round trips at the cost  of
	      higher memory consumption.  The default is 32768 bytes.

       -b batchfile
	      Batch  mode  reads  a series of commands from an input batchfile
	      instead of stdin.	 Since it lacks	user interaction it should  be
	      used in conjunction with non-interactive authentication to obvi-
	      ate the need to enter a password at connection time (see sshd(8)
	      and ssh-keygen(1)	for details).

	      A	batchfile of `-' may be	used to	indicate standard input.  sftp
	      will abort if any	of the	following  commands  fail:  get,  put,
	      reget,  reput,  rename, ln, rm, mkdir, chdir, ls,	lchdir,	chmod,
	      chown, chgrp, lpwd, df, symlink, and lmkdir.

	      Termination on error can be suppressed on	a command  by  command
	      basis  by	 prefixing the command with a `-' character (for exam-
	      ple, -rm /tmp/blah* ).  Echo of the command may be suppressed by
	      prefixing	 the command with a `@'	character.  These two prefixes
	      may be combined in any order, for	example	-@ls /bsd.

       -C     Enables compression (via ssh's -C	flag).

       -c cipher
	      Selects the cipher to use	for  encrypting	 the  data  transfers.
	      This option is directly passed to	ssh(1).

       -D sftp_server_path
	      Connect directly to a local sftp server (rather than via ssh(1))
	      .	 This option may be useful in debugging	the client and server.

       -F ssh_config
	      Specifies	an alternative per-user	configuration file for ssh(1).
	      This option is directly passed to	ssh(1).

       -f     Requests	that files be flushed to disk immediately after	trans-
	      fer.  When uploading files, this feature is only enabled if  the
	      server implements	the "fsync@openssh.com"	extension.

       -i identity_file
	      Selects  the file	from which the identity	(private key) for pub-
	      lic key authentication is	read.  This option is directly	passed
	      to ssh(1).

       -J destination
	      Connect to the target host by first making an sftp connection to
	      the jump host described by destination and then  establishing  a
	      TCP forwarding to	the ultimate destination from there.  Multiple
	      jump hops	may be specified separated by comma characters.	  This
	      is  a  shortcut  to specify a ProxyJump configuration directive.
	      This option is directly passed to	ssh(1).

       -l limit
	      Limits the used bandwidth, specified in Kbit/s.

       -N     Disables quiet mode, e.g.	to override the	 implicit  quiet  mode
	      set by the -b flag.

       -o ssh_option
	      Can  be  used  to	 pass  options	to  ssh	 in the	format used in
	      ssh_config(5).  This is useful for specifying options for	 which
	      there  is	 no  separate sftp command-line	flag.  For example, to
	      specify an alternate port	use: sftp -oPort=24.  For full details
	      of  the  options	listed	below,	and their possible values, see
	      ssh_config(5).

       AddressFamily

       BatchMode

       BindAddress

       BindInterface

       CanonicalDomains

       CanonicalizeFallbackLocal

       CanonicalizeHostname

       CanonicalizeMaxDots

       CanonicalizePermittedCNAMEs

       CASignatureAlgorithms

       CertificateFile

       ChallengeResponseAuthentication

       CheckHostIP

       Ciphers

       Compression

       ConnectionAttempts

       ConnectTimeout

       ControlMaster

       ControlPath

       ControlPersist

       GlobalKnownHostsFile

       GSSAPIAuthentication

       GSSAPIDelegateCredentials

       HashKnownHosts

       Host

       HostbasedAuthentication

       HostbasedKeyTypes

       HostKeyAlgorithms

       HostKeyAlias

       Hostname

       IdentitiesOnly

       IdentityAgent

       IdentityFile

       IPQoS

       KbdInteractiveAuthentication

       KbdInteractiveDevices

       KexAlgorithms

       LogLevel

       MACs

       NoHostAuthenticationForLocalhost

       NumberOfPasswordPrompts

       PasswordAuthentication

       PKCS11Provider

       Port

       PreferredAuthentications

       ProxyCommand

       ProxyJump

       PubkeyAcceptedKeyTypes

       PubkeyAuthentication

       RekeyLimit

       SendEnv

       ServerAliveInterval

       ServerAliveCountMax

       SetEnv

       StrictHostKeyChecking

       TCPKeepAlive

       UpdateHostKeys

       User

       UserKnownHostsFile

       VerifyHostKeyDNS

       -P port
	      Specifies	the port to connect to on the remote host.

       -p     Preserves	modification times, access times, and modes  from  the
	      original files transferred.

       -q     Quiet  mode:  disables the progress meter	as well	as warning and
	      diagnostic messages from ssh(1).

       -R num_requests
	      Specify how many requests	may be outstanding at  any  one	 time.
	      Increasing  this	may  slightly  improve file transfer speed but
	      will increase memory usage.  The default is 256 outstanding  re-
	      quests providing for 8MB of outstanding data with	a 32KB buffer.

       -r     Recursively copy entire directories when uploading and download-
	      ing.  Note that sftp does	not follow symbolic links  encountered
	      in the tree traversal.

       -S program
	      Name  of	the  program to	use for	the encrypted connection.  The
	      program must understand ssh(1) options.

       -s subsystem | sftp_server
	      Specifies	the SSH2 subsystem or the path for an sftp  server  on
	      the  remote host.	 A path	is useful when the remote sshd(8) does
	      not have an sftp subsystem configured.

       -v     Raise logging level.  This option	is also	passed to ssh.

INTERACTIVE COMMANDS
       Once in interactive mode, sftp understands a set	of commands similar to
       those  of  ftp(1).  Commands are	case insensitive.  Pathnames that con-
       tain spaces must	be enclosed in quotes.	Any  special  characters  con-
       tained  within pathnames	that are recognized by glob(3) must be escaped
       with backslashes	(`\'.)

       bye    Quit sftp.

       cd [path]
	      Change remote directory to path.	If path	is not specified, then
	      change directory to the one the session started in.

       chgrp [-h] grp path
	      Change  group of file path to grp.  If the -h flag is specified,
	      then symlinks will not be	followed.  path	 may  contain  glob(7)
	      characters  and may match	multiple files.	 grp must be a numeric
	      GID.

       chmod [-h] mode path
	      Change permissions of file path to mode.	 If  the  -h  flag  is
	      specified, then symlinks will not	be followed.  path may contain
	      glob(7) characters and may match multiple	files.

       chown [-h] own path
	      Change owner of file path	to own.	 If the	-h flag	is  specified,
	      then  symlinks  will  not	be followed.  path may contain glob(7)
	      characters and may match multiple	files.	own must be a  numeric
	      UID.

       df [-hi]	[path]
	      Display usage information	for the	filesystem holding the current
	      directory	(or path if specified).	 If the	-h flag	is  specified,
	      the  capacity  information  will be displayed using "human-read-
	      able" suffixes.  The -i flag requests display of inode  informa-
	      tion  in addition	to capacity information.  This command is only
	      supported	on servers that	implement the  ``statvfs@openssh.com''
	      extension.

       exit   Quit sftp.

       get [-afpR] remote-path [local-path]
	      Retrieve	the remote-path	and store it on	the local machine.  If
	      the local	path name is not specified, it is given	the same  name
	      it  has  on the remote machine.  remote-path may contain glob(7)
	      characters and may match multiple	files.	If it does and	local-
	      path is specified, then local-path must specify a	directory.

	      If  the  -a  flag	 is  specified,	then attempt to	resume partial
	      transfers	of existing files.  Note that resumption assumes  that
	      any  partial copy	of the local file matches the remote copy.  If
	      the remote file contents differ from the partial local copy then
	      the resultant file is likely to be corrupt.

	      If  the -f flag is specified, then fsync(2) will be called after
	      the file transfer	has completed to flush the file	to disk.

	      If the -p	flag is	specified, then	full file permissions and  ac-
	      cess times are copied too.

	      If  the -R flag is specified then	directories will be copied re-
	      cursively.  Note that sftp does not follow symbolic  links  when
	      performing recursive transfers.

       help   Display help text.

       lcd [path]
	      Change  local directory to path.	If path	is not specified, then
	      change directory to the local user's home	directory.

       lls [ls-options [path]]
	      Display local directory listing of either	path or	current	direc-
	      tory if path is not specified.  ls-options may contain any flags
	      supported	by the local system's ls(1) command.  path may contain
	      glob(7) characters and may match multiple	files.

       lmkdir path
	      Create local directory specified by path.

       ln [-s] oldpath newpath
	      Create a link from oldpath to newpath.  If the -s	flag is	speci-
	      fied the created link is a symbolic link,	otherwise it is	a hard
	      link.

       lpwd   Print local working directory.

       ls [-1afhlnrSt] [path]
	      Display a	remote directory listing of either path	or the current
	      directory	if path	is not specified.  path	 may  contain  glob(7)
	      characters and may match multiple	files.

	      The following flags are recognized and alter the behaviour of ls
	      accordingly:

       -1     Produce single columnar output.

       -a     List files beginning with	a dot (`.'.)

       -f     Do not sort the listing.	The default sort order is lexicograph-
	      ical.

       -h     When  used  with	a long format option, use unit suffixes: Byte,
	      Kilobyte,	Megabyte, Gigabyte, Terabyte, Petabyte,	and Exabyte in
	      order to reduce the number of digits to four or fewer using pow-
	      ers of 2 for sizes (K=1024, M=1048576, etc.).

       -l     Display additional details including permissions	and  ownership
	      information.

       -n     Produce a	long listing with user and group information presented
	      numerically.

       -r     Reverse the sort order of	the listing.

       -S     Sort the listing by file size.

       -t     Sort the listing by last modification time.

       lumask umask
	      Set local	umask to umask.

       mkdir path
	      Create remote directory specified	by path.

       progress
	      Toggle display of	progress meter.

       put [-afpR] local-path [remote-path]
	      Upload local-path	and store it on	the remote  machine.   If  the
	      remote  path name	is not specified, it is	given the same name it
	      has on the local machine.	 local-path may	contain	glob(7)	 char-
	      acters and may match multiple files.  If it does and remote-path
	      is specified, then remote-path must specify a directory.

	      If the -a	flag is	specified,  then  attempt  to  resume  partial
	      transfers	 of existing files.  Note that resumption assumes that
	      any partial copy of the remote file matches the local copy.   If
	      the  local  file contents	differ from the	remote local copy then
	      the resultant file is likely to be corrupt.

	      If the -f	flag is	specified, then	a request will be sent to  the
	      server  to  call	fsync(2)  after	the file has been transferred.
	      Note that	this is	only supported by servers that	implement  the
	      "fsync@openssh.com" extension.

	      If  the -p flag is specified, then full file permissions and ac-
	      cess times are copied too.

	      If the -R	flag is	specified then directories will	be copied  re-
	      cursively.   Note	 that sftp does	not follow symbolic links when
	      performing recursive transfers.

       pwd    Display remote working directory.

       quit   Quit sftp.

       reget [-fpR] remote-path	[local-path]
	      Resume download of remote-path.  Equivalent to get with  the  -a
	      flag set.

       reput [-fpR] local-path [remote-path]
	      Resume upload of local-path.  Equivalent to put with the -a flag
	      set.

       rename oldpath newpath
	      Rename remote file from oldpath to newpath.

       rm path
	      Delete remote file specified by path.

       rmdir path
	      Remove remote directory specified	by path.

       symlink oldpath newpath
	      Create a symbolic	link from oldpath to newpath.

       version
	      Display the sftp protocol	version.

       ! Ns command
	      Execute command in local shell.

       !      Escape to	local shell.

       ?      Synonym for help.

SEE ALSO
       ftp(1), ls(1),  scp(1),	ssh(1),	 ssh-add(1),  ssh-keygen(1),  ssh_con-
       fig(5), glob(7),	sftp-server(8),	sshd(8)

       S.  Lehtinen  and  T.  Ylonen,  SSH File	Transfer Protocol, draft-ietf-
       secsh-filexfer-00.txt, January 2001, work in progress material.

				August 3 2020			       SFTP(1)

NAME | SYNOPSIS | DESCRIPTION | INTERACTIVE COMMANDS | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=sftp&sektion=1&manpath=FreeBSD+Ports+13.0>

home | help