Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 1 | SFTP(1) General Commands Manual SFTP(1) |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 2 | |
| 3 | NAME |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 4 | sftp M-bM-^@M-^S secure file transfer program |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 5 | |
| 6 | SYNOPSIS |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 7 | sftp [-1246aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher] |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 8 | [-D sftp_server_path] [-F ssh_config] [-i identity_file] [-l limit] |
| 9 | [-o ssh_option] [-P port] [-R num_requests] [-S program] |
| 10 | [-s subsystem | sftp_server] host |
| 11 | sftp [user@]host[:file ...] |
| 12 | sftp [user@]host[:dir[/]] |
| 13 | sftp -b batchfile [user@]host |
| 14 | |
| 15 | DESCRIPTION |
| 16 | sftp is an interactive file transfer program, similar to ftp(1), which |
| 17 | performs all operations over an encrypted ssh(1) transport. It may also |
| 18 | use many features of ssh, such as public key authentication and |
| 19 | compression. sftp connects and logs into the specified host, then enters |
| 20 | an interactive command mode. |
| 21 | |
| 22 | The second usage format will retrieve files automatically if a non- |
| 23 | interactive authentication method is used; otherwise it will do so after |
| 24 | successful interactive authentication. |
| 25 | |
| 26 | The third usage format allows sftp to start in a remote directory. |
| 27 | |
| 28 | The final usage format allows for automated sessions using the -b option. |
| 29 | In such cases, it is necessary to configure non-interactive |
| 30 | authentication to obviate the need to enter a password at connection time |
| 31 | (see sshd(8) and ssh-keygen(1) for details). |
| 32 | |
| 33 | Since some usage formats use colon characters to delimit host names from |
| 34 | path names, IPv6 addresses must be enclosed in square brackets to avoid |
| 35 | ambiguity. |
| 36 | |
| 37 | The options are as follows: |
| 38 | |
| 39 | -1 Specify the use of protocol version 1. |
| 40 | |
| 41 | -2 Specify the use of protocol version 2. |
| 42 | |
| 43 | -4 Forces sftp to use IPv4 addresses only. |
| 44 | |
| 45 | -6 Forces sftp to use IPv6 addresses only. |
| 46 | |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 47 | -a Attempt to continue interrupted transfers rather than overwriting |
| 48 | existing partial or complete copies of files. If the partial |
| 49 | contents differ from those being transferred, then the resultant |
| 50 | file is likely to be corrupt. |
| 51 | |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 52 | -B buffer_size |
| 53 | Specify the size of the buffer that sftp uses when transferring |
| 54 | files. Larger buffers require fewer round trips at the cost of |
| 55 | higher memory consumption. The default is 32768 bytes. |
| 56 | |
| 57 | -b batchfile |
| 58 | Batch mode reads a series of commands from an input batchfile |
| 59 | instead of stdin. Since it lacks user interaction it should be |
| 60 | used in conjunction with non-interactive authentication. A |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 61 | batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may be used to indicate standard input. sftp |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 62 | will abort if any of the following commands fail: get, put, |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 63 | reget, reput, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, |
| 64 | chown, chgrp, lpwd, df, symlink, and lmkdir. Termination on |
| 65 | error can be suppressed on a command by command basis by |
| 66 | prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y character (for example, -rm |
| 67 | /tmp/blah*). |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 68 | |
| 69 | -C Enables compression (via ssh's -C flag). |
| 70 | |
| 71 | -c cipher |
| 72 | Selects the cipher to use for encrypting the data transfers. |
| 73 | This option is directly passed to ssh(1). |
| 74 | |
| 75 | -D sftp_server_path |
| 76 | Connect directly to a local sftp server (rather than via ssh(1)). |
| 77 | This option may be useful in debugging the client and server. |
| 78 | |
| 79 | -F ssh_config |
| 80 | Specifies an alternative per-user configuration file for ssh(1). |
| 81 | This option is directly passed to ssh(1). |
| 82 | |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 83 | -f Requests that files be flushed to disk immediately after |
| 84 | transfer. When uploading files, this feature is only enabled if |
| 85 | the server implements the "fsync@openssh.com" extension. |
| 86 | |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 87 | -i identity_file |
| 88 | Selects the file from which the identity (private key) for public |
| 89 | key authentication is read. This option is directly passed to |
| 90 | ssh(1). |
| 91 | |
| 92 | -l limit |
| 93 | Limits the used bandwidth, specified in Kbit/s. |
| 94 | |
| 95 | -o ssh_option |
| 96 | Can be used to pass options to ssh in the format used in |
| 97 | ssh_config(5). This is useful for specifying options for which |
| 98 | there is no separate sftp command-line flag. For example, to |
| 99 | specify an alternate port use: sftp -oPort=24. For full details |
| 100 | of the options listed below, and their possible values, see |
| 101 | ssh_config(5). |
| 102 | |
| 103 | AddressFamily |
| 104 | BatchMode |
| 105 | BindAddress |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 106 | CanonicalDomains |
| 107 | CanonicalizeFallbackLocal |
| 108 | CanonicalizeHostname |
| 109 | CanonicalizeMaxDots |
| 110 | CanonicalizePermittedCNAMEs |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 111 | ChallengeResponseAuthentication |
| 112 | CheckHostIP |
| 113 | Cipher |
| 114 | Ciphers |
| 115 | Compression |
| 116 | CompressionLevel |
| 117 | ConnectionAttempts |
| 118 | ConnectTimeout |
| 119 | ControlMaster |
| 120 | ControlPath |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 121 | ControlPersist |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 122 | GlobalKnownHostsFile |
| 123 | GSSAPIAuthentication |
| 124 | GSSAPIDelegateCredentials |
| 125 | HashKnownHosts |
| 126 | Host |
| 127 | HostbasedAuthentication |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 128 | HostbasedKeyTypes |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 129 | HostKeyAlgorithms |
| 130 | HostKeyAlias |
| 131 | HostName |
| 132 | IdentityFile |
| 133 | IdentitiesOnly |
| 134 | IPQoS |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 135 | KbdInteractiveAuthentication |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 136 | KbdInteractiveDevices |
| 137 | KexAlgorithms |
| 138 | LogLevel |
| 139 | MACs |
| 140 | NoHostAuthenticationForLocalhost |
| 141 | NumberOfPasswordPrompts |
| 142 | PasswordAuthentication |
| 143 | PKCS11Provider |
| 144 | Port |
| 145 | PreferredAuthentications |
| 146 | Protocol |
| 147 | ProxyCommand |
| 148 | PubkeyAuthentication |
| 149 | RekeyLimit |
| 150 | RhostsRSAAuthentication |
| 151 | RSAAuthentication |
| 152 | SendEnv |
| 153 | ServerAliveInterval |
| 154 | ServerAliveCountMax |
| 155 | StrictHostKeyChecking |
| 156 | TCPKeepAlive |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 157 | UpdateHostKeys |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 158 | UsePrivilegedPort |
| 159 | User |
| 160 | UserKnownHostsFile |
| 161 | VerifyHostKeyDNS |
| 162 | |
| 163 | -P port |
| 164 | Specifies the port to connect to on the remote host. |
| 165 | |
| 166 | -p Preserves modification times, access times, and modes from the |
| 167 | original files transferred. |
| 168 | |
| 169 | -q Quiet mode: disables the progress meter as well as warning and |
| 170 | diagnostic messages from ssh(1). |
| 171 | |
| 172 | -R num_requests |
| 173 | Specify how many requests may be outstanding at any one time. |
| 174 | Increasing this may slightly improve file transfer speed but will |
| 175 | increase memory usage. The default is 64 outstanding requests. |
| 176 | |
| 177 | -r Recursively copy entire directories when uploading and |
| 178 | downloading. Note that sftp does not follow symbolic links |
| 179 | encountered in the tree traversal. |
| 180 | |
| 181 | -S program |
| 182 | Name of the program to use for the encrypted connection. The |
| 183 | program must understand ssh(1) options. |
| 184 | |
| 185 | -s subsystem | sftp_server |
| 186 | Specifies the SSH2 subsystem or the path for an sftp server on |
| 187 | the remote host. A path is useful for using sftp over protocol |
| 188 | version 1, or when the remote sshd(8) does not have an sftp |
| 189 | subsystem configured. |
| 190 | |
| 191 | -v Raise logging level. This option is also passed to ssh. |
| 192 | |
| 193 | INTERACTIVE COMMANDS |
| 194 | Once in interactive mode, sftp understands a set of commands similar to |
| 195 | those of ftp(1). Commands are case insensitive. Pathnames that contain |
| 196 | spaces must be enclosed in quotes. Any special characters contained |
| 197 | within pathnames that are recognized by glob(3) must be escaped with |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 198 | backslashes (M-bM-^@M-^X\M-bM-^@M-^Y). |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 199 | |
| 200 | bye Quit sftp. |
| 201 | |
| 202 | cd path |
| 203 | Change remote directory to path. |
| 204 | |
| 205 | chgrp grp path |
| 206 | Change group of file path to grp. path may contain glob(3) |
| 207 | characters and may match multiple files. grp must be a numeric |
| 208 | GID. |
| 209 | |
| 210 | chmod mode path |
| 211 | Change permissions of file path to mode. path may contain |
| 212 | glob(3) characters and may match multiple files. |
| 213 | |
| 214 | chown own path |
| 215 | Change owner of file path to own. path may contain glob(3) |
| 216 | characters and may match multiple files. own must be a numeric |
| 217 | UID. |
| 218 | |
| 219 | df [-hi] [path] |
| 220 | Display usage information for the filesystem holding the current |
| 221 | directory (or path if specified). If the -h flag is specified, |
| 222 | the capacity information will be displayed using "human-readable" |
| 223 | suffixes. The -i flag requests display of inode information in |
| 224 | addition to capacity information. This command is only supported |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 225 | on servers that implement the M-bM-^@M-^\statvfs@openssh.comM-bM-^@M-^] extension. |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 226 | |
| 227 | exit Quit sftp. |
| 228 | |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 229 | get [-afPpr] remote-path [local-path] |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 230 | Retrieve the remote-path and store it on the local machine. If |
| 231 | the local path name is not specified, it is given the same name |
| 232 | it has on the remote machine. remote-path may contain glob(3) |
| 233 | characters and may match multiple files. If it does and |
| 234 | local-path is specified, then local-path must specify a |
| 235 | directory. |
| 236 | |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 237 | If the -a flag is specified, then attempt to resume partial |
| 238 | transfers of existing files. Note that resumption assumes that |
| 239 | any partial copy of the local file matches the remote copy. If |
| 240 | the remote file contents differ from the partial local copy then |
| 241 | the resultant file is likely to be corrupt. |
| 242 | |
| 243 | If the -f flag is specified, then fsync(2) will be called after |
| 244 | the file transfer has completed to flush the file to disk. |
| 245 | |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 246 | If either the -P or -p flag is specified, then full file |
| 247 | permissions and access times are copied too. |
| 248 | |
| 249 | If the -r flag is specified then directories will be copied |
| 250 | recursively. Note that sftp does not follow symbolic links when |
| 251 | performing recursive transfers. |
| 252 | |
| 253 | help Display help text. |
| 254 | |
| 255 | lcd path |
| 256 | Change local directory to path. |
| 257 | |
| 258 | lls [ls-options [path]] |
| 259 | Display local directory listing of either path or current |
| 260 | directory if path is not specified. ls-options may contain any |
| 261 | flags supported by the local system's ls(1) command. path may |
| 262 | contain glob(3) characters and may match multiple files. |
| 263 | |
| 264 | lmkdir path |
| 265 | Create local directory specified by path. |
| 266 | |
| 267 | ln [-s] oldpath newpath |
| 268 | Create a link from oldpath to newpath. If the -s flag is |
| 269 | specified the created link is a symbolic link, otherwise it is a |
| 270 | hard link. |
| 271 | |
| 272 | lpwd Print local working directory. |
| 273 | |
| 274 | ls [-1afhlnrSt] [path] |
| 275 | Display a remote directory listing of either path or the current |
| 276 | directory if path is not specified. path may contain glob(3) |
| 277 | characters and may match multiple files. |
| 278 | |
| 279 | The following flags are recognized and alter the behaviour of ls |
| 280 | accordingly: |
| 281 | |
| 282 | -1 Produce single columnar output. |
| 283 | |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 284 | -a List files beginning with a dot (M-bM-^@M-^X.M-bM-^@M-^Y). |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 285 | |
| 286 | -f Do not sort the listing. The default sort order is |
| 287 | lexicographical. |
| 288 | |
| 289 | -h When used with a long format option, use unit suffixes: |
| 290 | Byte, Kilobyte, Megabyte, Gigabyte, Terabyte, Petabyte, |
| 291 | and Exabyte in order to reduce the number of digits to |
| 292 | four or fewer using powers of 2 for sizes (K=1024, |
| 293 | M=1048576, etc.). |
| 294 | |
| 295 | -l Display additional details including permissions and |
| 296 | ownership information. |
| 297 | |
| 298 | -n Produce a long listing with user and group information |
| 299 | presented numerically. |
| 300 | |
| 301 | -r Reverse the sort order of the listing. |
| 302 | |
| 303 | -S Sort the listing by file size. |
| 304 | |
| 305 | -t Sort the listing by last modification time. |
| 306 | |
| 307 | lumask umask |
| 308 | Set local umask to umask. |
| 309 | |
| 310 | mkdir path |
| 311 | Create remote directory specified by path. |
| 312 | |
| 313 | progress |
| 314 | Toggle display of progress meter. |
| 315 | |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 316 | put [-afPpr] local-path [remote-path] |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 317 | Upload local-path and store it on the remote machine. If the |
| 318 | remote path name is not specified, it is given the same name it |
| 319 | has on the local machine. local-path may contain glob(3) |
| 320 | characters and may match multiple files. If it does and |
| 321 | remote-path is specified, then remote-path must specify a |
| 322 | directory. |
| 323 | |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 324 | If the -a flag is specified, then attempt to resume partial |
| 325 | transfers of existing files. Note that resumption assumes that |
| 326 | any partial copy of the remote file matches the local copy. If |
| 327 | the local file contents differ from the remote local copy then |
| 328 | the resultant file is likely to be corrupt. |
| 329 | |
| 330 | If the -f flag is specified, then a request will be sent to the |
| 331 | server to call fsync(2) after the file has been transferred. |
| 332 | Note that this is only supported by servers that implement the |
| 333 | "fsync@openssh.com" extension. |
| 334 | |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 335 | If either the -P or -p flag is specified, then full file |
| 336 | permissions and access times are copied too. |
| 337 | |
| 338 | If the -r flag is specified then directories will be copied |
| 339 | recursively. Note that sftp does not follow symbolic links when |
| 340 | performing recursive transfers. |
| 341 | |
| 342 | pwd Display remote working directory. |
| 343 | |
| 344 | quit Quit sftp. |
| 345 | |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 346 | reget [-Ppr] remote-path [local-path] |
| 347 | Resume download of remote-path. Equivalent to get with the -a |
| 348 | flag set. |
| 349 | |
| 350 | reput [-Ppr] [local-path] remote-path |
| 351 | Resume upload of [local-path]. Equivalent to put with the -a |
| 352 | flag set. |
| 353 | |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 354 | rename oldpath newpath |
| 355 | Rename remote file from oldpath to newpath. |
| 356 | |
| 357 | rm path |
| 358 | Delete remote file specified by path. |
| 359 | |
| 360 | rmdir path |
| 361 | Remove remote directory specified by path. |
| 362 | |
| 363 | symlink oldpath newpath |
| 364 | Create a symbolic link from oldpath to newpath. |
| 365 | |
| 366 | version |
| 367 | Display the sftp protocol version. |
| 368 | |
| 369 | !command |
| 370 | Execute command in local shell. |
| 371 | |
| 372 | ! Escape to local shell. |
| 373 | |
| 374 | ? Synonym for help. |
| 375 | |
| 376 | SEE ALSO |
| 377 | ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3), |
| 378 | ssh_config(5), sftp-server(8), sshd(8) |
| 379 | |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 380 | T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- |
| 381 | filexfer-00.txt, January 2001, work in progress material. |
Greg Hartman | bd77cf7 | 2015-02-25 13:21:06 -0800 | [diff] [blame] | 382 | |
Adam Langley | d059297 | 2015-03-30 14:49:51 -0700 | [diff] [blame] | 383 | OpenBSD 5.7 January 30, 2015 OpenBSD 5.7 |