SFTP or Secure File Transfer Protocol is a secure remote file transfer utility based on File Transfer Protocol (FTP).
FTP traffic is unencrypted and insecure which is why it has been mostly replaced by SFTP.
SFTP runs over SSH protocol by default on TCP port 22 and offers the same set of security and encryption capabilities as SSH. Default SSH daemon running as part of OpenSSH server on Linux systems supports basic features of SFTP protocol by default though there is separate dedicated software available like vsftpd which can be configured to get extra features and customizations.
In this article, we’ll cover the usage of SFTP from the command line. I’ll be using an Ubuntu system though commands listed here will work on any Linux system with sftp client.
Before getting into commands, you should know that SCP is getting deprecated and as an alternative, it’s good to get familiar with the SFTP command. You can do pretty much everything with SFTP that you do with SCP.
Copying files
SFTP can be used as a replacement for SCP (Secure Copy) command on some supported use cases. One such case is using SCP to push or pull files from a remote server in one go.
The syntax for uploading using the SCP command goes like this:
$ scp {local-path} {user}@{remote-host}:{remote-path}And for downloading like this:
$ scp {user}@{remote-host}:{remote-file-path} {local-path}Similarly, we can use the following sftp command syntax to upload files to a remote server:
$ sftp {user}@{host}:{remote-path} <<< $'put {local-path}'Below is one demo showing uploading of files using sftp as a one-liner:
$ sftp ftpuser@192.168.1.231:/home/ftpuser/remote_test_dir <<< $'put /home/abhisheknair/new_file'
ftpuser@192.168.1.231's password:
Connected to 192.168.1.231.
Changing to: /home/ftpuser/remote_test_dir
sftp> put /home/abhisheknair/new_file
Uploading /home/abhisheknair/new_file to /home/ftpuser/remote_test_dir/new_file
/home/abhisheknair/new_file 100% 9 7.2KB/s 00:00
$To download a file from a remote server, use the below command syntax:
$ sftp {user}@{remote-host}:{remote-file-name} {local-file-name}Here’s a demo of downloading a file in one line using sftp:
$ sftp ftpuser@192.168.1.231:/home/ftpuser/new_file1 /home/abhisheknair/new_local_dir
ftpuser@192.168.1.231's password:
Connected to 192.168.1.231.
Fetching /home/ftpuser/new_file1 to /home/abhisheknair/new_local_dir/new_file1
/home/ftpuser/new_file1 100% 12 3.6KB/s 00:00
$You may also exchange the SSH key for password-less authentication.
Connecting to an SFTP server
To initiate an SFTP connection, use sftp command with a username and remote host’s name or IP. Default TCP port 22 should be open for this to work or else explicitly specify the port using -oPort flag.
I’m connecting to an SFTP server with IP 192.168.1.231. The first time you connect to an SFTP server, you’ll be prompted to confirm the server fingerprint like SSH. Once confirmed by typing ‘yes‘ connection proceeds and prompts for a user’s password.
On a successful connection, you’ll be shown sftp> prompt.
$ sftp ftpuser@192.168.1.231
The authenticity of host '192.168.1.231 (192.168.1.231)' can't be established.
ECDSA key fingerprint is SHA256:k90E28Pfnjoiq1svFw18dA2mazweoCmR5Hqi8SH0mj0.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.1.231' (ECDSA) to the list of known hosts.
ftpuser@192.168.1.231's password:
Connected to 192.168.1.231.
sftp>Check Version
You can check the SFTP version using version command at sftp prompt.
sftp> version
SFTP protocol version 3
sftp>Getting Help
To get help about available commands and syntax for SFTP, use ‘?‘ or ‘help‘.
sftp> ?
Available commands:
bye Quit sftp
cd path Change remote directory to 'path'
chgrp [-h] grp path Change group of file 'path' to 'grp'
chmod [-h] mode path Change permissions of file 'path' to 'mode'
chown [-h] own path Change owner of file 'path' to 'own'
df [-hi] [path] Display statistics for current directory or
filesystem containing 'path'
exit Quit sftp
get [-afpR] remote [local] Download file
help Display this help text
lcd path Change local directory to 'path'
lls [ls-options [path]] Display local directory listing
lmkdir path Create local directory
ln [-s] oldpath newpath Link remote file (-s for symlink)
lpwd Print local working directory
ls [-1afhlnrSt] [path] Display remote directory listing
lumask umask Set local umask to 'umask'
mkdir path Create remote directory
progress Toggle display of progress meter
put [-afpR] local [remote] Upload file
pwd Display remote working directory
quit Quit sftp
reget [-fpR] remote [local] Resume download file
rename oldpath newpath Rename remote file
reput [-fpR] local [remote] Resume upload file
rm path Delete remote file
rmdir path Remove remote directory
symlink oldpath newpath Symlink remote file
version Show SFTP version
!command Execute 'command' in local shell
! Escape to local shell
? Synonym for help
sftp>Show Working Directory
When connected to a remote server, you can show the present working directory of the remote system using pwd command.
sftp> pwd
Remote working directory: /home/ftpuser
sftp>To show the local system’s present working directory use lpwd command.
sftp> lpwd
Local working directory: /home/abhisheknair
sftp>List Files
You can list files in the remote working directory using ls command.
sftp> ls
remote_file1 remote_file2 remote_file3 remote_test_dir
sftp>To list files in the local working directory, use lls command.
sftp> lls
bin file1 file2 file3 lib oci-scripts sys_info.sh test.tgz testdir
sftp>Switching Directories
Switching the remote working directory can be done using cd command. Refer example below:
sftp> pwd
Remote working directory: /home/ftpuser
sftp> ls
remote_file1 remote_file2 remote_file3 remote_test_dir
sftp> cd remote_test_dir
sftp> pwd
Remote working directory: /home/ftpuser/remote_test_dir
sftp>To switch local working directory, use lcd command. Below is a simple example to show usage of lcd.
sftp> lpwd
Local working directory: /home/abhisheknair
sftp> lls
bin file1 file2 file3 lib oci-scripts sys_info.sh test.tgz testdir
sftp> lcd testdir
sftp> lpwd
Local working directory: /home/abhisheknair/testdir
sftp>Upload Files
To upload a single file, use put command. See how I upload local file1 to remote working directory using put command. I can verify it using ls command which prints the content of remote working directory.
sftp> pwd
Remote working directory: /home/ftpuser
sftp> lpwd
Local working directory: /home/abhisheknair
sftp> ls
remote_file1 remote_file2 remote_file3 remote_test_dir
sftp> lls
bin file1 file2 file3 lib oci-scripts sys_info.sh test.tgz testdir
sftp> put file1
Uploading file1 to /home/ftpuser/file1
file1 100% 6 6.0KB/s 00:00
sftp> ls
file1 remote_file1 remote_file2 remote_file3 remote_test_dir
sftp>To upload multiple files in one go, we can use mput command as shown below. I use mput with a regular expression pattern file[23] which basically uploads file2 and file3 and skips file1 as it has already been uploaded in the previous step. You can use any wildcard or regular expression with mput.
sftp> pwd
Remote working directory: /home/ftpuser
sftp> lpwd
Local working directory: /home/abhisheknair
sftp> ls
file1 remote_file1 remote_file2 remote_file3 remote_test_dir
sftp> lls
bin file1 file2 file3 lib oci-scripts sys_info.sh test.tgz testdir
sftp> mput file[23]
Uploading file2 to /home/ftpuser/file2
file2 100% 6 6.5KB/s 00:00
Uploading file3 to /home/ftpuser/file3
file3 100% 6 5.3KB/s 00:00
sftp> ls
file1 file2 file3 remote_file1 remote_file2 remote_file3 remote_test_dir
sftp>Download Files
Single file using SFTP can be downloaded using get command. Here’s an example where I downloaded remote_file4 using sftp:
sftp> pwd
Remote working directory: /home/ftpuser/remote_test_dir
sftp> lpwd
Local working directory: /home/abhisheknair/testdir
sftp> ls
remote_file4
sftp> lls
file4
sftp> get remote_file4
Fetching /home/ftpuser/remote_test_dir/remote_file4 to remote_file4
/home/ftpuser/remote_test_dir/remote_file4 100% 13 5.2KB/s 00:00
sftp> lls
file4 remote_file4
sftp>To download multiples files, use <strong>mget</strong> command. I’m downloading here all files that matches pattern remote_file* in remote working directory to my local working directory. I finally use <strong>lls</strong> command to see the downloaded files.
sftp> pwd
Remote working directory: /home/ftpuser
sftp> lpwd
Local working directory: /home/abhisheknair/testdir
sftp> ls
remote_file1 remote_file2 remote_file3 remote_test_dir
sftp> lls
file4 remote_file4
sftp> mget remote_file*
Fetching /home/ftpuser/remote_file1 to remote_file1
/home/ftpuser/remote_file1 100% 12 5.9KB/s 00:00
Fetching /home/ftpuser/remote_file2 to remote_file2
/home/ftpuser/remote_file2 100% 13 5.8KB/s 00:00
Fetching /home/ftpuser/remote_file3 to remote_file3
/home/ftpuser/remote_file3 100% 13 7.3KB/s 00:00
sftp> lls
file4 remote_file1 remote_file2 remote_file3 remote_file4
sftp>Create Directory
A new directory can be created on a remote server using mkdir command.
sftp> pwd
Remote working directory: /home/ftpuser
sftp> ls
file1 file2 file3 remote_file1 remote_file2 remote_file3 remote_test_dir
sftp> mkdir new_dir
sftp> ls
file1 file2 file3 new_dir remote_file1 remote_file2 remote_file3 remote_test_dir
sftp>Similarly, if you want to create a new directory on local system’s current working directory from sftp prompt, use lmkdir command.
sftp> lpwd
Local working directory: /home/abhisheknair
sftp> lls
bin file1 file2 file3 lib oci-scripts sys_info.sh test.tgz testdir
sftp> lmkdir new_local_dir
sftp> lls
bin file1 file2 file3 lib new_local_dir oci-scripts sys_info.sh test.tgz testdir
sftp>Remove Directory
An empty remote directory can be removed using rmdir command. Do note that if it is not empty, you’ll get an error.
sftp> pwd
Remote working directory: /home/ftpuser
sftp> ls
file1 file2 file3 new_dir remote_file1 remote_file2 remote_file3 remote_test_dir
sftp> rmdir new_dir
sftp> ls
file1 file2 file3 remote_file1 remote_file2 remote_file3 remote_test_dir
sftp>Remove File
A remote file can be removed using rm command.
sftp> pwd
Remote working directory: /home/ftpuser
sftp> ls
file1 file2 file3 remote_file1 remote_file2 remote_file3 remote_test_dir
sftp> rm remote_file3
Removing /home/ftpuser/remote_file3
sftp> ls
file1 file2 file3 remote_file1 remote_file2 remote_test_dir
sftp>Rename File
A remote file can also be easily renamed using rename command.
sftp> pwd
Remote working directory: /home/ftpuser
sftp> ls
file1 file2 file3 remote_file1 remote_file2 remote_test_dir
sftp> rename remote_file1 new_file1
sftp> ls
file1 file2 file3 new_file1 remote_file2 remote_test_dir
sftp>Filesystem Usage
To display statistics for the current directory or filesystem containing ‘path’, use df command. We can use -h flag to show statistics in a human-readable format. Do note that the statistics shown are for the remote SFTP server’s respective filesystem and not the local machine’s filesystem.
sftp> df
Size Used Avail (root) %Capacity
17811456 1845472 15965984 15965984 10%
sftp> df -h
Size Used Avail (root) %Capacity
17.0GB 1.8GB 15.2GB 15.2GB 10%
sftp>Quit SFTP Session
To quit the SFTP session, use either bye, exit, or quit command. You’ll be returned to your OS prompt after exiting SFTP.
sftp> exit
$Conclusion
SFTP is one of the best options available which is secure as well as easy to use. It offers CLI as well as GUI features and is supported across different platforms. Refer sftp man page for further reading.
$ man sftpIf interested in learning more then check out this Udemy Linux Mastery course.