sftp

secure file transfer program

sftp [‑1246Cpqrv] [‑B buffer_size] [‑b batchfile] [‑c cipher] [‑D sftp_server_path] [‑F ssh_config] [‑i identity_file] [‑l limit] [‑o ssh_option] [‑P port] [‑R num_requests] [‑S program] [‑s subsystem|sftp_server] host

Performs all operations over an encrypted ssh(1) transport, also uses features of ssh, such as public key authentication and compression.

sftp [user@]host[:file] : retrieves files automatically.

sftp [user]host[:dir[/]] start in a remote directory.

sftp -b batchfile [user@]host : automated session.
          To supress the interactive entering of a password, configure non-interactive authentication ( .netrc ?)

IPv6 addresses must be enclosed in square brackets .

-p preserve times and modes from the original files transferred. Default not preserved!
-b file batch read commands from file, - specifies standard input.
Aborts on failure of: get, put, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp, lpwd, df, symlink, and lmkdir.
Termination on error can be suppressed by prefixing the command with - (Example: -rm /tmp/blah*).
-r recursively copy entire directories. Does not follow symbolic links
-C compression
-c cipher Selects the cipher to use for encrypting the data transfers.
-F ssh_config alternative configuration
-i identity_file from which the identity (private key) for public key authentication is read, passed to ssh(1).
-l limit limits the bandwidth, Kbit/s.
-o ssh_option Pass options to ssh in the format used in ssh_config, for which there is no separate sftp command-line flag.

For example, to specify an alternate port use: sftp -oPort=24.

For full details of the options listed below, and their possible values, see ssh_config(5).

AddressFamily
BatchMode
BindAddress
ChallengeResponseAuthentication
CheckHostIP
Cipher
Ciphers
Compression
CompressionLevel
ConnectionAttempts
ConnectTimeout
ControlMaster
ControlPath
ControlPersist
GlobalKnownHostsFile
GSSAPIAuthentication
GSSAPIDelegateCredentials
HashKnownHosts
Host
HostbasedAuthentication
HostKeyAlgorithms
HostKeyAlias
HostName
IdentityFile
IdentitiesOnly
IPQoS
KbdInteractiveAuthentication
KbdInteractiveDevices
KexAlgorithms
LogLevel
MACs
NoHostAuthenticationForLocalhost
NumberOfPasswordPrompts
PasswordAuthentication
PKCS11Provider
Port
PreferredAuthentications
Protocol
ProxyCommand
PubkeyAuthentication
RekeyLimit
RhostsRSAAuthentication
RSAAuthentication
SendEnv
ServerAliveInterval
ServerAliveCountMax
StrictHostKeyChecking
TCPKeepAlive
UsePrivilegedPort
User
UserKnownHostsFile
VerifyHostKeyDNS
-P port
-q quiet mode: disables progress meter as well as warning and diagnostic messages from ssh
-aattempt to continue interrupted transfers rather than overwriting existing partial or complete copies of files. If the partial contents differ from those being transferred, then the resultant file is likely to be corrupt!
-R num_requests Number of outstanding at any one time. default 64
-S program to use for the encrypted connection.
-s subsystem |
   sftp_server
SSH2 subsystem or the path for an sftp server on the remote host for using over protocol version 1, or when the remote sshd(8) does not have an sftp subsystem configured.
-1|-2 protocol version
-4|-6 Forces IPv4|IPV6 addresses only.
-B buffer_size when transferring files. Default : 32768 bytes.
-D ftp_srvr_path Connect directly to a local sftp server (rather than via ssh(1)). for debugging server.
-v Raise logging level, also passed to ssh.
Note that after debug1: Exit status 0 enter a to continue

INTERACTIVE COMMANDS

Commands are case insensitive.
Pathnames that contain spaces must be enclosed in quotes.
Any special characters contained within pathnames that are recognized by glob must be escaped with backslashes (\)
cd path Change remote directory
chgrp GID path Change group of file path to GID. path may contain glob(3) characters and may match multiple files.
grp must be a numeric GID.
chmod mode path Change mode (permissions) of file path to mode. path may contain glob(3) characters
chown own path Change owner of file path to own. path may contain glob(3) characters …
own must be a numeric UID.
progress Toggle display of progress meter.
ls [-1alhfnrSt] [path] remote directory listing of either path or the current directory if path is not specified.
path may contain glob(3) characters and may match multiple files.
-1 one column
-a all files are listed including those beginning with a dot ('.').
-l long format Display additional details including permissions and ownership information.
-h human format size, With a long format option, unit suffixes: Byte, Kilobyte, Megabyte, Gigabyte … in order to reduce the number of digits to four or fewer using powers of 2 for sizes (K=1024, M=1048576, etc.).
-n numerical user and group IDs
-f Do not sort the listing. The default sort order is lexicographical.
-r reverse the sort
-S size of file is sort key
-t time of last modification is sort key
get [-Ppr] remote-path [local-path] Retrieve the remote-path and store it locally . If local-path is not specified, it is given the same name it has on the remote machine. remote-path may contain glob characters and may match multiple files. If it does and local-path is specified, then local-path must specify a directory.

Must specify -P or -p to copy full file permissions and times .
With -r directories will be copied recursively. does not follow symbolic links

put [-Ppr] local-path [remote-path] Upload local-path and store it on the remote machine.
If remote path name is not specified, it is given the same name it has on the local machine.
local-path may contain glob(3) characters and may match multiple files. If it does and remote-path is specified, then remote-path must specify a directory.

If either the -P or -p flag is specified, then full file permissions and access times are copied too.

If the -r flag is specified then directories will be copied recursively. Note that sftp does not follow symbolic links when performing recursive transfers.

pwd Display remote working directory.
mkdir path Create remote directory specified by path.
lcd path Change local directory to path.
lmkdir path local mkdir
ln [-s] oldpath newpath link from oldpath to newpath.
With -s link is a symbolic , otherwise it is a hard link.
lls [options [path]] local ls. ls options may contain any flags supported by the local system's ls command.
path may contain glob(3) characters and may match multiple files.
df [-h] [path] Display usage information for the filesystem holding the current directory (or path if specified).
-h the capacity information will be displayed using "human-readable" suffixes.
lumask umask Set local umask to umask.
lpwd Display local working directory.
rename oldpath newpath Rename remote file from oldpath to newpath.
rm path Delete remote file specified by path.
rmdir path Remove remote directory specified by path.
symlink oldpath newpath Create a symbolic link from oldpath to newpath.
!command Execute command in local shell.
! Escape to local shell.
version
quit|bye|exit
?|help help.
/home/dman > sftp myuname@xxx.com
The authenticity of host 'xxx.com (179.197.999.93)' can't be established.
RSA key fingerprint is 3a:c4:63:5a:0b:51:4b:98:2f:e1:8a:79:e4:7a:99:d7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'xxx.com,179.197.999.93' (RSA) to the list of known hosts.
realger1@real-world-systems.com's password: 
Received message too long 1226858861
This is caused by miscellaneous output from the various login scrpts, profile,.profile,.bachrc, …
Use bc to convert integer code to hex (obase=16; 1226858861
4920616D ), then look up the ASCII characters
('I am' as in 'I am .profile , v1.26 called from …')
To see what the text is use /usr/bin/ssh dapie /bin/true > out.dat

sftp is included with the raspberryPi system

Omissions from most ftp programs

There does not seem to be any support for a .netrc file to provide user/password. Use ssh Host-based or Public key authentication.

SEE ALSO

ftp(1), ls(1), scp(1), ssh, ssh-add(1), ssh-keygen, glob(3), ssh_config(5), sftp-server(8), sshd(8)

ssh_config.html, Eample:ssh_config