sftp
secure file transfer program
sftp [‑1246Cpqrv] [‑B buffer_size] [‑b batchfile] [‑c cipher] [‑D sftp_server_path] [‑F ssh_config]
[‑i identity_file]
[‑l limit] [‑o ssh_option] [‑P port] [‑R num_requests] [‑S program] [‑s subsystem|sftp_server] host
| |
Performs all operations over an encrypted ssh(1) transport, uses features of ssh, such as public key authentication and compression.
sftp [user@]host[:file …]
: retrieves files
sftp [user]host[:dir[/]]
start in a remote directory.
sftp -b batchfile [user@]host
: automated session.
To supress the interactive entering of a password, configure non-interactive authentication ( -F configfile
)
IPv6 addresses must be enclosed in square brackets .
-p preserve times and modes from the original files transferred. Default not preserved!
| -b file
batch read commands from file , - specifies standard input.
Aborts on failure of: get, put, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown,
chgrp, lpwd, df, symlink, and lmkdir .
Termination on error can be suppressed by prefixing the command with - (Example: -rm /tmp/blah* ).
| -r recursively copy entire directories. Does not follow symbolic links
| -P port
| -q quiet disables progress meter, warning and diagnostic messages
| -aappend to files which were partially transfered.
| -v Increase verbosity of logging level, also passed to ssh.
After debug1: Exit status 0 enter a ␍ to continue
| -C compression
| -F ssh_config configuration
| -c cipher Selects the cipher to use for encrypting the data transfers.
| -i identity_file
from which the identity (private key) for public key authentication is read, passed to ssh(1).
| -l limit limits the bandwidth, Kbit/s.
| -o ssh_option
Pass options to ssh in the format used in ssh_config , for which
there is no sftp flag.
For example, to specify an alternate port use: sftp -oPort=24 . See ssh_config.
AddressFamily
BatchMode
BindAddress
ChallengeResponseAuthentication
CheckHostIP
Cipher
Ciphers
Compression
CompressionLevel
ConnectionAttempts
ConnectTimeout
ControlMaster
ControlPath
ControlPersist
GlobalKnownHostsFile
GSSAPIAuthentication
GSSAPIDelegateCredentials
HashKnownHosts
Host
HostbasedAuthentication
HostKeyAlgorithms
HostKeyAlias
HostName
IdentityFile
IdentitiesOnly
IPQoS
KbdInteractiveAuthentication
KbdInteractiveDevices
KexAlgorithms
LogLevel
MACs
NoHostAuthenticationForLocalhost
NumberOfPasswordPrompts
PasswordAuthentication
PKCS11Provider
Port
PreferredAuthentications
Protocol
ProxyCommand
PubkeyAuthentication
RekeyLimit
RhostsRSAAuthentication
RSAAuthentication
SendEnv
ServerAliveInterval
ServerAliveCountMax
StrictHostKeyChecking
TCPKeepAlive
UsePrivilegedPort
User
UserKnownHostsFile
VerifyHostKeyDNS
| | |
| -S program to use for the encrypted connection.
| -s subsystem | sftp_server
SSH2 subsystem or the path for an sftp server on the remote host for using over protocol version 1, or
when the remote sshd(8) does not have an sftp subsystem configured.
| -1|-2 protocol version
| -4|-6 Forces IPv4|IPV6 addresses only.
| -B buffer_size when transferring files. Default : 32768 bytes.
| -R num_requests | Number of outstanding requests. default 64
| -D ftp_srvr_path Connect directly to a local sftp server (rather than via ssh(1)). for debugging server.
| | | | | | | | | | | | | | | | | | | |
INTERACTIVE COMMANDS
Commands are case insensitive.
Pathnames that contain spaces must be enclosed in quotes.
Special characters in pathnames that are recognized by glob must be escaped with backslashes (\
)
ls [-1alhfnrSt] [path]
remote directory listing of either path or the current directory.
path may contain glob(3) characters and may match multiple files.
| cd path < b>Change remote directory
| chgrp GID path
Change group of path to GID . path may contain glob characters and may match multiple files.
grp numeric GID.
| chmod mode path
Change mode (permissions) of path path path may contain glob(3) characters
| chown own path
Change owner of path . path may contain glob(3) characters …
own must be a numeric UID.
| progress Toggle display of progress meter.
-1 one column
| -a all files are listed including those beginning with a dot ('.').
| -l long format Display additional details including permissions and ownership information.
| -h human format size, With a long format option, unit suffixes: Byte, Kilobyte, Megabyte, Gigabyte … in order to reduce the number of digits to four or fewer using powers of 2 for sizes (K=1024, M=1048576,
etc.).
| -n numerical user and group IDs
|
-f Do not sort the listing. The default sort order is lexicographical.
| -r reverse the sort
| -S size of file is sort key
| -t time of last modification is sort key
| | | | | | | | | |
| get [-Ppr] remote-path [local-path]
Retrieve the remote-path and store it locally .
If local-path is not specified, it is given the same
name it has on the remote machine. remote-path may contain glob characters and may match multiple files.
If it does and local-path is specified, then local-path must specify a directory.
Must specify -P or -p to copy full file permissions and times .
With -r directories will be copied recursively. does not follow symbolic links
| put [-Ppr] local-path [remote-path]
Upload local-path and store it on the remote machine.
If remote path name is not specified, it is given the same name
it has on the local machine.
local-path may contain glob(3) characters and may match multiple files. If it does and
remote-path is specified, then remote-path must specify a directory.
If either the -P or -p flag is specified, then full file permissions and access times are copied too.
If the -r flag is specified then directories will be copied recursively. Note that sftp does not follow symbolic links
when performing recursive transfers.
| pwd Print working directory.
| mkdir path make directory
| ln [-s] oldpath newpath link from oldpath to newpath .
With -s link is a symbolic , otherwise it is a hard link.
| rename oldpath newpath Rename remote file from oldpath to newpath.
| df [-h] [path]
Display usage information for the filesystem holding the current directory (or path if specified).
-h the capacity information will be displayed using "human-readable" suffixes.
|
Local commands
| lpwd Print local working directory.
| lls [options [path]] local ls .
ls options may contain any flags supported by the local system's ls command.
path may contain glob(3) characters and may match multiple files.
| lcd path local Change directory
| lmkdir path local mkdir
lumask umask Set local umask
rm path remove file
| rmdir path Remove directory
| symlink oldpath newpath Create a symbolic link from oldpath to newpath.
!command Execute command/ in local shell.
! Escape to local shell.
version Must be connected AND loged in to display version of PROTOCOL! SFTP protocol version 3
| quit|bye|exit
| ?|help help.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Errors
Received message too long 1226858861 = 0x 4920616D ='I AM'
Received message too long 2054383648 = 0x 7A736820 ='zsh '
This is caused by miscellaneous output from the various login scripts,
profile, .profile, .bachrc
, …
Use
bc to convert integer code to hex :obase=16; 1226858861
␍
4920616D , then look up the ASCII characters
I a m
, as in 'I am .profile , v1.26 called from …')
To see what the text is use :
/usr/bin/ssh server /bin/true > out.dat
stat sourceName
No such file or directory
sftp
issues a
stat
on the source before it does a
put
so it blames
stat
.
sftp
is included with the raspberryPi system
Omissions from most ftp programs
There does not seem to be any support for a .netrc
file to provide user/password. Use ssh Host-based or Public key authentication.
See
ftp, ls, scp, ssh, ssh-add, ssh-keygen,
glob, ssh_config, sftp-server, sshd
ssh_config.html, Eample:ssh_config