What is? SFTP ?
In understanding SFTP Before that, let's look at what it is. FTP . FTP( File Transfer Protocol )File Transfer Protocol It is a method commonly used to transfer files between two terminal systems.
SFTP SSH File Transfer Protocol (SSH File Transfer Protocol), or Secure File Transfer Protocol. SFTP is a separate SSH package that works in a similar way through secure connections. Its advantage is that it can transfer files using secure connections and traverse file systems on local and remote systems.
In most cases, SFTP is preferred over FTP because of its basic security features and the ability to utilize SSH connections. FTP is an insecure protocol that should only be used in specific situations or in networks you trust.
Although SFTP integrates many graphical tools, this usage guide demonstrates how to use the interactive command line interface to use it. Here is the guide to use.
How to use SFTP connection
By default, SFTP uses SSH protocol to authenticate and establish secure connections. For this reason, the same validation method that exists in SSH is available.
Despite the convenience of using and setting passwords by default, we strongly recommend that you build an SSH key and pass your public key to all the systems you need to access. In the long run, it will be safer and save you time.
If you haven't set the SSH key yet, Click Here View the Setting SSH Key Guide (later) LinuxStory Consider whether to translate) to set up your SSH key to access your server.
If you can use SSH to connect to your host, then you have completed all the necessary requirements to use SFTP to manage your files. Use the following command to test SSH access:
ssh username@remote_hostname_or_IP
If the previous command succeeds, enter this command and exit:
exit
Create an SSH connection to open an SFTP session. This process can use the following commands:
sftp username@remote_hostname_or_IP
In this way, you can connect to the remote system and your prompt will become SFTP prompt.
View Help Documents on the SFTP Command Line
The old rule is to first understand the most useful command, help, which will give you an overview of SFTP's help. You can enter either of the following two to turn on help:
help
?
After that, a list of commands that can be used is displayed as follows:
<div class="crayon-main" style="position: relative; z-index: 1; overflow: hidden;">
<table class="crayon-table" style=""><tbody><tr class="crayon-row"><td class="crayon-nums " data-settings="show">
<div class="crayon-nums-content" style="font-size: 12px !important; line-height: 15px !important;"><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-1">1</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-2">2</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-3">3</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-4">4</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-5">5</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-6">6</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-7">7</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-8">8</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-9">9</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-10">10</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-11">11</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-12">12</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-13">13</div></div>
</td>
<td class="crayon-code"><div class="crayon-pre" style="font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;"><div class="crayon-line" id="crayon-5b3ff00436f84249546476-1"><span class="crayon-e">Available </span><span class="crayon-v">commands</span><span class="crayon-o">:</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-2"><span class="crayon-e">bye </span><span class="crayon-e">Quit </span><span class="crayon-e">sftp</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-3"><span class="crayon-e">cd </span><span class="crayon-e">path </span><span class="crayon-e">Change </span><span class="crayon-e">remote </span><span class="crayon-e">directory </span><span class="crayon-st">to</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-4"><span class="crayon-e">chgrp </span><span class="crayon-e">grp </span><span class="crayon-e">path </span><span class="crayon-e">Change </span><span class="crayon-e">group </span><span class="crayon-e">of </span><span class="crayon-i">file</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span><span class="crayon-h"> </span><span class="crayon-st">to</span><span class="crayon-h"> </span><span class="crayon-s">'grp'</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-5"><span class="crayon-e">chmod </span><span class="crayon-e">mode </span><span class="crayon-e">path </span><span class="crayon-e">Change </span><span class="crayon-e">permissions </span><span class="crayon-e">of </span><span class="crayon-i">file</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span><span class="crayon-h"> </span><span class="crayon-st">to</span><span class="crayon-h"> </span><span class="crayon-s">'mode'</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-6"><span class="crayon-e">chown </span><span class="crayon-e">own </span><span class="crayon-e">path </span><span class="crayon-e">Change </span><span class="crayon-e">owner </span><span class="crayon-e">of </span><span class="crayon-i">file</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span><span class="crayon-h"> </span><span class="crayon-st">to</span><span class="crayon-h"> </span><span class="crayon-s">'own'</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-7"><span class="crayon-i"><span class="wp_keywordlink_affiliate"><a href="https://linuxstory.org/tag/df/" title="View all posts in df" target="_blank">df</a></span></span><span class="crayon-h"> </span><span class="crayon-sy">[</span><span class="crayon-o">-</span><span class="crayon-v">hi</span><span class="crayon-sy">]</span><span class="crayon-h"> </span><span class="crayon-sy">[</span><span class="crayon-v">path</span><span class="crayon-sy">]</span><span class="crayon-h"> </span><span class="crayon-e">Display </span><span class="crayon-e">statistics </span><span class="crayon-st">for</span><span class="crayon-h"> </span><span class="crayon-e">current </span><span class="crayon-e">directory </span><span class="crayon-st">or</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-8"><span class="crayon-h"> </span><span class="crayon-e">filesystem </span><span class="crayon-i">containing</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-9"><span class="crayon-e">exit </span><span class="crayon-e">Quit </span><span class="crayon-e">sftp</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-10"><span class="crayon-i">get</span><span class="crayon-h"> </span><span class="crayon-sy">[</span><span class="crayon-o">-</span><span class="crayon-v">Ppr</span><span class="crayon-sy">]</span><span class="crayon-h"> </span><span class="crayon-i">remote</span><span class="crayon-h"> </span><span class="crayon-sy">[</span><span class="crayon-v">local</span><span class="crayon-sy">]</span><span class="crayon-h"> </span><span class="crayon-e">Download </span><span class="crayon-e">file</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-11"><span class="crayon-e">help </span><span class="crayon-e">Display </span><span class="crayon-r">this</span><span class="crayon-h"> </span><span class="crayon-e">help </span><span class="crayon-e">text</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-12"><span class="crayon-e">lcd </span><span class="crayon-e">path </span><span class="crayon-e">Change </span><span class="crayon-e">local </span><span class="crayon-e">directory </span><span class="crayon-st">to</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-13"><span class="crayon-sy">.</span><span class="crayon-h"> </span><span class="crayon-sy">.</span><span class="crayon-h"> </span><span class="crayon-sy">.</span></div></div></td>
</tr></tbody></table></div>
</div>
Next, we will discuss some of the above commands.
SFTP Shell basic operation
We can use most of them similar to native machines. Shell The command to browse the entire directory structure.
First, we need to determine the current working directory, how to determine it? Similar to most Shell sessions, you can enter the following commands to get the current directory information:
pwd
Remote working directory:/home/demouser
Another familiar command, ls, looks at the contents of the current directory
ls
Summary.txt info.txt temp.txt testDirectory
It is noteworthy that SFTP's command line is not as functional as Bash's general Shell, but selectively implements some important parameters:
ls -la
drwxr-xr-x 5 demouser demouser 4096 Aug 13 15:11 . drwxr-xr-x 3 root root 4096 Aug 13 15:02 .. -rw——- 1 demouser demouser 5 Aug 13 15:04 .bash_history -rw-r–r– 1 demouser demouser 220 Aug 13 15:02 .bash_logout -rw-r–r– 1 demouser demouser 3486 Aug 13 15:02 .bashrc drwx—— 2 demouser demouser 4096 Aug 13 15:04 .cache -rw-r–r– 1 demouser demouser 675 Aug 13 15:02 .profile …
Use the following command to switch to another directory:
cd testDirectory
Now we can traverse the remote file system! But what if we need to access the local file system? We only need to add a prefix "l" (L's lowercase) to these commands to realize the operation on the local host.
So far, all the commands we've talked about have local versions, so we can print out the working directory of the local host in this way:
lpwd
Local working directory:/Users/demouser
Similarly, we can list the contents of the current working directory on this machine:
lls
|
1
2
|
Desktop local.txt test.html
Documents analysis.rtf zebra.html
|
Obviously, we can also easily switch the current working directories of local and remote hosts in a Shell at will:
lcd Desktop
Transfer files using SFTP
Just accessing the content between two file systems and not transferring files between local and remote file systems is like cooking chicken with a big cattle.
Download remote files to local host
If we want to download files from remote hosts, follow me.
get remote_file_name
|
1
2
|
Fetching /home/demouser/remoteFile to remote_file_name
/home/demouser/remote_file_name 100% 37KB 36.8KB/s 00:01
|
As you can see, by default, the "get" command downloads files from remote hosts to local hosts and guarantees that the file name remains unchanged.
Want to change your name? No problem! Just specify a different file name to copy the remote file:
get remote_file_name local_file_name
At this point, I have to tell you that the "get" command has some optional parameters. For example, we can open the recursive option to recursively copy the contents of a folder:
get -r some_directory_name
We can also open the "-P" or "-p" parameter to tell SFTP to keep file access bit settings and access time:
get -Pr some_directory_name
Upload local files to remote hosts
Files can be easily uploaded to remote hosts using the well-known "put" command:
put local_file_name
|
1
2
|
Uploading localFile to /home/demouser/local_file_name
local_file_name 100% 7607 7.4KB/s 00:00
|
” put "has parameters similar to get". In this way, you can upload the entire folder:
put -r local_directory_name
Be careful
Currently released Ubuntu The OpenSSH version running on the system (at least 14.04-15.10) has a BUG, and the execution of the above command will cause an error. When using OpenSSH with BUG, when executing the above command to transfer files to the server, an error is reported: Couldn't canonicalise: No such file or directory
To solve this problem, you can enter mkdir local_directory_name to create a new target directory on the remote system. After that, the execution of the above command should be correct.
A well-known and useful tool is used when we download and upload files.——“ df ” Commands work in the same way as other command lines. Through it, you can check whether there is enough space to complete the file you want to transfer:
df -h
|
1
2
|
Size Used Avail (root) %Capacity
19.9GB 1016MB 17.9GB 18.9GB 4%
|
Please note that! This command has no corresponding ldf, but we can use the command "!" to achieve the same purpose. (Speaking of this, think of it.) LinuxStory There is an article Ten Magic Usages of Linux Command Line It's very good. Recommend it to a little friend who hasn't seen it. Click Here Get.
This "!" (half-corner exclamation mark) command takes us back to the local Shell, where we can run all the commands available in our local system. Check our hard disk usage by typing the following commands:
!
df -h
|
1
2
3
4
5
|
Filesystem Size Used Avail Capacity Mounted on
/dev/disk0s2 595Gi 52Gi 544Gi 9% /
devfs 181Ki 181Ki 0Bi 100% /dev
map -hosts 0Bi 0Bi 0Bi 100% /net
map auto_home 0Bi 0Bi 0Bi 100% /home
|
Like this, any other local command will be as effective as you expect. Return to the SFTP session, enter:
exit
Now you should be able to see the SFTP prompt coming back.
In fact, you can execute local host commands without exiting SFTP Shell. If you executed shell commands in VIM, I think you should understand what it means.
Simple file manipulation using SFTP
SFTP allows you to perform basic file maintenance types, which are useful when you have a file system.
For example, you can use the following command to change the file owner on a remote system:
chown userID file
Note that, unlike the system "chmod" command, this SFTP command does not accept a user name, but replaces it with the user's UID. Unfortunately, there is no easy way to get the corresponding UID through the SFTP interface.
This knotty problem can be solved with this command:
|
1
2
|
get /etc/passwd
!less passwd
|
|
1
2
3
4
5
6
7
8
|
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
. . .
|
Note that it is "!" instead of "l", which is different from the previous "l" prefix. With it, we can execute local Shell instructions in the same way as in VIM. Previously, it has been used on the local "df" command.
The UID appears in the third column of the file, defined by a colon.
Similarly, we can change the file group:
chgrp groupID file
Again, it's not that easy to get a GID for a remote system. We can solve it in the same way:
|
1
2
|
get /etc/group
!less group
|
|
1
2
3
4
5
6
7
8
9
|
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
. . .
|
Obviously, we can see that the third column corresponds to the GID of the first user group. That's what we're looking for!
Fortunately, this "chmod" command can execute such instructions on a remote file system:
chmod 777 publicFile
|
1 |
Changing mode on /home/demouser/publicFile
|
Although there are no ready-made commands to manipulate local file permissions, you can set local umask. In this way, any file copied to the local system has corresponding permissions.
Use the "lumask" command to do this:
lumask 022
Local umask: 022
Now all regular file downloads (as long as the "-p" parameter is not opened) have 644 permissions.
SFTP allows you to create new directories on local and remote file systems using the "lmkdir" and "mkdir" commands, which are absolutely useful!
The rest of the file commands are for remote file systems only:
|
1
2
3
|
ln
rm
rmdir
|
These commands replicate the basic features of the shell version. If you need to perform these operations on the local file system, remember that you can enter this command to switch to Shell:
!
Or execute this command with a "!" prefix on the local system, like this:
!chmod 644 somefile
When you have completed the SFTP session, use "exit" or "bye" to close the connection:
bye
summary
Although SFTP is a very simple tool, it is very convenient to use it to manage servers and transfer files between clients and servers.
If you are used to FTP or SCP To achieve your transmission, you can try SFTP, which combines the strengths of both. Although it's not always what you want, it's a flexible tool that deserves to be added to your skill pool!
By Justin Ellingwood
Links to the original text: https://www.digitalocean.com/community/tutorials/how-to-use-sftp-to-securely-transfer-files-with-a-remote-server
Translation Links: http://www.linuxstory.org/how-to-use-sftp-to-securely-transfer-files-with-a-remote-server/