SFTP Introduction Guide

Posted by Sprout on Wed, 15 May 2019 07:44:19 +0200

By Hua Hua - December, 5th 2015

What is? SFTP

In understanding SFTP Before that, let's look at what it is. FTP . FTP( File Transfer Protocol )File Transfer Protocol It is a method commonly used to transfer files between two terminal systems.

SFTP SSH File Transfer Protocol (SSH File Transfer Protocol), or Secure File Transfer Protocol. SFTP is a separate SSH package that works in a similar way through secure connections. Its advantage is that it can transfer files using secure connections and traverse file systems on local and remote systems.

In most cases, SFTP is preferred over FTP because of its basic security features and the ability to utilize SSH connections. FTP is an insecure protocol that should only be used in specific situations or in networks you trust.

Although SFTP integrates many graphical tools, this usage guide demonstrates how to use the interactive command line interface to use it. Here is the guide to use.



How to use SFTP connection

By default, SFTP uses SSH protocol to authenticate and establish secure connections. For this reason, the same validation method that exists in SSH is available.

Despite the convenience of using and setting passwords by default, we strongly recommend that you build an SSH key and pass your public key to all the systems you need to access. In the long run, it will be safer and save you time.

If you haven't set the SSH key yet, Click Here View the Setting SSH Key Guide (later) LinuxStory Consider whether to translate) to set up your SSH key to access your server.

If you can use SSH to connect to your host, then you have completed all the necessary requirements to use SFTP to manage your files. Use the following command to test SSH access:

ssh username@remote_hostname_or_IP

If the previous command succeeds, enter this command and exit:


Create an SSH connection to open an SFTP session. This process can use the following commands:

sftp username@remote_hostname_or_IP

In this way, you can connect to the remote system and your prompt will become SFTP prompt.

View Help Documents on the SFTP Command Line

The old rule is to first understand the most useful command, help, which will give you an overview of SFTP's help. You can enter either of the following two to turn on help:



After that, a list of commands that can be used is displayed as follows:

Available commands: bye Quit sftp cd path Change remote directory to 'path' chgrp grp path Change group of file 'path' to 'grp' chmod mode path Change permissions of file 'path' to 'mode' chown own path Change owner of file 'path' to 'own' <span class='wp_keywordlink_affiliate'><a href="https://linuxstory.org/tag/df/" title="View all posts in df" target="_blank">df</a></span> [-hi] [path] Display statistics for current directory or filesystem containing 'path' exit Quit sftp get [-Ppr] remote [local] Download file help Display this help text lcd path Change local directory to 'path' …
        <div class="crayon-main" style="position: relative; z-index: 1; overflow: hidden;">
            <table class="crayon-table" style=""><tbody><tr class="crayon-row"><td class="crayon-nums " data-settings="show">
                <div class="crayon-nums-content" style="font-size: 12px !important; line-height: 15px !important;"><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-1">1</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-2">2</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-3">3</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-4">4</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-5">5</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-6">6</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-7">7</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-8">8</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-9">9</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-10">10</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-11">11</div><div class="crayon-num crayon-striped-num" data-line="crayon-5b3ff00436f84249546476-12">12</div><div class="crayon-num" data-line="crayon-5b3ff00436f84249546476-13">13</div></div>
                    <td class="crayon-code"><div class="crayon-pre" style="font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;"><div class="crayon-line" id="crayon-5b3ff00436f84249546476-1"><span class="crayon-e">Available </span><span class="crayon-v">commands</span><span class="crayon-o">:</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-2"><span class="crayon-e">bye&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="crayon-e">Quit </span><span class="crayon-e">sftp</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-3"><span class="crayon-e">cd </span><span class="crayon-e">path&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="crayon-e">Change </span><span class="crayon-e">remote </span><span class="crayon-e">directory </span><span class="crayon-st">to</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-4"><span class="crayon-e">chgrp </span><span class="crayon-e">grp </span><span class="crayon-e">path&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="crayon-e">Change </span><span class="crayon-e">group </span><span class="crayon-e">of </span><span class="crayon-i">file</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span><span class="crayon-h"> </span><span class="crayon-st">to</span><span class="crayon-h"> </span><span class="crayon-s">'grp'</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-5"><span class="crayon-e">chmod </span><span class="crayon-e">mode </span><span class="crayon-e">path&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="crayon-e">Change </span><span class="crayon-e">permissions </span><span class="crayon-e">of </span><span class="crayon-i">file</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span><span class="crayon-h"> </span><span class="crayon-st">to</span><span class="crayon-h"> </span><span class="crayon-s">'mode'</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-6"><span class="crayon-e">chown </span><span class="crayon-e">own </span><span class="crayon-e">path&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="crayon-e">Change </span><span class="crayon-e">owner </span><span class="crayon-e">of </span><span class="crayon-i">file</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span><span class="crayon-h"> </span><span class="crayon-st">to</span><span class="crayon-h"> </span><span class="crayon-s">'own'</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-7"><span class="crayon-i"><span class="wp_keywordlink_affiliate"><a href="https://linuxstory.org/tag/df/" title="View all posts in df" target="_blank">df</a></span></span><span class="crayon-h"> </span><span class="crayon-sy">[</span><span class="crayon-o">-</span><span class="crayon-v">hi</span><span class="crayon-sy">]</span><span class="crayon-h"> </span><span class="crayon-sy">[</span><span class="crayon-v">path</span><span class="crayon-sy">]</span><span class="crayon-h">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="crayon-e">Display </span><span class="crayon-e">statistics </span><span class="crayon-st">for</span><span class="crayon-h"> </span><span class="crayon-e">current </span><span class="crayon-e">directory </span><span class="crayon-st">or</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-8"><span class="crayon-h">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="crayon-e">filesystem </span><span class="crayon-i">containing</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-9"><span class="crayon-e">exit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="crayon-e">Quit </span><span class="crayon-e">sftp</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-10"><span class="crayon-i">get</span><span class="crayon-h"> </span><span class="crayon-sy">[</span><span class="crayon-o">-</span><span class="crayon-v">Ppr</span><span class="crayon-sy">]</span><span class="crayon-h"> </span><span class="crayon-i">remote</span><span class="crayon-h"> </span><span class="crayon-sy">[</span><span class="crayon-v">local</span><span class="crayon-sy">]</span><span class="crayon-h">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="crayon-e">Download </span><span class="crayon-e">file</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-11"><span class="crayon-e">help&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="crayon-e">Display </span><span class="crayon-r">this</span><span class="crayon-h"> </span><span class="crayon-e">help </span><span class="crayon-e">text</span></div><div class="crayon-line crayon-striped-line" id="crayon-5b3ff00436f84249546476-12"><span class="crayon-e">lcd </span><span class="crayon-e">path&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span><span class="crayon-e">Change </span><span class="crayon-e">local </span><span class="crayon-e">directory </span><span class="crayon-st">to</span><span class="crayon-h"> </span><span class="crayon-s">'path'</span></div><div class="crayon-line" id="crayon-5b3ff00436f84249546476-13"><span class="crayon-sy">.</span><span class="crayon-h"> </span><span class="crayon-sy">.</span><span class="crayon-h"> </span><span class="crayon-sy">.</span></div></div></td>

Next, we will discuss some of the above commands.

SFTP Shell basic operation

We can use most of them similar to native machines. Shell The command to browse the entire directory structure.

First, we need to determine the current working directory, how to determine it? Similar to most Shell sessions, you can enter the following commands to get the current directory information:

Remote working directory:/home/demouser

Another familiar command, ls, looks at the contents of the current directory


Summary.txt    info.txt    temp.txt    testDirectory

It is noteworthy that SFTP's command line is not as functional as Bash's general Shell, but selectively implements some important parameters:

ls -la


Use the following command to switch to another directory:

cd testDirectory

Now we can traverse the remote file system! But what if we need to access the local file system? We only need to add a prefix "l" (L's lowercase) to these commands to realize the operation on the local host.

So far, all the commands we've talked about have local versions, so we can print out the working directory of the local host in this way:


Local working directory:/Users/demouser

Similarly, we can list the contents of the current working directory on this machine:


Desktop local.txt test.html Documents analysis.rtf zebra.html
Desktop            local.txt        test.html
Documents        analysis.rtf        zebra.html

Obviously, we can also easily switch the current working directories of local and remote hosts in a Shell at will:

lcd Desktop

Transfer files using SFTP

Just accessing the content between two file systems and not transferring files between local and remote file systems is like cooking chicken with a big cattle.

Download remote files to local host

If we want to download files from remote hosts, follow me.

get remote_file_name

Fetching /home/demouser/remoteFile to remote_file_name /home/demouser/remote_file_name 100% 37KB 36.8KB/s 00:01
Fetching /home/demouser/remoteFile to remote_file_name
/home/demouser/remote_file_name                      100%   37KB  36.8KB/s   00:01

As you can see, by default, the "get" command downloads files from remote hosts to local hosts and guarantees that the file name remains unchanged.

Want to change your name? No problem! Just specify a different file name to copy the remote file:

get remote_file_name local_file_name

At this point, I have to tell you that the "get" command has some optional parameters. For example, we can open the recursive option to recursively copy the contents of a folder:

get -r some_directory_name

We can also open the "-P" or "-p" parameter to tell SFTP to keep file access bit settings and access time:

get -Pr some_directory_name

Upload local files to remote hosts

Files can be easily uploaded to remote hosts using the well-known "put" command:

put local_file_name

Uploading localFile to /home/demouser/local_file_name local_file_name 100% 7607 7.4KB/s 00:00
Uploading localFile to /home/demouser/local_file_name
local_file_name                                     100% 7607     7.4KB/s   00:00

” put "has parameters similar to get". In this way, you can upload the entire folder:

put -r local_directory_name

Be careful

Currently released Ubuntu The OpenSSH version running on the system (at least 14.04-15.10) has a BUG, and the execution of the above command will cause an error. When using OpenSSH with BUG, when executing the above command to transfer files to the server, an error is reported: Couldn't canonicalise: No such file or directory

To solve this problem, you can enter mkdir local_directory_name to create a new target directory on the remote system. After that, the execution of the above command should be correct.

A well-known and useful tool is used when we download and upload files.——“ df ” Commands work in the same way as other command lines. Through it, you can check whether there is enough space to complete the file you want to transfer:

df -h

Size Used Avail (root) %Capacity 19.9GB 1016MB 17.9GB 18.9GB 4%
Size     Used    Avail   (root)    %Capacity
19.9GB   1016MB   17.9GB   18.9GB           4%

Please note that! This command has no corresponding ldf, but we can use the command "!" to achieve the same purpose. (Speaking of this, think of it.) LinuxStory There is an article Ten Magic Usages of Linux Command Line It's very good. Recommend it to a little friend who hasn't seen it. Click Here Get.

This "!" (half-corner exclamation mark) command takes us back to the local Shell, where we can run all the commands available in our local system. Check our hard disk usage by typing the following commands:

df -h

Filesystem Size Used Avail Capacity Mounted on /dev/disk0s2 595Gi 52Gi 544Gi 9% / devfs 181Ki 181Ki 0Bi 100% /dev map -hosts 0Bi 0Bi 0Bi 100% /net map auto_home 0Bi 0Bi 0Bi 100% /home
Filesystem      Size   Used  Avail Capacity  Mounted on
/dev/disk0s2   595Gi   52Gi  544Gi     9%    /
devfs          181Ki  181Ki    0Bi   100%    /dev
map -hosts       0Bi    0Bi    0Bi   100%    /net
map auto_home    0Bi    0Bi    0Bi   100%    /home

Like this, any other local command will be as effective as you expect. Return to the SFTP session, enter:


Now you should be able to see the SFTP prompt coming back.

In fact, you can execute local host commands without exiting SFTP Shell. If you executed shell commands in VIM, I think you should understand what it means.

Simple file manipulation using SFTP

SFTP allows you to perform basic file maintenance types, which are useful when you have a file system.

For example, you can use the following command to change the file owner on a remote system:

chown userID file

Note that, unlike the system "chmod" command, this SFTP command does not accept a user name, but replaces it with the user's UID. Unfortunately, there is no easy way to get the corresponding UID through the SFTP interface.

This knotty problem can be solved with this command:

get /etc/passwd !less passwd
get /etc/passwd
!less passwd

root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh …
. . .

Note that it is "!" instead of "l", which is different from the previous "l" prefix. With it, we can execute local Shell instructions in the same way as in VIM. Previously, it has been used on the local "df" command.

The UID appears in the third column of the file, defined by a colon.

Similarly, we can change the file group:

chgrp groupID file

Again, it's not that easy to get a GID for a remote system. We can solve it in the same way:

get /etc/group !less group
get /etc/group
!less group

root:x:0: daemon:x:1: bin:x:2: sys:x:3: adm:x:4: tty:x:5: disk:x:6: lp:x:7: …
. . .

Obviously, we can see that the third column corresponds to the GID of the first user group. That's what we're looking for!
Fortunately, this "chmod" command can execute such instructions on a remote file system:
chmod 777 publicFile

Changing mode on /home/demouser/publicFile
Changing mode on /home/demouser/publicFile

Although there are no ready-made commands to manipulate local file permissions, you can set local umask. In this way, any file copied to the local system has corresponding permissions.

Use the "lumask" command to do this:
lumask 022
Local umask: 022

Now all regular file downloads (as long as the "-p" parameter is not opened) have 644 permissions.

SFTP allows you to create new directories on local and remote file systems using the "lmkdir" and "mkdir" commands, which are absolutely useful!

The rest of the file commands are for remote file systems only:

ln rm rmdir

These commands replicate the basic features of the shell version. If you need to perform these operations on the local file system, remember that you can enter this command to switch to Shell:
Or execute this command with a "!" prefix on the local system, like this:

!chmod 644 somefile

When you have completed the SFTP session, use "exit" or "bye" to close the connection:


Although SFTP is a very simple tool, it is very convenient to use it to manage servers and transfer files between clients and servers.

If you are used to FTP or SCP To achieve your transmission, you can try SFTP, which combines the strengths of both. Although it's not always what you want, it's a flexible tool that deserves to be added to your skill pool!

By Justin Ellingwood

Links to the original text: https://www.digitalocean.com/community/tutorials/how-to-use-sftp-to-securely-transfer-files-with-a-remote-server

Translation Links: http://www.linuxstory.org/how-to-use-sftp-to-securely-transfer-files-with-a-remote-server/

Topics: sftp ssh shell ftp