Secure File Transfer Protocol was introduced in 1997 to extend and secure how users can manipulate files on remote servers. While developed separately, it has replaced FTP, the more traditional way of accessing and downloading files from remote servers.
While system admins and developers regularly use SFTP, power users should also understand how SFTP works and how to get and upload files to SFTP servers.
Table of content
The good thing is that if you know your way around a Linux shell, you are already on your way to using SFTP servers to upload and download files.
This short guide will introduce you to SFTP and how to use SFTP commands to manipulate files on remote and local servers.
A Short Introduction to SFTP
As mentioned, SFTP was introduced in 1997 to add secure file transfer capabilities to the SSH shell. That’s why SFTP can also stand for SSH File Transfer Protocol to indicate its connection with the SSH protocol. Because of this, SFTP often doesn’t require additional authentication.
SFTP is also OS-independent and works equally well on Windows, macOS, and Linux. Once connected to SFTP servers, users can carry out all essential file and directory-related actions, such as upload/download files and directories, change file and directory permissions, and delete files.
Like FTP, SFTP offers an interactive mode (where you enter multiple commands sequentially) and the support for single commands to carry out file-related actions on SFTP servers.
SFTP replaced the popular FTP because it doesn’t suffer from the vulnerabilities, especially the infamous FTP exploit where attackers used man-in-the-middle attack to divert the data stream and access the data, including the credentials.
Let’s discuss a few benefits SFTP servers offer users and businesses.
Benefits of SFTP Servers
SFTP and SFTP servers bring many benefits that facilitate all facets of business operations. Let’s see five of these benefits in detail to understand why SFTP and the servers that server SFTP processes are essential to any business.
Boosts Speed and Efficiency of Business Processes
SFTP servers solve two of the most annoying problems in file transfer – bulk file transfer and large file transfer.
You can easily set up an SFTP server to allow fast and problem-free transfer of huge files (in terabytes and above) to clients much quicker than other options, such as cloud-based file systems.
Similarly, you can facilitate users by allowing simultaneous file downloads. This is very useful in archiving huge websites where users need to download many files in one go.
If your users need to transfer huge or many files in one sitting, SFTP offers the best solution to the problem.
Reduces Risks During Data Exchanges/Downloads
While FTP could also deliver bulk transfer and large file transfer, SFTP solved the most significant issue affecting FTP – security. FTP transfers were always vulnerable to multiple attacks, allowing unauthorized users to eavesdrop on the file transfer.
SFTP resolves these security-related issues by introducing the following features and options:
- Encryption: SFTP offers an encrypted connection that secures all communication between the SFTP servers and clients. You can further harden this security by asking for server and client authentication.
- Optional Data Integrity Checks: You can include integrity checks that allow users to verify the source of the downloads and whether the files’ contents remained intact during the download.
Ensures Data Accessibility to All Users
SFTP can service end users and middle-layer apps alike. This makes SFTP a flexible component that you can modify to fit your business use cases. For instance, you can set up individual user-to-server or automated server-to-server to ensure smooth data access at all levels.
As a result, SFTP is an excellent option for enhancing collaboration between users and system components and improving the overall performance and speed of business operations.
Helps Achieve Compliance
Almost all user information protection regulations, such as GDPR, GLBA, HIPAA, and PCI-DSS, require provisions to offer secure downloads. Not following this requirement can result in compliance withdrawal and legal consequences.
SFTP ticks most of the boxes when it comes to complying with the requirements of these regulations, such as end-to-end encryption, detailed access, and download logs. You can satisfy most of the compliance requirements by setting up SFTP servers. For more complicated requirements, you can opt for a managed SFTP vendor that takes care of the operational aspects of the servers.
Automate Access To Paid Resources
SFTP servers are a perfect option for businesses that must set up paywalls to moderate access to their content. For instance, private SFTP servers can host videos, and course material only paid members can access. Similarly, you can place sensitive business documents on a secure SFTP server available only to specific managers.
SFTP servers provide secure, reliable, and efficient file transfer over SSH. They are an excellent choice for businesses that must transfer sensitive data quickly and securely.
IMPORTANT: Before we go into file manipulation on SFTP servers, it is essential to understand the dangers associated with downloading from free SFTP servers. Since the users have complete control over the process, they might unknowingly download malware that could damage their devices and compromise the entire network. We highly recommend downloading only from servers that you know to be safe.
Before working with SFTP servers and running SFTP commands, you need to be aware of the following prerequisites:
- The local system and remote server should have a shared SSH key pair.
- Access to a non-root account and command line.
Popular SFTP Commands and Options
Upon connecting to the SFTP server, you get access to the SFTP shell interface. Here you can use the following commands to manipulate files on the SFTP servers.
|help||Displays the help text|
|cd [path]||Changes the directory on the remote server to [path]|
|lcd [path]||Changes the directory on the local system to [path]|
|chgrp [group ID] [path]||Changes group ownership to [group ID] for the file or folder located at [path]|
|chown [user ID] [path]||Changes user ownership to [user ID] for the file or folder located at [path]|
|chmod [mode] [path]||Changes ownership to [mode] for the file or folder located at [path]|
|get [remote path] [local path]||Transfers a file or directory from [remote path] on the remote server to [local path] on the local system|
|lls [options] [path]||Displays the local system’s listing for the directory located at [path]. Uses the ls command options|
|ln [old path] [new path]||Creates a symlink from [old path] to [new path] on the remote server|
|ls [options] [path]||Displays the listing for the directory located at [path] on the remote server. Uses the ls command options|
|lmkdir [path]||Creates a directory at [path] on the local system|
|lpwd||Displays the current local directory|
|lumask [mask]||Sets local permissions mask to [mask]|
|mkdir [path]||Creates a directory at [path] on the remote server|
|put [local path] [remote path]||Transfers a file or directory from [local path] on the local system to [remote path] on the remote server|
|pwd||Displays the current remote directory|
|exit or quit||Exits the SFTP interface|
|rename [old path] [new path]||Renames a file on the remote server from [old path] to [new path]|
|rmdir [path]||Removes a directory located at [path] on the remote server|
|rm [path]||Removes a file located at [path] on the remote server|
|version||Displays the current version of SFTP|
|symlink [old path] [new path]||Creates a symlink from [old path] to [new path] on the remote server|
|![command]||Executes [command] in the local shell|
|?||Displays the help text|
|!||Temporarily move to the local shell|
Let’s see these and related commands in action.
Establish an SFTP Connection
Use the following command syntax to connect to a remote server via SFTP. You’ll see that this command is similar to the SSH command used to initiate a new session:
sftp> [username]@[remote hostname or IP address]
For example, to connect to a server with the username “root” at the IP address 220.127.116.11, use the following command:
$ sftp [email protected]
Upon successful connection, the shell transitions to the SFTP interface, denoted by the sftp> prompt that replaces the traditional $ prompt.
When establishing an SFTP connection with a remote system, you can modify its behavior by utilizing the following options with the sftp command:
|-4||Restricts the usage to IPv4 addresses only|
|-1||Uses version 1 of the SSH protocol for the connection|
|-6||Restricts the usage to IPv6 addresses only|
|-A||Allows the forwarding of SSH authentication agent to the remote server|
|-a||Attempts to continue interrupted file transfers|
|-B [buffer size]||Sets a custom buffer size (the default is 32,768 bytes)|
|-b [batch file]||Specifies a batch file to start the sftp command in batch mode|
|-C||Enables file compression|
|-c [cipher]||Selects a cipher to use for encrypting data during transfer|
|-D [SFTP server path]:||Connects to a local SFTP server without SSH|
|-F [SSH configuration file]||Specifies an SSH configuration file for the connection|
|-f||Flushes files to disk immediately after the transfer|
|-i [private key file]||Selects a file containing the private key for public key authentication|
|-J [destination]||Sets up TCP forwarding via the provided destination|
|-N||Disables the quiet mode|
|-o [SSH option]||Adds an SSH command option when connecting to SFTP|
|-P [port number]||Sets the port number for the SFTP connection|
|-p||Preserves file permissions and access times during transfer|
|-q||Enables the quiet mode|
|-R [number of requests]||Sets the number of allowed concurrent file transfer requests|
|-r||Transfers directories recursively|
|-S [client]||Specifies an SFTP client to use for the connection|
|-v||Keeps a verbose session log|
|-s [SSH subsystem path]||Selects an SSH2 subsystem or SFTP server path|
When you’re done, use the “exit” command to terminate the current connection:
This command will disconnect you from the remote server, returning you to the command prompt or the terminal on your local machine.
File Transfer Operations
You can use the “get” and “put” SFTP commands to move files to and from an SFTP server. The “get” command facilitates the transfer of files from a remote server to the local system, whereas the “put” command accomplishes the reverse process.
Here is the basic syntax for the “get” command:
get [path of file]
For instance, to transfer a file from the remote server to the local system’s Home directory, use the following “get” command.
sftp> get /var/www/prakashavhale.xyz/html/redswitchestest.php
To transfer a file from the local system to the remote server’s Home directory, you can use the “put” command.
Here’s an example illustrating its usage:
sftp> put puttest.php
To transfer the file to a specific directory, you must add the directory path at the end of the “get” or “put” command. The syntax looks like this:
sftp> get [path to file] [directory path]
sftp> put [path to file] [directory path]
To modify the filename on the local system, simply append the desired new filename at the end of the command.
sftp> get [file path] [new file name]
sftp> put [file path] [new file name]
Additional put and get Options
The “get” and “put” commands provide several options that you can use to customize the operation and output of these commands. Here’s a short list of these options, along with a brief explanation:
-a: Attempt to resume the file transfer if it was previously interrupted or partially completed.
-f: Forces the immediate flushing of the file to disk after the transfer.
-p: Preserves the file permissions and access times during the transfer.
-R: Recursively transfers an entire directory and its contents. When using this option, specify the directory path instead of a file path.
Changing File and Directory Permissions via SFTP
An essential use of SFTP is modifying file and directory permissions on the remote server.
Important: Before trying these commands, ensure you have the proper user privileges for modifying files.
Let’s start with changing the file ownership details.
To change file ownership for individual users, you can utilize the “chown” command in the following format:
sftp> chown [user ID] [file path]
Note that this command uses UIDs instead of usernames.
Similarly, you have the option to use the “chgrp” command for modifying the group ownership of a file:
sftp> chgrp [group ID] [file path]
SFTP provides the capability to configure a local umask, allowing you to modify the default permissions for all subsequent files transferred to the local system.
You can create a new local umask by using the “lumask” command:
sftp> lumask [permission mask]
Exploring and Handling Files and Directories with SFTP
SFTP offers several flexible options for managing files and directories on both the local system and remote server.
List Files on Local and Remote Server
Let’s start by listing the files and directories on the remote server with the “ls” command.
sftp> ls -l
Similarly, the “lls” command (short for local ls) provides a way to list files and directories on the local system:
sftp> lls -l
Change the Working Directory
If you wish to move out of the current working directory on the remote server or local system, you can use the “cd” command on the remote server and the “lcd” command on the local system:
sftp> cd [path to directory on the remote server]
sftp> lcd [path to directory on the local system]
Create a New Directory
You can create a directory on the remote server with the “mkdir” command:
sftp> mkdir [path to the new directory on the remote server]
For instance, use the following command to create a new directory on the remote server with the name Test_Directory, use the following command:
sftp> mkdir Test_Directory
Similarly, the “lmkdir” command enables you to create a directory on the local system:
sftp> lmkdir [path to the new directory on the local system]
To demonstrate the command usage, we’ll create a new local directory with the name Test_Directory:
sftp> lmkdir Test_Directory
Rename Files and Directories
The “rename” command allows you to modify the name of a file or directory on the remote server:
sftp> rename [old path] [new path]
For example, here’s how we could rename the directory redswitchestest.php to mytest.php:
sftp> rename redswitchestest.php mytest.php
Remove (Delete) Files and Directories
Use the “rm” command to remove a file from the remote server.
sftp> rm [path to file]
As you can see, you must provide the path to the file you need to delete.
For example, here’s the command to delete the mytest.php via the sftp command:
sftp> rm mytest.php
Similarly, the “rmdir” command removes a directory from the remote server. The syntax of the command is:
sftp> rmdir [path to directory]
For instance, here’s how we could remove the Test_Directory we created earlier:
sftp> rmdir Test_Directory
The “ln” and “symlink” commands create symbolic links to files or directories on the remote server. Here is the syntax of the commands:
sftp> ln [old path] [new path]
sftp> symlink [old path] [new path]
For instance, here’s how we can use the “ln” command to create a link to index.php named index_link using the ln command:
sftp> ln index.php index.link
Display Current Working Directories
To display the current working directory on the remote server, you can use the “pwd” command, which displays the directory path as the output:
On the other hand, to view the current working directory on the local system, you can use the “lpwd” command, which generates the local directory path:
ExExecuting Local Shell Commands with SFTP
SFTP offers the capability to run local shell commands by adding an exclamation mark (!) before the command. This allows users to execute commands not part of the standard SFTP shell on the local system.
For example, if the “tree” command is not supported in SFTP on Linux, you can utilize the local shell to run this command within the SFTP interface:
Exit the SFTP Shell
To exit from the SFTP shell, simply use the “exit” command.
Additional SFTP Commands
You can use either the “help” or the “?” commands to access details of the SFTP commands in the terminal. These commands provide a list of available commands within the SFTP shell.
You can utilize the version command to check out the current SFTP version. This command will display the relevant information regarding the SFTP protocol version.
We hope you now have a solid understanding of the benefits of SFTP servers and SFTP commands. Mastering the SFTP commands opens up a world of possibilities for efficiently managing and transferring files between local and remote systems.
Whether you need to manipulate file permissions, navigate directories, execute local shell commands, or access help documentation, SFTP provides a versatile and secure solution.
In our experience, SFTP works best with Linux projects hosted on bare-metal servers. RedSwitches offers reliable, dedicated hosting solutions for your projects. With our expertise in hosting solutions and commitment to delivering top-notch service, RedSwitches ensures a seamless SFTP experience tailored to your needs.
Get in touch with us today to learn more about how we can help you become the best at what you do.
Q. Can I execute local shell commands with SFTP?
Yes, you can execute local shell commands within the SFTP interface by prefixing the command with an exclamation mark (!). This runs these commands on the local terminal rather than the standard SFTP shell on your local system.
Q. How can I manage file permissions using SFTP?
To manage file permissions using SFTP, you can use commands such as chmod to change the permissions of files and directories on the remote server. This allows you to control who can read, write, and execute files on the server.
Q. Is it possible to transfer entire directories with SFTP?
Yes, you can transfer entire directories with SFTP. The put command can be used to upload directories from your local system to the remote server, while the get command can be used to download directories from the remote server to your local system.
Q. Are there any limitations to SFTP commands?
The availability of commands may vary depending on the SFTP server implementation. Some advanced commands or functionalities may not be supported by specific servers or restricted by server configurations because of security concerns.