Show Contents / Index / Search

sftp Command Line Utility

Syntax: sftp

[

options

]

[user@

]

host[#port]:source_file [user@]host[#port][:destination_file]

Note: You can reuse an existing SecureShell connection. However, to do so you must explicitly enable this on each command line, or set the SSHConnectionReUse environment variable to Yes. For details, see Connection Reuse in Secure Shell Sessions.

Command Line Options

-a

Transfer files in ASCII mode.

-b buffersize

Sets the maximum buffer size for one request. Valid values are 1024 - 32768.

-B batchfile

After a successful login, executes each command in the specified batch file and then terminates the connection. For example, the following command connects to myhost using myname and executes the commands in myfile. After all commands in the file are executed, the connection is terminated.

sftp -B c:\mypath\myfile myhost.com myname

The batch file can use any of the interactive commands documented below.

Note: Semicolons are not supported for comments in scripts supplied to the sftp command line using the -B option. Use the number sign (#) to mark comments in these batch files.

-c cipher

A comma-separated list of ciphers specified in order of preference. The default is "aes128-ctr,aes128-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour". If the connection is set to run in FIPS mode, the default is "aes128-ctr,aes128-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,3des-cbc".

Protocol version 1 (which is deprecated and not recommended) allows specification of a single cipher. The supported values are "3des", "blowfish", and "des".

-C

Enables compression of all transmitted data. Compression is desirable on modem lines and other slow connections, but will only slow down response rate on fast networks.

-d

Force target to be a directory.

-F config_file

Specifies an alternate configuration file to use for this connection. If a configuration file is given on the command line, other configuration files are ignored.

-h

Displays a summary of command line options.

-H scheme

Specifies which SSH configuration scheme to use for this connection.

-i key_file

Specifies a private key to use for key authentication. Key files can also be specified on a per-host basis in the configuration file. It is possible to have multiple -i options (and multiple keys specified in a configuration file). Use quotation marks if the file or path includes spaces.

-k directory

Specifies an alternate location for the config, host key, and user key files.

-m mac_spec

Specifies one or more comma-separated MAC (message authentication code) algorithms to use for this connection. Specify algorithms in order of preference. The default is "hmac-sha1,hmac-sha256,hmac-sha512,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96". If the connection is set to run in FIPS mode, the default is "hmac-sha1,hmac-sha256,hmac-sha512".

-o option

Sets any option that is supported in the configuration file. For example:

ssh "-o FIPSMode=yes" myuser@myhost

-p

Preserve time stamps and file attributes.

-P port

Port to connect to on the remote host.

-q

Enables quiet mode, which causes all warning and diagnostic messages, including banners, to be suppressed.

-Q

Turns off display of the progress indicator.

-R maximum_requests

Specifies the maximum number of concurrent requests. Increasing this may slightly improve file transfer speed but will increase memory usage. The default is 16 outstanding requests.

-s subsystem

Specifies the ssh subsystem.

-S program

Program to use for encrypted connections.

-u

Remove the source file after copying.

-v

Sets the debug level to verbose mode, which is equivalent to setting the debug level to 2.

-V

Displays product name and version information and exits. If other options are specified on the command line, they are ignored.

-1

Forces ssh to try protocol version 1 only. Protocol version 1 is deprecated and not recommended.

-2

Forces ssh to try protocol version 2 only.

-4

Forces connections using IPv4 addresses only.

-6

Forces connections using IPV6 addresses only.

Interactive Mode

ascii

Set transfer type to ASCII.

binary

Set transfer type to binary.

bye

Quit sftp.

cd path

Change remote directory to path.

chmod path

Changes the permissions associated with path. Use mode to specify a three digit numeric permissions.

lcd path

Change local directory to path.

exit

Quit sftp.

get remote-path [local-path]

Retrieve the remote-path and store it on the local machine. If the local path name is not specified, it is given the same name it has on the remote machine.

getext [extension,extension...]

Displays the file extensions that will use ascii transfer. Use setext to modify this list.

help

Display help text.

lls [ls-options [path]]

Display local directory listing of either path or current directory if path is not specified.

lmkdir path

Create local directory specified by path.

lpwd

Print local working directory.

ls [path]

Display remote directory listing of either path or current directory if path is not specified.

mkdir path

Create remote directory specified by path.

put local-path [local-path]

pwd

Display remote working directory.

quit

Quit sftp.

reget remote-file [local-file]

Resume the specified transfer. This works like the get command, but checks for the presence of a partially written local file and, if it is found, starts the transfer where the last attempt left off.

rename oldpath newpath

Rename remote file from oldpath to newpath.

rmdir path

Remove remote directory specified by path.

rm paths

Delete remote file specified by path.

setext [extension,extension...]

Sets the file extensions that will use ascii transfer. Wildcard characters are supported. When no argument is given, no file extensions use ascii transfer.

version

Display sftp version.

?

Synonym for help.