Set File Permissions on Downloaded Files
When you download a file to the client using either sftp or scp, the file permissions of the downloaded file can depend on both the client configuration and the source file permissions.
If the file already exists on the client:
If the file does not exist on the client, the following factors affect the permissions set on the transferred file.
To set permissions on downloaded files using umask:
The following session shows the use of umask to set permissions on files downloaded using sftp. The first file (file1) allows user, group, and world read/write access (666) on the server. The second file (file2) allows user read/write access, and group and world read-only access (644) on the server. After the download, both files allow user-only read/write access (600) on the client.
$ umask 066
$ sftp firstname.lastname@example.org
sftp> ls -l file1
-rw-rw-rw- 0 joe users 108 Sep 30 02:52 file1
sftp> get file1
/home/joe/file1 108 0.0KB/s 00:00 100%
sftp> lls -l file1
-rw------- 0 joe users 8 Sep 30 11:47 file1
sftp> ls -l file2
-rw-r--r-- 0 joe users 225 Sep 30 02:56 file2
sftp> get file2
/home/joe/file2 225 0.0KB/s 00:00 100%
sftp> lls -l file2
-rw------- 0 joe users 225 Sep 30 11:47 file2