1.\" $OpenBSD: sftp.1,v 1.57 2004/06/21 22:41:31 djm Exp $ 2.\" 3.\" Copyright (c) 2001 Damien Miller. All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24.\" 25.Dd February 4, 2001 26.Dt SFTP 1 27.Os 28.Sh NAME 29.Nm sftp 30.Nd secure file transfer program 31.Sh SYNOPSIS 32.Nm sftp 33.Bk -words 34.Op Fl 1Cv 35.Op Fl B Ar buffer_size 36.Op Fl b Ar batchfile 37.Op Fl F Ar ssh_config 38.Op Fl o Ar ssh_option 39.Op Fl P Ar sftp_server_path 40.Op Fl R Ar num_requests 41.Op Fl S Ar program 42.Op Fl s Ar subsystem | sftp_server 43.Ar host 44.Ek 45.Nm sftp 46.Oo Oo Ar user Ns @ Oc Ns 47.Ar host Ns Oo : Ns Ar file Oo 48.Ar file Oc Oc Oc 49.Nm sftp 50.Oo Oo Ar user Ns @ Oc Ns 51.Ar host Ns Oo : Ns Ar dir Ns 52.Oo Ar / Oc Oc Oc 53.Nm sftp 54.Fl b Ar batchfile 55.Oo Ar user Ns @ Oc Ns Ar host 56.Sh DESCRIPTION 57.Nm 58is an interactive file transfer program, similar to 59.Xr ftp 1 , 60which performs all operations over an encrypted 61.Xr ssh 1 62transport. 63It may also use many features of ssh, such as public key authentication and 64compression. 65.Nm 66connects and logs into the specified 67.Ar host , 68then enters an interactive command mode. 69.Pp 70The second usage format will retrieve files automatically if a non-interactive 71authentication method is used; otherwise it will do so after 72successful interactive authentication. 73.Pp 74The third usage format allows the sftp client to start in a remote directory. 75.Pp 76The final usage format allows for automated sessions using the 77.Fl b 78option. 79In such cases, it is usually necessary to configure public key authentication 80to obviate the need to enter a password at connection time (see 81.Xr sshd 8 82and 83.Xr ssh-keygen 1 84for details). 85The options are as follows: 86.Bl -tag -width Ds 87.It Fl 1 88Specify the use of protocol version 1. 89.It Fl B Ar buffer_size 90Specify the size of the buffer that 91.Nm 92uses when transferring files. 93Larger buffers require fewer round trips at the cost of higher 94memory consumption. 95The default is 32768 bytes. 96.It Fl b Ar batchfile 97Batch mode reads a series of commands from an input 98.Ar batchfile 99instead of 100.Em stdin . 101Since it lacks user interaction it should be used in conjunction with 102non-interactive authentication. 103A 104.Ar batchfile 105of 106.Sq \- 107may be used to indicate standard input. 108.Nm 109will abort if any of the following 110commands fail: 111.Ic get , put , rename , ln , 112.Ic rm , mkdir , chdir , ls , 113.Ic lchdir , chmod , chown , chgrp , lpwd 114and 115.Ic lmkdir . 116Termination on error can be suppressed on a command by command basis by 117prefixing the command with a 118.Sq \- 119character (for example, 120.Ic -rm /tmp/blah* ) . 121.It Fl C 122Enables compression (via ssh's 123.Fl C 124flag). 125.It Fl F Ar ssh_config 126Specifies an alternative 127per-user configuration file for 128.Xr ssh 1 . 129This option is directly passed to 130.Xr ssh 1 . 131.It Fl o Ar ssh_option 132Can be used to pass options to 133.Nm ssh 134in the format used in 135.Xr ssh_config 5 . 136This is useful for specifying options 137for which there is no separate 138.Nm sftp 139command-line flag. 140For example, to specify an alternate port use: 141.Ic sftp -oPort=24 . 142For full details of the options listed below, and their possible values, see 143.Xr ssh_config 5 . 144.Pp 145.Bl -tag -width Ds -offset indent -compact 146.It AddressFamily 147.It BatchMode 148.It BindAddress 149.It ChallengeResponseAuthentication 150.It CheckHostIP 151.It Cipher 152.It Ciphers 153.It Compression 154.It CompressionLevel 155.It ConnectionAttempts 156.It ConnectTimeout 157.It ControlMaster 158.It ControlPath 159.It GlobalKnownHostsFile 160.It GSSAPIAuthentication 161.It GSSAPIDelegateCredentials 162.It Host 163.It HostbasedAuthentication 164.It HostKeyAlgorithms 165.It HostKeyAlias 166.It HostName 167.It IdentityFile 168.It IdentitiesOnly 169.It LogLevel 170.It MACs 171.It NoHostAuthenticationForLocalhost 172.It NumberOfPasswordPrompts 173.It PasswordAuthentication 174.It Port 175.It PreferredAuthentications 176.It Protocol 177.It ProxyCommand 178.It PubkeyAuthentication 179.It RhostsRSAAuthentication 180.It RSAAuthentication 181.It SendEnv 182.It ServerAliveInterval 183.It ServerAliveCountMax 184.It SmartcardDevice 185.It StrictHostKeyChecking 186.It TCPKeepAlive 187.It UsePrivilegedPort 188.It User 189.It UserKnownHostsFile 190.It VerifyHostKeyDNS 191.El 192.It Fl P Ar sftp_server_path 193Connect directly to a local sftp server 194(rather than via 195.Xr ssh 1 ) 196This option may be useful in debugging the client and server. 197.It Fl R Ar num_requests 198Specify how many requests may be outstanding at any one time. 199Increasing this may slightly improve file transfer speed 200but will increase memory usage. 201The default is 16 outstanding requests. 202.It Fl S Ar program 203Name of the 204.Ar program 205to use for the encrypted connection. 206The program must understand 207.Xr ssh 1 208options. 209.It Fl s Ar subsystem | sftp_server 210Specifies the SSH2 subsystem or the path for an sftp server 211on the remote host. 212A path is useful for using 213.Nm 214over protocol version 1, or when the remote 215.Xr sshd 8 216does not have an sftp subsystem configured. 217.It Fl v 218Raise logging level. 219This option is also passed to ssh. 220.El 221.Sh INTERACTIVE COMMANDS 222Once in interactive mode, 223.Nm 224understands a set of commands similar to those of 225.Xr ftp 1 . 226Commands are case insensitive and pathnames may be enclosed in quotes if they 227contain spaces. 228.Bl -tag -width "lmdir path" 229.It Ic bye 230Quit 231.Nm sftp . 232.It Ic cd Ar path 233Change remote directory to 234.Ar path . 235.It Ic chgrp Ar grp Ar path 236Change group of file 237.Ar path 238to 239.Ar grp . 240.Ar grp 241must be a numeric GID. 242.It Ic chmod Ar mode Ar path 243Change permissions of file 244.Ar path 245to 246.Ar mode . 247.It Ic chown Ar own Ar path 248Change owner of file 249.Ar path 250to 251.Ar own . 252.Ar own 253must be a numeric UID. 254.It Ic exit 255Quit 256.Nm sftp . 257.It Xo Ic get 258.Op Ar flags 259.Ar remote-path 260.Op Ar local-path 261.Xc 262Retrieve the 263.Ar remote-path 264and store it on the local machine. 265If the local 266path name is not specified, it is given the same name it has on the 267remote machine. 268If the 269.Fl P 270flag is specified, then the file's full permission and access time are 271copied too. 272.It Ic help 273Display help text. 274.It Ic lcd Ar path 275Change local directory to 276.Ar path . 277.It Ic lls Op Ar ls-options Op Ar path 278Display local directory listing of either 279.Ar path 280or current directory if 281.Ar path 282is not specified. 283.It Ic lmkdir Ar path 284Create local directory specified by 285.Ar path . 286.It Ic ln Ar oldpath Ar newpath 287Create a symbolic link from 288.Ar oldpath 289to 290.Ar newpath . 291.It Ic lpwd 292Print local working directory. 293.It Xo Ic ls 294.Op Ar flags 295.Op Ar path 296.Xc 297Display remote directory listing of either 298.Ar path 299or current directory if 300.Ar path 301is not specified. 302If the 303.Fl l 304flag is specified, then display additional details including permissions 305and ownership information. 306The 307.Fl n 308flag will produce a long listing with user and group information presented 309numerically. 310.Pp 311By default, 312.Ic ls 313listings are sorted in lexicographical order. 314This may be changed by specifying the 315.Fl S 316(sort by file size), 317.Fl t 318(sort by last modification time), or 319.Fl f 320(don't sort at all) flags. 321Additionally, the sort order may be reversed using the 322.Fl r 323flag. 324.It Ic lumask Ar umask 325Set local umask to 326.Ar umask . 327.It Ic mkdir Ar path 328Create remote directory specified by 329.Ar path . 330.It Ic progress 331Toggle display of progress meter. 332.It Xo Ic put 333.Op Ar flags 334.Ar local-path 335.Op Ar remote-path 336.Xc 337Upload 338.Ar local-path 339and store it on the remote machine. 340If the remote path name is not specified, it is given the same name it has 341on the local machine. 342If the 343.Fl P 344flag is specified, then the file's full permission and access time are 345copied too. 346.It Ic pwd 347Display remote working directory. 348.It Ic quit 349Quit 350.Nm sftp . 351.It Ic rename Ar oldpath Ar newpath 352Rename remote file from 353.Ar oldpath 354to 355.Ar newpath . 356.It Ic rm Ar path 357Delete remote file specified by 358.Ar path . 359.It Ic rmdir Ar path 360Remove remote directory specified by 361.Ar path . 362.It Ic symlink Ar oldpath Ar newpath 363Create a symbolic link from 364.Ar oldpath 365to 366.Ar newpath . 367.It Ic version 368Display the 369.Nm 370protocol version. 371.It Ic \&! Ar command 372Execute 373.Ar command 374in local shell. 375.It Ic \&! 376Escape to local shell. 377.It Ic \&? 378Synonym for help. 379.El 380.Sh SEE ALSO 381.Xr ftp 1 , 382.Xr scp 1 , 383.Xr ssh 1 , 384.Xr ssh-add 1 , 385.Xr ssh-keygen 1 , 386.Xr ssh_config 5 , 387.Xr sftp-server 8 , 388.Xr sshd 8 389.Rs 390.%A T. Ylonen 391.%A S. Lehtinen 392.%T "SSH File Transfer Protocol" 393.%N draft-ietf-secsh-filexfer-00.txt 394.%D January 2001 395.%O work in progress material 396.Re 397