ProPrivacy is reader supported and sometimes receives a commission when you make purchases using links on this site.

What is SFTP? | Transfer files using SFTP commands

In this guide, we will define SFTP protocol and explain its various uses. We will also explain the various methods for communicating with remote hosts via SFTP, and we will list some of the most useful SFTP commands that can be leveraged during an SFTP session on a Linux or macOS Terminal.

 

What is SFTP?

SSH File Transfer Protocol (SFTP) is a protocol that is used to enable secure file transfers from one networked host to another. It is often used by organizations and individuals to facilitate secure file access, file transfers, and file management over a secure shell data stream.

What is SFTP used for?

SFTP was developed to provide a way to transfer files over SSH. Thus, SFTP is primarily used for the purpose of transferring files securely from one system to another. The two systems could be remote computers located within the same building or systems based in different countries.

In addition, SFTP can be leveraged by clients for remote file management functions. This allows those applications to remotely search and list the contents of directories and subdirectories, to create new directories, rename directories, and to copy or delete files and directories.

Another advantage of SFTP file transfers is that they can be resumed if they happen to be interrupted during a file transfer. 

How to use SFTP to securely transfer files

GUI clients

The vast majority of people use applications with a graphical user interface (GUI) to control their SFTP file transfers and file management activities. This is because those graphical clients make it much easier to perform tasks. GUI SFTP clients, for example, permit you to drag-and-drop items from one window to another to initiate file transfers. 

Two of the most popular GUI SFTP applications are CyberDuck (macOS) and WinSCP (Windows). Both of those graphical clients require users to specify the name of the host they want to connect to, and then to authenticate themselves with a valid username and password. 

With that done, they can use the GUI client to control the various features available to them to initiate file transfers or to perform file management activities on the remote system.

SFTP Commands

People primarily use command-line SFTP on systems running Linux, or to control file transfers from their macOS Terminal.

To do so, the user must first initiate the command-line SFTP session. This is done by entering the command below (where username is your username and hostname is the address for the host):

sftp username@hostname

When prompted, enter your password to connect to the remote SFTP host.

If you’re using a custom SSH port, you will need to initiate the SFTP session using the command below (where customport is the port number):

sftp -oPort=customport username@hostname

Once connected, you will see the SFTP prompt (sftp>) and you can begin using the SFTP commands below. You can access this list of commands (and some other less common ones) by entering either the help or ? command into the SFTP prompt.

cd

Change the directory path on the remote host
lls List the contents of the current directory on the local computer
lcd Change the directory on the local computer
lmkdir Create a directory on the local computer
get Copy a file from the remote host to the local computer
chown Change the owner of files on the remote host
ls (or dir) List the contents of the current directory on the remote host
mkdir  Create a directory on the remote host
put Copy a file from the local computer to the remote host
rename Rename a file on the remote host
rm Delete a file on the remote host
pwd Show remote working directory 
lpwd Show working directory on the local computer
rmdir Remove a directory on the remote host (it must be empty first)
version Display the SFTP version f
lumask Change the local umask value
symlink Create a symbolic link for a file on the remote host
In Same as symlink
df -h Check the remote server’s disk space in gigabytes
help Get help on the use of SFTP commands 
! Escape to local shell. To return to SFTP type exit (you can execute commands in the underlying OS without leaving the shell by typing ! followed by the necessary command)
? Get information about a particular command (for example: ? cd)
exit  End the connection with the remote host, and exit SFTP
quit Same as exit

Remember that, when you enter an SFTP session, the shell prompt will change to sftp> When that happens, you will no longer be able to enter commands directed at the local shell. Instead, you will need to use the SFTP commands listed above.

If you do need to enter commands into the local shell for your operating system, you will need to enter ! to escape the SFTP shell prompt (followed by exit to return to the sftp> prompt).

SFTP vs FTP – what is the difference?

FTP stands for File Transfer Protocol. It is a protocol that is used for transferring files between two remote systems without the use of encryption.

FTP was not designed to allow secure file transfers. It uses plaintext usernames and passwords for authentication and does not include any encryption. This means that data sent using FTP is vulnerable to Man-in-the-Middle attacks such as sniffing and spoofing.

SFTP is a file transfer protocol that adds security to the process through the use of Secure Shell (SSH) for establishing a secure data stream between two remote systems before initiating the exchange of information. 

Due to the security concerns involved in using FTP, the protocol is now primarily considered deprecated. For this reason, it should only ever be used for the transfer of information that is already public.

The good news is that commercial file transfer tools nowadays all provide SFTP, which means that there really is no need to use insecure FTP unless you are on a legacy system.

Check out our FTP backup page for a list of the most secure services. 

Written by: Ray Walsh

Digital privacy expert with 5 years experience testing and reviewing VPNs. He's been quoted in The Express, The Times, The Washington Post, The Register, CNET & many more. 

0 Comments

There are no comments yet.

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives: