In this guide, we will define SFTP protocol and explain its various uses. We will also explain the various methods for communicating with remote hosts via SFTP, and we will list some of the most useful SFTP commands that can be leveraged during an SFTP session on a Linux or macOS Terminal.
What is SFTP?
SSH File Transfer Protocol (SFTP) is a protocol that is used to enable secure file transfers from one networked host to another. It is often used by organizations and individuals to facilitate secure file access, file transfers, and file management over a secure shell data stream.
What is SFTP used for?
SFTP was developed to provide a way to transfer files over SSH. Thus, SFTP is primarily used for the purpose of transferring files securely from one system to another. The two systems could be remote computers located within the same building or systems based in different countries.
In addition, SFTP can be leveraged by clients for remote file management functions. This allows those applications to remotely search and list the contents of directories and subdirectories, to create new directories, rename directories, and to copy or delete files and directories.
Another advantage of SFTP file transfers is that they can be resumed if they happen to be interrupted during a file transfer.
How to use SFTP to securely transfer files
The vast majority of people use applications with a graphical user interface (GUI) to control their SFTP file transfers and file management activities. This is because those graphical clients make it much easier to perform tasks. GUI SFTP clients, for example, permit you to drag-and-drop items from one window to another to initiate file transfers.
Two of the most popular GUI SFTP applications are CyberDuck (macOS) and WinSCP (Windows). Both of those graphical clients require users to specify the name of the host they want to connect to, and then to authenticate themselves with a valid username and password.
With that done, they can use the GUI client to control the various features available to them to initiate file transfers or to perform file management activities on the remote system.
People primarily use command-line SFTP on systems running Linux, or to control file transfers from their macOS Terminal.
To do so, the user must first initiate the command-line SFTP session. This is done by entering the command below (where username is your username and hostname is the address for the host):
When prompted, enter your password to connect to the remote SFTP host.
If you’re using a custom SSH port, you will need to initiate the SFTP session using the command below (where customport is the port number):
|sftp -oPort=customport username@hostname|
Once connected, you will see the SFTP prompt (sftp>) and you can begin using the SFTP commands below. You can access this list of commands (and some other less common ones) by entering either the help or ? command into the SFTP prompt.
|Change the directory path on the remote host|
|lls||List the contents of the current directory on the local computer|
|lcd||Change the directory on the local computer|
|lmkdir||Create a directory on the local computer|
|get||Copy a file from the remote host to the local computer|
|chown||Change the owner of files on the remote host|
|ls (or dir)||List the contents of the current directory on the remote host|
|mkdir||Create a directory on the remote host|
|put||Copy a file from the local computer to the remote host|
|rename||Rename a file on the remote host|
|rm||Delete a file on the remote host|
|pwd||Show remote working directory|
|lpwd||Show working directory on the local computer|
|rmdir||Remove a directory on the remote host (it must be empty first)|
|version||Display the SFTP version f|
|lumask||Change the local umask value|
|symlink||Create a symbolic link for a file on the remote host|
|In||Same as symlink|
|df -h||Check the remote server’s disk space in gigabytes|
|help||Get help on the use of SFTP commands|
|!||Escape to local shell. To return to SFTP type exit (you can execute commands in the underlying OS without leaving the shell by typing ! followed by the necessary command)|
|?||Get information about a particular command (for example: ? cd)|
|exit||End the connection with the remote host, and exit SFTP|
|quit||Same as exit|
Remember that, when you enter an SFTP session, the shell prompt will change to sftp> When that happens, you will no longer be able to enter commands directed at the local shell. Instead, you will need to use the SFTP commands listed above.
If you do need to enter commands into the local shell for your operating system, you will need to enter ! to escape the SFTP shell prompt (followed by exit to return to the sftp> prompt).
SFTP vs FTP – what is the difference?
FTP stands for File Transfer Protocol. It is a protocol that is used for transferring files between two remote systems without the use of encryption.
FTP was not designed to allow secure file transfers. It uses plaintext usernames and passwords for authentication and does not include any encryption. This means that data sent using FTP is vulnerable to Man-in-the-Middle attacks such as sniffing and spoofing.
SFTP is a file transfer protocol that adds security to the process through the use of Secure Shell (SSH) for establishing a secure data stream between two remote systems before initiating the exchange of information.
Due to the security concerns involved in using FTP, the protocol is now primarily considered deprecated. For this reason, it should only ever be used for the transfer of information that is already public.
The good news is that commercial file transfer tools nowadays all provide SFTP, which means that there really is no need to use insecure FTP unless you are on a legacy system.
Check out our FTP backup page for a list of the most secure services.