Mar 09, 2021
How to Use SFTP (SSH File Transfer Protocol)
FTP is the standard method of transferring files or other data between computers, but it’s becoming more and more outdated in today’s security-conscious environment. Fortunately, that’s where SFTP comes in, which is particularly useful for VPS hosting users.
In this guide, we’re going to show how to use SFTP for secure file transfer, talk about some other useful commands and elaborate more on how it works.
How to Connect Using SFTP?
SFTP is a subsystem of SSH. Hence, it supports all SSH authentication methods. While it’s easier to set up and use password authentication, it’s much more convenient and safer to create SSH keys for a passwordless SFTP login.
You can check this tutorial on how to set up your SSH keys. Once you’re ready, follow the steps below to connect with SFTP:
- Check your SSH access using one of these commands:
ssh user@server_ipaddress ssh user@remotehost_domainname
- Once that is done, leave the session if no errors occurred.
- Initiate an SFTP connection with the following commands:
sftp user@server_ipaddress sftp user@remotehost_domainname
- If you’re using a custom SSH port, use one of these commands to change the SFTP port:
sftp -oPort=customport user@server_ipaddress sftp -oPort=customport user@remotehost_domainname
- Here’s how it should look like:
sftp -oPort=49166 email@example.com
Once you’re connected, you will see an SFTP prompt.
How to Transfer Files Using SFTP?
Here we’re going to show you how to transfer remote files to the local system using SFTP and vice versa.
Transferring Remote Files From a Server to the Local System
To start, let’s check which local and which remote working directory we are using. To do this, we’ll use these SFTP commands:
sftp> lpwd Local directory: /LocalDirectory sftp> pwd Remote directory: /RemoteDirectory
Now, let’s see how to transfer a file from a remote server to your local machine using the get command. Here’s the basic syntax of the get command:
For example, to copy the file /etc/xinetd.conf from the remote server to your local machine, you would use:
Once the download is complete, you can now find that the file xinetd.conf is in the /user/home directory of your local machine.
To download multiple files with SFTP, use the mget command. To download all files in a directory called /etc that have the .conf extension to your current working directory, you will use the following command:
After the download, you can find all *.conf files in /user/home directory of your local machine.
Transferring Files From the Local Machine to a Remote Server
To copy a file from the local machine to the remote server, we’ll use the get command again. In this case, the syntax of get command will be:
get file.txt /RemoteDirectory
To move the file example.txt from a local machine to the remote machine, enter the following command:
put /home/user-name/example.txt /root
Now we will find the file in the remote server’s root directory. You can also try transferring multiple files using the mput command. It works nearly the same as mget:
mput /home/user-name/*.txt /root
This command would move all files with the .txt extension in the /home/user-name from the local machine to the remote /root directory.
NOTE: Keep in mind that to download and upload the files with SFTP, you will need to type the command put or get and press the TAB key.
Commands for Navigating With SFTP
Some commands can be used to navigate through the remote and local servers more efficiently with SFTP. They’re similar to the ones you’d use in the Linux shell prompt.
For example, the pwd command is always useful to let you know in which working directory you are currently on.
sftp> pwd Remote directory: /RemoteDirectory
sftp> lpwd Local directory: /LocalDirectory
You can also display the list of files and directories you’re using for the remote directory:
Similarly, for the local working directory:
For instance, the output will look similar to this:
Pictures Templates Media Text.txt Documents
To switch from one remote working directory to another local working directory, enter the following commands:
cd name_of_directory lcd name_of_directory
Finally, use the ! and exit commands to go back to the local shell and quit SFTP.
Basics of File Maintenance Using SFTP
With SFTP, you can also manage directories and files using specific commands.
To check the remote server’s disk space in gigabytes, use the df function like so:
Here’s an output example:
Filesystem Size Used Avail Use% Mounted on /dev/ploop29212p1 59G 2.5G 56G 5% / none 1.5G 0 1.5G 0% /sys/fs/cgroup none 1.5G 0 1.5G 0% /dev tmpfs 1.5G 0 1.5G 0% /dev/shm tmpfs 1.5G 568K 1.5G 1% /run tmpfs 308M 0 308M 0% /run/user/0
Use the mkdir command to create a new directory on either the remote and local server :
mkdir name_of_directory lmkdir name_of_directory
You can delete one from the remote server using the rmdir command:
Meanwhile, renaming a remote file is also rather straightforward:
rename filename new_filename
Here’s an example:
rename Old_FileExample New_FileExample
If you want to remove a remote file, use the rm command:
While the chown command is used to replace a file’s owner:
chown userid filename
userid can either be a username or a numeric user ID. For instance:
chown UserOne FileExample chown 1234 FileExample
chgrp is used for changing a file’s group owner:
chgrp groupid filename
chgrp NewGroup FileExample
Finally, you will need to use the chmod interactive command to change a file’s permission:
chmod 764 FileExample
In this example, the three-digit value stands for the file’s user, group, and other users.
As for the permissions to read (r), write (w), and execute (x), their values are 4, 2, 1, respectively. 0 can also be used to provide no permissions.
To assign permissions, simply calculate the total values for each user class. Here’s a breakdown of the example:
chmod ugo FileExample # u represents the User who'll be able to read, write and execute the file. # g is for Groups, here we've given the permission to write and execute the file. # o or Others will only be able to read the file.
List of Useful SFTP Commands
If you need a quick cheat sheet, here’s a list of all the available SFTP commands. You can find this list yourself by simply entering the help or ? command — both will prompt the same result.
bye Quit sftp cd path Change remote directory to 'path' chgrp [-h] grp path Change group of file 'path' to 'grp' chmod [-h] mode path Change permissions of file 'path' to 'mode' chown [-h] own path Change owner of file 'path' to 'own' df [-hi] [path] Display statistics for current directory or filesystem containing 'path' exit Quit sftp get [-afpR] remote [local] Download file help Display this help text lcd path Change local directory to 'path' lls [ls-options [path]] Display local directory listing lmkdir path Create local directory ln [-s] oldpath newpath Link remote file (-s for symlink) lpwd Print local working directory ls [-1afhlnrSt] [path] Display remote directory listing lumask umask Set local umask to 'umask' mkdir path Create remote directory progress Toggle display of progress meter put [-afpR] local [remote] Upload file pwd Display remote working directory quit Quit sftp reget [-fpR] remote [local] Resume download file rename oldpath newpath Rename remote file reput [-fpR] local [remote] Resume upload file rm path Delete remote file rmdir path Remove remote directory symlink oldpath newpath Symlink remote file version Show SFTP version !command Execute 'command' in local shell ! Escape to local shell
What is SFTP?
SFTP, or SSH File Transfer Protocol for short, is a much more secure way to move files. Using the SSH protocol, it supports encryption and other security methods used to better protect file transfers. It’s the only secure file transfer protocol that protects against attacks at any point in the data transfer process, making it the preferred protocol.
During file transfer, all of the data is divided into packets and sent through a single secure connection.
Sensitive information will be encrypted and made unreadable when being transferred between the client and the server. In other words, the original content (plaintext) will be replaced by an incoherent string of characters (ciphertext).
Only the recipient with the required decryption key will be able to see the original content. This prevents any unauthorized access during file transfer.
Regular file transfer protocol (FTP) has two different channels to exchange data — the command channel and the data channel. In contrast, SFTP has only one encrypted channel where the data is exchanged in encrypted, formatted packets.
That pretty much covers the basics of how to use SFTP for secure file transfer. We hope this tutorial has proved to be useful. However, if you need more information on FTP alone, you can find more tutorials here.
If you have any more questions, don’t hesitate to leave a comment down below.