How to Use SFTP (SSH File Transfer Protocol)

FTP is the standard method of transferring files or other data between computers, but it’s becoming more and more outdated in today’s security-conscious environment. Fortunately, that’s where SFTP comes in, which is particularly useful for VPS hosting users.

In this guide, we’re going to show how to use SFTP for secure file transfer, talk about some other useful commands and elaborate more on how it works.

How to Connect Using SFTP?

SFTP is a subsystem of SSH. Hence, it supports all SSH authentication methods. While it’s easier to set up and use password authentication, it’s much more convenient and safer to create SSH keys for a passwordless SFTP login.

You can check this tutorial on how to set up your SSH keys. Once you’re ready, follow the steps below to connect with SFTP:

1. Check your SSH access using one of these commands:

   ssh user@server_ipaddress
   ssh user@remotehost_domainname

2. Once that is done, leave the session if no errors occurred.
3. Initiate an SFTP connection with the following commands:

   sftp user@server_ipaddress
   sftp user@remotehost_domainname

4. If you’re using a custom SSH port, use one of these commands to change the SFTP port:

   sftp -oPort=customport user@server_ipaddress
   sftp -oPort=customport user@remotehost_domainname

5. Here’s how it should look like:

   sftp -oPort=49166 user@31.220.57.32

Once you’re connected, you will see an SFTP prompt.

How to Transfer Files Using SFTP?

Here we’re going to show you how to transfer remote files to the local system using SFTP and vice versa.

Transferring Remote Files From a Server to the Local System

To start, let’s check which local and which remote working directory we are using. To do this, we’ll use these SFTP commands:

sftp> lpwd
Local directory: /LocalDirectory
sftp> pwd
Remote directory: /RemoteDirectory

Now, let’s see how to transfer a file from a remote server to your local machine using the get command. Here’s the basic syntax of the get command:

get /RemoteDirectory/filename.txt

For example, to copy the file /etc/xinetd.conf from the remote server to your local machine, you would use:

get /etc/xinetd.conf

Once the download is complete, you can now find that the file xinetd.conf is in the /user/home directory of your local machine.

To download multiple files with SFTP, use the mget command. To download all files in a directory called /etc that have the .conf extension to your current working directory, you will use the following command:

mget /etc/*.conf

After the download, you can find all *.conf files in /user/home directory of your local machine.

Transferring Files From the Local Machine to a Remote Server

To copy a file from the local machine to the remote server, we’ll use the get command again. In this case, the syntax of get command will be:

get file.txt /RemoteDirectory

To move the file example.txt from a local machine to the remote machine, enter the following command:

put /home/user-name/example.txt /root

Now we will find the file in the remote server’s root directory. You can also try transferring multiple files using the mput command. It works nearly the same as mget:

mput /home/user-name/*.txt /root

This command would move all files with the .txt extension in the /home/user-name from the local machine to the remote /root directory.

Commands for Navigating With SFTP

Some commands can be used to navigate through the remote and local servers more efficiently with SFTP. They’re similar to the ones you’d use in the Linux shell prompt.

For example, the pwd command is always useful to let you know in which working directory you are currently on.

sftp> pwd
Remote directory: /RemoteDirectory

or

sftp> lpwd
Local directory: /LocalDirectory

You can also display the list of files and directories you’re using for the remote directory:

ls

Similarly, for the local working directory:

lls

For instance, the output will look similar to this:

Pictures     Templates     Media     Text.txt     Documents

To switch from one remote working directory to another local working directory, enter the following commands:

cd name_of_directory
lcd name_of_directory

Finally, use the ! and exit commands to go back to the local shell and quit SFTP.

Basics of File Maintenance Using SFTP

With SFTP, you can also manage directories and files using specific commands.

To check the remote server’s disk space in gigabytes, use the df function like so:

df -h

Here’s an output example:

Filesystem         Size  Used Avail Use% Mounted on
/dev/ploop29212p1   59G  2.5G   56G   5% /
none               1.5G     0  1.5G   0% /sys/fs/cgroup
none               1.5G     0  1.5G   0% /dev
tmpfs              1.5G     0  1.5G   0% /dev/shm
tmpfs              1.5G  568K  1.5G   1% /run
tmpfs              308M     0  308M   0% /run/user/0

Use the mkdir command to create a new directory on either the remote and local server :

mkdir name_of_directory
lmkdir name_of_directory

You can delete one from the remote server using the rmdir command:

rmdir name_of_directory

Meanwhile, renaming a remote file is also rather straightforward:

rename filename new_filename

Here’s an example:

rename Old_FileExample New_FileExample

If you want to remove a remote file, use the rm command:

rm filename

While the chown command is used to replace a file’s owner:

chown userid filename

userid can either be a username or a numeric user ID. For instance:

chown UserOne FileExample
chown 1234 FileExample

chgrp is used for changing a file’s group owner:

chgrp groupid filename

For instance:

chgrp NewGroup FileExample

Finally, you will need to use the chmod interactive command to change a file’s permission:

chmod 764 FileExample

In this example, the three-digit value stands for the file’s user, group, and other users.

As for the permissions to read (r), write (w), and execute (x), their values are 4, 2, 1, respectively. 0 can also be used to provide no permissions.

To assign permissions, simply calculate the total values for each user class. Here’s a breakdown of the example:

chmod ugo FileExample
# u represents the User who'll be able to read, write and execute the file.
# g is for Groups, here we've given the permission to write and execute the file.
# o or Others will only be able to read the file.

List of Useful SFTP Commands

If you need a quick cheat sheet, here’s a list of all the available SFTP commands. You can find this list yourself by simply entering the help or ? command — both will prompt the same result.

bye                                Quit sftp
cd path                            Change remote directory to 'path'
chgrp [-h] grp path                Change group of file 'path' to 'grp'
chmod [-h] mode path               Change permissions of file 'path' to 'mode'
chown [-h] own path                Change owner of file 'path' to 'own'
df [-hi] [path]                    Display statistics for current directory or
                                   filesystem containing 'path'
exit                               Quit sftp
get [-afpR] remote [local]         Download file
help                               Display this help text
lcd path                           Change local directory to 'path'
lls [ls-options [path]]            Display local directory listing
lmkdir path                        Create local directory
ln [-s] oldpath newpath            Link remote file (-s for symlink)
lpwd                               Print local working directory
ls [-1afhlnrSt] [path]             Display remote directory listing
lumask umask                       Set local umask to 'umask'
mkdir path                         Create remote directory
progress                           Toggle display of progress meter
put [-afpR] local [remote]         Upload file
pwd                                Display remote working directory
quit                               Quit sftp
reget [-fpR] remote [local]        Resume download file
rename oldpath newpath             Rename remote file
reput [-fpR] local [remote]        Resume upload file
rm path                            Delete remote file
rmdir path                         Remove remote directory
symlink oldpath newpath            Symlink remote file
version                            Show SFTP version
!command                           Execute 'command' in local shell
!                                  Escape to local shell

What is SFTP?

SFTP, or SSH File Transfer Protocol for short, is a much more secure way to move files. Using the SSH protocol, it supports encryption and other security methods used to better protect file transfers. It’s the only secure file transfer protocol that protects against attacks at any point in the data transfer process, making it the preferred protocol.

During file transfer, all of the data is divided into packets and sent through a single secure connection.

Sensitive information will be encrypted and made unreadable when being transferred between the client and the server. In other words, the original content (plaintext) will be replaced by an incoherent string of characters (ciphertext).

Only the recipient with the required decryption key will be able to see the original content. This prevents any unauthorized access during file transfer.

Regular file transfer protocol (FTP) has two different channels to exchange data — the command channel and the data channel. In contrast, SFTP has only one encrypted channel where the data is exchanged in encrypted, formatted packets.

Conclusion

That pretty much covers the basics of how to use SFTP for secure file transfer. We hope this tutorial has proved to be useful. However, if you need more information on FTP alone, you can find more tutorials here.

If you have any more questions, don’t hesitate to leave a comment down below.