September 7, 2020
6min Read
Edward S.
FTP is the standard method of transferring files or other data between computers, but it’s becoming more and more outdated in today’s security-conscious environment. Fortunately, that’s where SFTP comes in, which is particularly useful for VPS hosting users.
Save up to 77% on our VPS plans!
In this guide, we’re going to show how to use SFTP for secure file transfer, talk about some other useful commands and elaborate more on how it works.
SFTP is a subsystem of SSH. Hence, it supports all SSH authentication methods. While it’s easier to set up and use password authentication, it’s much more convenient and safer to create SSH keys for a passwordless SFTP login.
You can check this tutorial on how to set up your SSH keys. Once you’re ready, follow the steps below to connect with SFTP:
ssh user@server_ipaddress ssh user@remotehost_domainname
sftp user@server_ipaddress sftp user@remotehost_domainname
sftp -oPort=customport user@server_ipaddress sftp -oPort=customport user@remotehost_domainname
sftp -oPort=49166 user@31.220.57.32
Once you’re connected, you will see an SFTP prompt.
Here we’re going to show you how to transfer remote files to the local system using SFTP and vice versa.
NOTE: You can also transfer your files using SFTP clients, such as WinSCP or FileZilla. If you’re interested in the latter, check our tutorial here.
To start, let’s check which local and which remote working directory we are using. To do this, we’ll use these SFTP commands:
sftp> lpwd Local directory: /LocalDirectory sftp> pwd Remote directory: /RemoteDirectory
Now, let’s see how to transfer a file from a remote server to your local machine using the get command. Here’s the basic syntax of the get command:
get /RemoteDirectory/filename.txt
For example, to copy the file /etc/xinetd.conf from the remote server to your local machine, you would use:
get /etc/xinetd.conf
Once the download is complete, you can now find that the file xinetd.conf is in the /user/home directory of your local machine.
To download multiple files with SFTP, use the mget command. To download all files in a directory called /etc that have the .conf extension to your current working directory, you will use the following command:
mget /etc/*.conf
After the download, you can find all *.conf files in /user/home directory of your local machine.
To copy a file from the local machine to the remote server, we’ll use the get command again. In this case, the syntax of get command will be:
get file.txt /RemoteDirectory
To move the file example.txt from a local machine to the remote machine, enter the following command:
put /home/user-name/example.txt /root
Now we will find the file in the remote server’s root directory. You can also try transferring multiple files using the mput command. It works nearly the same as mget:
mput /home/user-name/*.txt /root
This command would move all files with the .txt extension in the /home/user-name from the local machine to the remote /root directory.
NOTE: Keep in mind that to download and upload the files with SFTP, you will need to type the command put or get and press the TAB key.
Some commands can be used to navigate through the remote and local servers more efficiently with SFTP. They’re similar to the ones you’d use in the Linux shell prompt.
For example, the pwd command is always useful to let you know in which working directory you are currently on.
sftp> pwd Remote directory: /RemoteDirectory
or
sftp> lpwd Local directory: /LocalDirectory
You can also display the list of files and directories you’re using for the remote directory:
ls
Similarly, for the local working directory:
lls
For instance, the output will look similar to this:
Pictures Templates Media Text.txt Documents
To switch from one remote working directory to another local working directory, enter the following commands:
cd name_of_directory lcd name_of_directory
Finally, use the ! and exit commands to go back to the local shell and quit SFTP.
With SFTP, you can also manage directories and files using specific commands.
To check the remote server’s disk space in gigabytes, use the df function like so:
df -h
Here’s an output example:
Filesystem Size Used Avail Use% Mounted on /dev/ploop29212p1 59G 2.5G 56G 5% / none 1.5G 0 1.5G 0% /sys/fs/cgroup none 1.5G 0 1.5G 0% /dev tmpfs 1.5G 0 1.5G 0% /dev/shm tmpfs 1.5G 568K 1.5G 1% /run tmpfs 308M 0 308M 0% /run/user/0
Use the mkdir command to create a new directory on either the remote and local server :
mkdir name_of_directory lmkdir name_of_directory
You can delete one from the remote server using the rmdir command:
rmdir name_of_directory
Meanwhile, renaming a remote file is also rather straightforward:
rename filename new_filename
Here’s an example:
rename Old_FileExample New_FileExample
If you want to remove a remote file, use the rm command:
rm filename
While the chown command is used to replace a file’s owner:
chown userid filename
userid can either be a username or a numeric user ID. For instance:
chown UserOne FileExample chown 1234 FileExample
chgrp is used for changing a file’s group owner:
chgrp groupid filename
For instance:
chgrp NewGroup FileExample
Finally, you will need to use the chmod interactive command to change a file’s permission:
chmod 764 FileExample
In this example, the three-digit value stands for the file’s user, group, and other users.
As for the permissions to read (r), write (w), and execute (x), their values are 4, 2, 1, respectively. 0 can also be used to provide no permissions.
To assign permissions, simply calculate the total values for each user class. Here’s a breakdown of the example:
chmod ugo FileExample # u represents the User who'll be able to read, write and execute the file. # g is for Groups, here we've given the permission to write and execute the file. # o or Others will only be able to read the file.
If you need a quick cheat sheet, here’s a list of all the available SFTP commands. You can find this list yourself by simply entering the help or ? command — both will prompt the same result.
bye Quit sftp cd path Change remote directory to 'path' chgrp [-h] grp path Change group of file 'path' to 'grp' chmod [-h] mode path Change permissions of file 'path' to 'mode' chown [-h] own path Change owner of file 'path' to 'own' df [-hi] [path] Display statistics for current directory or filesystem containing 'path' exit Quit sftp get [-afpR] remote [local] Download file help Display this help text lcd path Change local directory to 'path' lls [ls-options [path]] Display local directory listing lmkdir path Create local directory ln [-s] oldpath newpath Link remote file (-s for symlink) lpwd Print local working directory ls [-1afhlnrSt] [path] Display remote directory listing lumask umask Set local umask to 'umask' mkdir path Create remote directory progress Toggle display of progress meter put [-afpR] local [remote] Upload file pwd Display remote working directory quit Quit sftp reget [-fpR] remote [local] Resume download file rename oldpath newpath Rename remote file reput [-fpR] local [remote] Resume upload file rm path Delete remote file rmdir path Remove remote directory symlink oldpath newpath Symlink remote file version Show SFTP version !command Execute 'command' in local shell ! Escape to local shell
SFTP, or SSH File Transfer Protocol for short, is a much more secure way to move files. Using the SSH protocol, it supports encryption and other security methods used to better protect file transfers. It’s the only secure file transfer protocol that protects against attacks at any point in the data transfer process, making it the preferred protocol.
During file transfer, all of the data is divided into packets and sent through a single secure connection.
Sensitive information will be encrypted and made unreadable when being transferred between the client and the server. In other words, the original content (plaintext) will be replaced by an incoherent string of characters (ciphertext).
Only the recipient with the required decryption key will be able to see the original content. This prevents any unauthorized access during file transfer.
Regular file transfer protocol (FTP) has two different channels to exchange data — the command channel and the data channel. In contrast, SFTP has only one encrypted channel where the data is exchanged in encrypted, formatted packets.
That pretty much covers the basics of how to use SFTP for secure file transfer. We hope this tutorial has proved to be useful. However, if you need more information on FTP alone, you can find more tutorials here.
If you have any more questions, don’t hesitate to leave a comment down below.
July 21 2020
This is a spectacular tutorial; it is very concise and laid out in nice, logical steps from start to finish. Thank you very much. I just began a new job as an SDET and this helped me figure out how to transfer the files I needed from my local machine to my remote linux machine. Thank you again.
August 22 2020
Are both these similar, or perhaps one is incorrect? To copy a file from the local machine to the remote server, we’ll use the get command again. In this case, the syntax of get command will be: get file.txt /RemoteDirectory To move the file example.txt from a local machine to the remote machine, enter the following command: put /home/user-name/example.txt /root
Tomislav T.
Replied on November 06 2020
They do have similar uses, yes. Both are correct :)