Vendor import of OpenSSH 7.7p1.

[FreeBSD/FreeBSD.git] / sftp.0

SFTP(1)                     General Commands Manual                    SFTP(1)

NAME
     sftp M-bM-^@M-^S secure file transfer program

SYNOPSIS
     sftp [-46aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher]
          [-D sftp_server_path] [-F ssh_config] [-i identity_file] [-l limit]
          [-o ssh_option] [-P port] [-R num_requests] [-S program]
          [-s subsystem | sftp_server] destination

DESCRIPTION
     sftp is a file transfer program, similar to ftp(1), which performs all
     operations over an encrypted ssh(1) transport.  It may also use many
     features of ssh, such as public key authentication and compression.

     The destination may be specified either as [user@]host[:path] or as a URI
     in the form sftp://[user@]host[:port][/path].

     If the destination includes a path and it is not a directory, sftp will
     retrieve files automatically if a non-interactive authentication method
     is used; otherwise it will do so after successful interactive
     authentication.

     If no path is specified, or if the path is a directory, sftp will log in
     to the specified host and enter interactive command mode, changing to the
     remote directory if one was specified.  An optional trailing slash can be
     used to force the path to be interpreted as a directory.

     Since the destination formats use colon characters to delimit host names
     from path names or port numbers, IPv6 addresses must be enclosed in
     square brackets to avoid ambiguity.

     The options are as follows:

     -4      Forces sftp to use IPv4 addresses only.

     -6      Forces sftp to use IPv6 addresses only.

     -a      Attempt to continue interrupted transfers rather than overwriting
             existing partial or complete copies of files.  If the partial
             contents differ from those being transferred, then the resultant
             file is likely to be corrupt.

     -B buffer_size
             Specify the size of the buffer that sftp uses when transferring
             files.  Larger buffers require fewer round trips at the cost of
             higher memory consumption.  The default is 32768 bytes.

     -b batchfile
             Batch mode reads a series of commands from an input batchfile
             instead of stdin.  Since it lacks user interaction it should be
             used in conjunction with non-interactive authentication to
             obviate the need to enter a password at connection time (see
             sshd(8) and ssh-keygen(1) for details).  A batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may
             be used to indicate standard input.  sftp will abort if any of
             the following commands fail: get, put, reget, reput, rename, ln,
             rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp, lpwd, df,
             symlink, and lmkdir.  Termination on error can be suppressed on a
             command by command basis by prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y
             character (for example, -rm /tmp/blah*).

     -C      Enables compression (via ssh's -C flag).

     -c cipher
             Selects the cipher to use for encrypting the data transfers.
             This option is directly passed to ssh(1).

     -D sftp_server_path
             Connect directly to a local sftp server (rather than via ssh(1)).
             This option may be useful in debugging the client and server.

     -F ssh_config
             Specifies an alternative per-user configuration file for ssh(1).
             This option is directly passed to ssh(1).

     -f      Requests that files be flushed to disk immediately after
             transfer.  When uploading files, this feature is only enabled if
             the server implements the "fsync@openssh.com" extension.

     -i identity_file
             Selects the file from which the identity (private key) for public
             key authentication is read.  This option is directly passed to
             ssh(1).

     -l limit
             Limits the used bandwidth, specified in Kbit/s.

     -o ssh_option
             Can be used to pass options to ssh in the format used in
             ssh_config(5).  This is useful for specifying options for which
             there is no separate sftp command-line flag.  For example, to
             specify an alternate port use: sftp -oPort=24.  For full details
             of the options listed below, and their possible values, see
             ssh_config(5).

                   AddressFamily
                   BatchMode
                   BindAddress
                   BindInterface
                   CanonicalDomains
                   CanonicalizeFallbackLocal
                   CanonicalizeHostname
                   CanonicalizeMaxDots
                   CanonicalizePermittedCNAMEs
                   CertificateFile
                   ChallengeResponseAuthentication
                   CheckHostIP
                   Ciphers
                   Compression
                   ConnectionAttempts
                   ConnectTimeout
                   ControlMaster
                   ControlPath
                   ControlPersist
                   GlobalKnownHostsFile
                   GSSAPIAuthentication
                   GSSAPIDelegateCredentials
                   HashKnownHosts
                   Host
                   HostbasedAuthentication
                   HostbasedKeyTypes
                   HostKeyAlgorithms
                   HostKeyAlias
                   HostName
                   IdentitiesOnly
                   IdentityAgent
                   IdentityFile
                   IPQoS
                   KbdInteractiveAuthentication
                   KbdInteractiveDevices
                   KexAlgorithms
                   LogLevel
                   MACs
                   NoHostAuthenticationForLocalhost
                   NumberOfPasswordPrompts
                   PasswordAuthentication
                   PKCS11Provider
                   Port
                   PreferredAuthentications
                   ProxyCommand
                   ProxyJump
                   PubkeyAcceptedKeyTypes
                   PubkeyAuthentication
                   RekeyLimit
                   SendEnv
                   ServerAliveInterval
                   ServerAliveCountMax
                   StrictHostKeyChecking
                   TCPKeepAlive
                   UpdateHostKeys
                   UsePrivilegedPort
                   User
                   UserKnownHostsFile
                   VerifyHostKeyDNS

     -P port
             Specifies the port to connect to on the remote host.

     -p      Preserves modification times, access times, and modes from the
             original files transferred.

     -q      Quiet mode: disables the progress meter as well as warning and
             diagnostic messages from ssh(1).

     -R num_requests
             Specify how many requests may be outstanding at any one time.
             Increasing this may slightly improve file transfer speed but will
             increase memory usage.  The default is 64 outstanding requests.

     -r      Recursively copy entire directories when uploading and
             downloading.  Note that sftp does not follow symbolic links
             encountered in the tree traversal.

     -S program
             Name of the program to use for the encrypted connection.  The
             program must understand ssh(1) options.

     -s subsystem | sftp_server
             Specifies the SSH2 subsystem or the path for an sftp server on
             the remote host.  A path is useful when the remote sshd(8) does
             not have an sftp subsystem configured.

     -v      Raise logging level.  This option is also passed to ssh.

INTERACTIVE COMMANDS
     Once in interactive mode, sftp understands a set of commands similar to
     those of ftp(1).  Commands are case insensitive.  Pathnames that contain
     spaces must be enclosed in quotes.  Any special characters contained
     within pathnames that are recognized by glob(3) must be escaped with
     backslashes (M-bM-^@M-^X\M-bM-^@M-^Y).

     bye     Quit sftp.

     cd [path]
             Change remote directory to path.  If path is not specified, then
             change directory to the one the session started in.

     chgrp grp path
             Change group of file path to grp.  path may contain glob(3)
             characters and may match multiple files.  grp must be a numeric
             GID.

     chmod mode path
             Change permissions of file path to mode.  path may contain
             glob(3) characters and may match multiple files.

     chown own path
             Change owner of file path to own.  path may contain glob(3)
             characters and may match multiple files.  own must be a numeric
             UID.

     df [-hi] [path]
             Display usage information for the filesystem holding the current
             directory (or path if specified).  If the -h flag is specified,
             the capacity information will be displayed using "human-readable"
             suffixes.  The -i flag requests display of inode information in
             addition to capacity information.  This command is only supported
             on servers that implement the M-bM-^@M-^\statvfs@openssh.comM-bM-^@M-^] extension.

     exit    Quit sftp.

     get [-afPpr] remote-path [local-path]
             Retrieve the remote-path and store it on the local machine.  If
             the local path name is not specified, it is given the same name
             it has on the remote machine.  remote-path may contain glob(3)
             characters and may match multiple files.  If it does and
             local-path is specified, then local-path must specify a
             directory.

             If the -a flag is specified, then attempt to resume partial
             transfers of existing files.  Note that resumption assumes that
             any partial copy of the local file matches the remote copy.  If
             the remote file contents differ from the partial local copy then
             the resultant file is likely to be corrupt.

             If the -f flag is specified, then fsync(2) will be called after
             the file transfer has completed to flush the file to disk.

             If either the -P or -p flag is specified, then full file
             permissions and access times are copied too.

             If the -r flag is specified then directories will be copied
             recursively.  Note that sftp does not follow symbolic links when
             performing recursive transfers.

     help    Display help text.

     lcd [path]
             Change local directory to path.  If path is not specified, then
             change directory to the local user's home directory.

     lls [ls-options [path]]
             Display local directory listing of either path or current
             directory if path is not specified.  ls-options may contain any
             flags supported by the local system's ls(1) command.  path may
             contain glob(3) characters and may match multiple files.

     lmkdir path
             Create local directory specified by path.

     ln [-s] oldpath newpath
             Create a link from oldpath to newpath.  If the -s flag is
             specified the created link is a symbolic link, otherwise it is a
             hard link.

     lpwd    Print local working directory.

     ls [-1afhlnrSt] [path]
             Display a remote directory listing of either path or the current
             directory if path is not specified.  path may contain glob(3)
             characters and may match multiple files.

             The following flags are recognized and alter the behaviour of ls
             accordingly:

             -1      Produce single columnar output.

             -a      List files beginning with a dot (M-bM-^@M-^X.M-bM-^@M-^Y).

             -f      Do not sort the listing.  The default sort order is
                     lexicographical.

             -h      When used with a long format option, use unit suffixes:
                     Byte, Kilobyte, Megabyte, Gigabyte, Terabyte, Petabyte,
                     and Exabyte in order to reduce the number of digits to
                     four or fewer using powers of 2 for sizes (K=1024,
                     M=1048576, etc.).

             -l      Display additional details including permissions and
                     ownership information.

             -n      Produce a long listing with user and group information
                     presented numerically.

             -r      Reverse the sort order of the listing.

             -S      Sort the listing by file size.

             -t      Sort the listing by last modification time.

     lumask umask
             Set local umask to umask.

     mkdir path
             Create remote directory specified by path.

     progress
             Toggle display of progress meter.

     put [-afPpr] local-path [remote-path]
             Upload local-path and store it on the remote machine.  If the
             remote path name is not specified, it is given the same name it
             has on the local machine.  local-path may contain glob(3)
             characters and may match multiple files.  If it does and
             remote-path is specified, then remote-path must specify a
             directory.

             If the -a flag is specified, then attempt to resume partial
             transfers of existing files.  Note that resumption assumes that
             any partial copy of the remote file matches the local copy.  If
             the local file contents differ from the remote local copy then
             the resultant file is likely to be corrupt.

             If the -f flag is specified, then a request will be sent to the
             server to call fsync(2) after the file has been transferred.
             Note that this is only supported by servers that implement the
             "fsync@openssh.com" extension.

             If either the -P or -p flag is specified, then full file
             permissions and access times are copied too.

             If the -r flag is specified then directories will be copied
             recursively.  Note that sftp does not follow symbolic links when
             performing recursive transfers.

     pwd     Display remote working directory.

     quit    Quit sftp.

     reget [-Ppr] remote-path [local-path]
             Resume download of remote-path.  Equivalent to get with the -a
             flag set.

     reput [-Ppr] [local-path] remote-path
             Resume upload of [local-path].  Equivalent to put with the -a
             flag set.

     rename oldpath newpath
             Rename remote file from oldpath to newpath.

     rm path
             Delete remote file specified by path.

     rmdir path
             Remove remote directory specified by path.

     symlink oldpath newpath
             Create a symbolic link from oldpath to newpath.

     version
             Display the sftp protocol version.

     !command
             Execute command in local shell.

     !       Escape to local shell.

     ?       Synonym for help.

SEE ALSO
     ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3),
     ssh_config(5), sftp-server(8), sshd(8)

     T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
     filexfer-00.txt, January 2001, work in progress material.

OpenBSD 6.2                    February 23, 2018                   OpenBSD 6.2