HardenedBSD/sftp.0
2008-07-23 09:28:49 +00:00

267 lines
10 KiB
Plaintext

SFTP(1) OpenBSD Reference Manual SFTP(1)
NAME
sftp - secure file transfer program
SYNOPSIS
sftp [-1Cv] [-B buffer_size] [-b batchfile] [-F ssh_config]
[-o ssh_option] [-P sftp_server_path] [-R num_requests] [-S program]
[-s subsystem | sftp_server] host
sftp [[user@]host[:file [file]]]
sftp [[user@]host[:dir[/]]]
sftp -b batchfile [user@]host
DESCRIPTION
sftp is an interactive file transfer program, similar to ftp(1), which
performs all operations over an encrypted ssh(1) transport. It may also
use many features of ssh, such as public key authentication and compres-
sion. sftp connects and logs into the specified host, then enters an in-
teractive command mode.
The second usage format will retrieve files automatically if a non-inter-
active authentication method is used; otherwise it will do so after suc-
cessful interactive authentication.
The third usage format allows sftp to start in a remote directory.
The final usage format allows for automated sessions using the -b option.
In such cases, it is necessary to configure non-interactive authentica-
tion to obviate the need to enter a password at connection time (see
sshd(8) and ssh-keygen(1) for details). The options are as follows:
-1 Specify the use of protocol version 1.
-B buffer_size
Specify the size of the buffer that sftp uses when transferring
files. Larger buffers require fewer round trips at the cost of
higher memory consumption. The default is 32768 bytes.
-b batchfile
Batch mode reads a series of commands from an input batchfile in-
stead of stdin. Since it lacks user interaction it should be
used in conjunction with non-interactive authentication. A
batchfile of `-' may be used to indicate standard input. sftp
will abort if any of the following commands fail: get, put,
rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp,
lpwd and lmkdir. Termination on error can be suppressed on a
command by command basis by prefixing the command with a `-'
character (for example, -rm /tmp/blah*).
-C Enables compression (via ssh's -C flag).
-F ssh_config
Specifies an alternative per-user configuration file for ssh(1).
This option is directly passed to ssh(1).
-o ssh_option
Can be used to pass options to ssh in the format used in
ssh_config(5). This is useful for specifying options for which
there is no separate sftp command-line flag. For example, to
specify an alternate port use: sftp -oPort=24. For full details
of the options listed below, and their possible values, see
ssh_config(5).
AddressFamily
BatchMode
BindAddress
ChallengeResponseAuthentication
CheckHostIP
Cipher
Ciphers
Compression
CompressionLevel
ConnectionAttempts
ConnectTimeout
ControlMaster
ControlPath
GlobalKnownHostsFile
GSSAPIAuthentication
GSSAPIDelegateCredentials
HashKnownHosts
Host
HostbasedAuthentication
HostKeyAlgorithms
HostKeyAlias
HostName
IdentityFile
IdentitiesOnly
KbdInteractiveDevices
LogLevel
MACs
NoHostAuthenticationForLocalhost
NumberOfPasswordPrompts
PasswordAuthentication
Port
PreferredAuthentications
Protocol
ProxyCommand
PubkeyAuthentication
RekeyLimit
RhostsRSAAuthentication
RSAAuthentication
SendEnv
ServerAliveInterval
ServerAliveCountMax
SmartcardDevice
StrictHostKeyChecking
TCPKeepAlive
UsePrivilegedPort
User
UserKnownHostsFile
VerifyHostKeyDNS
-P sftp_server_path
Connect directly to a local sftp server (rather than via ssh(1)).
This option may be useful in debugging the client and server.
-R num_requests
Specify how many requests may be outstanding at any one time.
Increasing this may slightly improve file transfer speed but will
increase memory usage. The default is 16 outstanding requests.
-S program
Name of the program to use for the encrypted connection. The
program must understand ssh(1) options.
-s subsystem | sftp_server
Specifies the SSH2 subsystem or the path for an sftp server on
the remote host. A path is useful for using sftp over protocol
version 1, or when the remote sshd(8) does not have an sftp sub-
system configured.
-v Raise logging level. This option is also passed to ssh.
INTERACTIVE COMMANDS
Once in interactive mode, sftp understands a set of commands similar to
those of ftp(1). Commands are case insensitive. Pathnames that contain
spaces must be enclosed in quotes. Any special characters contained
within pathnames that are recognized by glob(3) must be escaped with
backslashes (`\').
bye Quit sftp.
cd path
Change remote directory to path.
chgrp grp path
Change group of file path to grp. path may contain glob(3) char-
acters and may match multiple files. grp must be a numeric GID.
chmod mode path
Change permissions of file path to mode. path may contain
glob(3) characters and may match multiple files.
chown own path
Change owner of file path to own. path may contain glob(3) char-
acters and may match multiple files. own must be a numeric UID.
exit Quit sftp.
get [-P] remote-path [local-path]
Retrieve the remote-path and store it on the local machine. If
the local path name is not specified, it is given the same name
it has on the remote machine. remote-path may contain glob(3)
characters and may match multiple files. If it does and local-
path is specified, then local-path must specify a directory. If
the -P flag is specified, then full file permissions and access
times are copied too.
help Display help text.
lcd path
Change local directory to path.
lls [ls-options [path]]
Display local directory listing of either path or current direc-
tory if path is not specified. ls-options may contain any flags
supported by the local system's ls(1) command. path may contain
glob(3) characters and may match multiple files.
lmkdir path
Create local directory specified by path.
ln oldpath newpath
Create a symbolic link from oldpath to newpath.
lpwd Print local working directory.
ls [-1aflnrSt] [path]
Display a remote directory listing of either path or the current
directory if path is not specified. path may contain glob(3)
characters and may match multiple files.
The following flags are recognized and alter the behaviour of ls
accordingly:
-1 Produce single columnar output.
-a List files beginning with a dot (`.').
-f Do not sort the listing. The default sort order is lexi-
cographical.
-l Display additional details including permissions and own-
ership information.
-n Produce a long listing with user and group information
presented numerically.
-r Reverse the sort order of the listing.
-S Sort the listing by file size.
-t Sort the listing by last modification time.
lumask umask
Set local umask to umask.
mkdir path
Create remote directory specified by path.
progress
Toggle display of progress meter.
put [-P] local-path [remote-path]
Upload local-path and store it on the remote machine. If the re-
mote path name is not specified, it is given the same name it has
on the local machine. local-path may contain glob(3) characters
and may match multiple files. If it does and remote-path is
specified, then remote-path must specify a directory. If the -P
flag is specified, then the file's full permission and access
time are copied too.
pwd Display remote working directory.
quit Quit sftp.
rename oldpath newpath
Rename remote file from oldpath to newpath.
rm path
Delete remote file specified by path.
rmdir path
Remove remote directory specified by path.
symlink oldpath newpath
Create a symbolic link from oldpath to newpath.
version
Display the sftp protocol version.
! command
Execute command in local shell.
! Escape to local shell.
? Synonym for help.
SEE ALSO
ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3),
ssh_config(5), sftp-server(8), sshd(8)
T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
filexfer-00.txt, January 2001, work in progress material.
OpenBSD 4.3 June 5, 2007 4