mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-24 00:11:05 +01:00
267 lines
10 KiB
Plaintext
267 lines
10 KiB
Plaintext
SFTP(1) OpenBSD Reference Manual SFTP(1)
|
|
|
|
NAME
|
|
sftp - secure file transfer program
|
|
|
|
SYNOPSIS
|
|
sftp [-1Cv] [-B buffer_size] [-b batchfile] [-F ssh_config]
|
|
[-o ssh_option] [-P sftp_server_path] [-R num_requests] [-S program]
|
|
[-s subsystem | sftp_server] host
|
|
sftp [[user@]host[:file [file]]]
|
|
sftp [[user@]host[:dir[/]]]
|
|
sftp -b batchfile [user@]host
|
|
|
|
DESCRIPTION
|
|
sftp is an interactive file transfer program, similar to ftp(1), which
|
|
performs all operations over an encrypted ssh(1) transport. It may also
|
|
use many features of ssh, such as public key authentication and compres-
|
|
sion. sftp connects and logs into the specified host, then enters an in-
|
|
teractive command mode.
|
|
|
|
The second usage format will retrieve files automatically if a non-inter-
|
|
active authentication method is used; otherwise it will do so after suc-
|
|
cessful interactive authentication.
|
|
|
|
The third usage format allows sftp to start in a remote directory.
|
|
|
|
The final usage format allows for automated sessions using the -b option.
|
|
In such cases, it is necessary to configure non-interactive authentica-
|
|
tion to obviate the need to enter a password at connection time (see
|
|
sshd(8) and ssh-keygen(1) for details). The options are as follows:
|
|
|
|
-1 Specify the use of protocol version 1.
|
|
|
|
-B buffer_size
|
|
Specify the size of the buffer that sftp uses when transferring
|
|
files. Larger buffers require fewer round trips at the cost of
|
|
higher memory consumption. The default is 32768 bytes.
|
|
|
|
-b batchfile
|
|
Batch mode reads a series of commands from an input batchfile in-
|
|
stead of stdin. Since it lacks user interaction it should be
|
|
used in conjunction with non-interactive authentication. A
|
|
batchfile of `-' may be used to indicate standard input. sftp
|
|
will abort if any of the following commands fail: get, put,
|
|
rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp,
|
|
lpwd and lmkdir. Termination on error can be suppressed on a
|
|
command by command basis by prefixing the command with a `-'
|
|
character (for example, -rm /tmp/blah*).
|
|
|
|
-C Enables compression (via ssh's -C flag).
|
|
|
|
-F ssh_config
|
|
Specifies an alternative per-user configuration file for ssh(1).
|
|
This option is directly passed to ssh(1).
|
|
|
|
-o ssh_option
|
|
Can be used to pass options to ssh in the format used in
|
|
ssh_config(5). This is useful for specifying options for which
|
|
there is no separate sftp command-line flag. For example, to
|
|
specify an alternate port use: sftp -oPort=24. For full details
|
|
of the options listed below, and their possible values, see
|
|
ssh_config(5).
|
|
|
|
AddressFamily
|
|
BatchMode
|
|
BindAddress
|
|
ChallengeResponseAuthentication
|
|
CheckHostIP
|
|
Cipher
|
|
Ciphers
|
|
Compression
|
|
CompressionLevel
|
|
ConnectionAttempts
|
|
ConnectTimeout
|
|
ControlMaster
|
|
ControlPath
|
|
GlobalKnownHostsFile
|
|
GSSAPIAuthentication
|
|
GSSAPIDelegateCredentials
|
|
HashKnownHosts
|
|
Host
|
|
HostbasedAuthentication
|
|
HostKeyAlgorithms
|
|
HostKeyAlias
|
|
HostName
|
|
IdentityFile
|
|
IdentitiesOnly
|
|
KbdInteractiveDevices
|
|
LogLevel
|
|
MACs
|
|
NoHostAuthenticationForLocalhost
|
|
NumberOfPasswordPrompts
|
|
PasswordAuthentication
|
|
Port
|
|
PreferredAuthentications
|
|
Protocol
|
|
ProxyCommand
|
|
PubkeyAuthentication
|
|
RekeyLimit
|
|
RhostsRSAAuthentication
|
|
RSAAuthentication
|
|
SendEnv
|
|
ServerAliveInterval
|
|
ServerAliveCountMax
|
|
SmartcardDevice
|
|
StrictHostKeyChecking
|
|
TCPKeepAlive
|
|
UsePrivilegedPort
|
|
User
|
|
UserKnownHostsFile
|
|
VerifyHostKeyDNS
|
|
|
|
-P sftp_server_path
|
|
Connect directly to a local sftp server (rather than via ssh(1)).
|
|
This option may be useful in debugging the client and server.
|
|
|
|
-R num_requests
|
|
Specify how many requests may be outstanding at any one time.
|
|
Increasing this may slightly improve file transfer speed but will
|
|
increase memory usage. The default is 16 outstanding requests.
|
|
|
|
-S program
|
|
Name of the program to use for the encrypted connection. The
|
|
program must understand ssh(1) options.
|
|
|
|
-s subsystem | sftp_server
|
|
Specifies the SSH2 subsystem or the path for an sftp server on
|
|
the remote host. A path is useful for using sftp over protocol
|
|
version 1, or when the remote sshd(8) does not have an sftp sub-
|
|
system configured.
|
|
|
|
-v Raise logging level. This option is also passed to ssh.
|
|
|
|
INTERACTIVE COMMANDS
|
|
Once in interactive mode, sftp understands a set of commands similar to
|
|
those of ftp(1). Commands are case insensitive. Pathnames that contain
|
|
spaces must be enclosed in quotes. Any special characters contained
|
|
within pathnames that are recognized by glob(3) must be escaped with
|
|
backslashes (`\').
|
|
|
|
bye Quit sftp.
|
|
|
|
cd path
|
|
Change remote directory to path.
|
|
|
|
chgrp grp path
|
|
Change group of file path to grp. path may contain glob(3) char-
|
|
acters and may match multiple files. grp must be a numeric GID.
|
|
|
|
chmod mode path
|
|
Change permissions of file path to mode. path may contain
|
|
glob(3) characters and may match multiple files.
|
|
|
|
chown own path
|
|
Change owner of file path to own. path may contain glob(3) char-
|
|
acters and may match multiple files. own must be a numeric UID.
|
|
|
|
exit Quit sftp.
|
|
|
|
get [-P] remote-path [local-path]
|
|
Retrieve the remote-path and store it on the local machine. If
|
|
the local path name is not specified, it is given the same name
|
|
it has on the remote machine. remote-path may contain glob(3)
|
|
characters and may match multiple files. If it does and local-
|
|
path is specified, then local-path must specify a directory. If
|
|
the -P flag is specified, then full file permissions and access
|
|
times are copied too.
|
|
|
|
help Display help text.
|
|
|
|
lcd path
|
|
Change local directory to path.
|
|
|
|
lls [ls-options [path]]
|
|
Display local directory listing of either path or current direc-
|
|
tory if path is not specified. ls-options may contain any flags
|
|
supported by the local system's ls(1) command. path may contain
|
|
glob(3) characters and may match multiple files.
|
|
|
|
lmkdir path
|
|
Create local directory specified by path.
|
|
|
|
ln oldpath newpath
|
|
Create a symbolic link from oldpath to newpath.
|
|
|
|
lpwd Print local working directory.
|
|
|
|
ls [-1aflnrSt] [path]
|
|
Display a remote directory listing of either path or the current
|
|
directory if path is not specified. path may contain glob(3)
|
|
characters and may match multiple files.
|
|
|
|
The following flags are recognized and alter the behaviour of ls
|
|
accordingly:
|
|
|
|
-1 Produce single columnar output.
|
|
|
|
-a List files beginning with a dot (`.').
|
|
|
|
-f Do not sort the listing. The default sort order is lexi-
|
|
cographical.
|
|
|
|
-l Display additional details including permissions and own-
|
|
ership information.
|
|
|
|
-n Produce a long listing with user and group information
|
|
presented numerically.
|
|
|
|
-r Reverse the sort order of the listing.
|
|
|
|
-S Sort the listing by file size.
|
|
|
|
-t Sort the listing by last modification time.
|
|
|
|
lumask umask
|
|
Set local umask to umask.
|
|
|
|
mkdir path
|
|
Create remote directory specified by path.
|
|
|
|
progress
|
|
Toggle display of progress meter.
|
|
|
|
put [-P] local-path [remote-path]
|
|
Upload local-path and store it on the remote machine. If the re-
|
|
mote path name is not specified, it is given the same name it has
|
|
on the local machine. local-path may contain glob(3) characters
|
|
and may match multiple files. If it does and remote-path is
|
|
specified, then remote-path must specify a directory. If the -P
|
|
flag is specified, then the file's full permission and access
|
|
time are copied too.
|
|
|
|
pwd Display remote working directory.
|
|
|
|
quit Quit sftp.
|
|
|
|
rename oldpath newpath
|
|
Rename remote file from oldpath to newpath.
|
|
|
|
rm path
|
|
Delete remote file specified by path.
|
|
|
|
rmdir path
|
|
Remove remote directory specified by path.
|
|
|
|
symlink oldpath newpath
|
|
Create a symbolic link from oldpath to newpath.
|
|
|
|
version
|
|
Display the sftp protocol version.
|
|
|
|
! command
|
|
Execute command in local shell.
|
|
|
|
! Escape to local shell.
|
|
|
|
? Synonym for help.
|
|
|
|
SEE ALSO
|
|
ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3),
|
|
ssh_config(5), sftp-server(8), sshd(8)
|
|
|
|
T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
|
|
filexfer-00.txt, January 2001, work in progress material.
|
|
|
|
OpenBSD 4.3 June 5, 2007 4
|