]>
Commit | Line | Data |
---|---|---|
b68241c3 | 1 | .\" $OpenBSD: sftp.1,v 1.71 2009/08/12 06:31:42 jmc Exp $ |
61e96248 | 2 | .\" |
f3c7c613 | 3 | .\" Copyright (c) 2001 Damien Miller. All rights reserved. |
61e96248 | 4 | .\" |
5 | .\" Redistribution and use in source and binary forms, with or without | |
6 | .\" modification, are permitted provided that the following conditions | |
7 | .\" are met: | |
8 | .\" 1. Redistributions of source code must retain the above copyright | |
9 | .\" notice, this list of conditions and the following disclaimer. | |
10 | .\" 2. Redistributions in binary form must reproduce the above copyright | |
11 | .\" notice, this list of conditions and the following disclaimer in the | |
12 | .\" documentation and/or other materials provided with the distribution. | |
13 | .\" | |
14 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
15 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
16 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
17 | .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
18 | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
19 | .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
20 | .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
21 | .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | |
23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
24 | .\" | |
e473dcd1 | 25 | .Dd $Mdocdate$ |
61e96248 | 26 | .Dt SFTP 1 |
27 | .Os | |
28 | .Sh NAME | |
29 | .Nm sftp | |
bd47824b | 30 | .Nd secure file transfer program |
61e96248 | 31 | .Sh SYNOPSIS |
72c5fe79 | 32 | .Nm sftp |
a4e5acef | 33 | .Bk -words |
3496b8d4 | 34 | .Op Fl 1246Cqv |
7d5e8c46 | 35 | .Op Fl B Ar buffer_size |
433e60ac | 36 | .Op Fl b Ar batchfile |
3496b8d4 | 37 | .Op Fl c Ar cipher |
7d5e8c46 | 38 | .Op Fl F Ar ssh_config |
3496b8d4 | 39 | .Op Fl i Ar identity_path |
433e60ac | 40 | .Op Fl o Ar ssh_option |
41 | .Op Fl P Ar sftp_server_path | |
c25d3df7 | 42 | .Op Fl R Ar num_requests |
e3c1c3e6 | 43 | .Op Fl S Ar program |
433e60ac | 44 | .Op Fl s Ar subsystem | sftp_server |
e3c1c3e6 | 45 | .Ar host |
a4e5acef | 46 | .Ek |
72c5fe79 | 47 | .Nm sftp |
83cd8c39 | 48 | .Oo Ar user Ns @ Oc Ns |
49 | .Ar host Ns Op : Ns Ar | |
72c5fe79 | 50 | .Nm sftp |
83cd8c39 | 51 | .Oo Ar user Ns @ Oc Ns |
a4e5acef | 52 | .Ar host Ns Oo : Ns Ar dir Ns |
d3cd4016 | 53 | .Op Ar / Oc |
72c5fe79 | 54 | .Nm sftp |
81466908 | 55 | .Fl b Ar batchfile |
d0445371 | 56 | .Oo Ar user Ns @ Oc Ns Ar host |
61e96248 | 57 | .Sh DESCRIPTION |
58 | .Nm | |
59 | is an interactive file transfer program, similar to | |
60 | .Xr ftp 1 , | |
61 | which performs all operations over an encrypted | |
62 | .Xr ssh 1 | |
63 | transport. | |
64 | It may also use many features of ssh, such as public key authentication and | |
65 | compression. | |
66 | .Nm | |
67 | connects and logs into the specified | |
cf7ff074 | 68 | .Ar host , |
61e96248 | 69 | then enters an interactive command mode. |
70 | .Pp | |
3730bb22 | 71 | The second usage format will retrieve files automatically if a non-interactive |
cf7ff074 | 72 | authentication method is used; otherwise it will do so after |
73 | successful interactive authentication. | |
edeeab1e | 74 | .Pp |
f9d52dd1 | 75 | The third usage format allows |
76 | .Nm | |
77 | to start in a remote directory. | |
edeeab1e | 78 | .Pp |
bd47824b | 79 | The final usage format allows for automated sessions using the |
81466908 | 80 | .Fl b |
bd47824b | 81 | option. |
3da242db | 82 | In such cases, it is necessary to configure non-interactive authentication |
bd47824b | 83 | to obviate the need to enter a password at connection time (see |
81466908 | 84 | .Xr sshd 8 |
72c5fe79 | 85 | and |
81466908 | 86 | .Xr ssh-keygen 1 |
bd47824b | 87 | for details). |
61e96248 | 88 | The options are as follows: |
89 | .Bl -tag -width Ds | |
433e60ac | 90 | .It Fl 1 |
91 | Specify the use of protocol version 1. | |
3496b8d4 | 92 | .It Fl 2 |
93 | Specify the use of protocol version 2. | |
94 | .It Fl 4 | |
95 | Forces | |
96 | .Nm | |
97 | to use IPv4 addresses only. | |
98 | .It Fl 6 | |
99 | Forces | |
100 | .Nm | |
101 | to use IPv6 addresses only. | |
433e60ac | 102 | .It Fl B Ar buffer_size |
103 | Specify the size of the buffer that | |
104 | .Nm | |
105 | uses when transferring files. | |
106 | Larger buffers require fewer round trips at the cost of higher | |
107 | memory consumption. | |
108 | The default is 32768 bytes. | |
a5ec8a3d | 109 | .It Fl b Ar batchfile |
110 | Batch mode reads a series of commands from an input | |
acf06a60 | 111 | .Ar batchfile |
a5ec8a3d | 112 | instead of |
acf06a60 | 113 | .Em stdin . |
114 | Since it lacks user interaction it should be used in conjunction with | |
f74de0d7 | 115 | non-interactive authentication. |
a8b64bb8 | 116 | A |
f74de0d7 | 117 | .Ar batchfile |
118 | of | |
119 | .Sq \- | |
a8b64bb8 | 120 | may be used to indicate standard input. |
acf06a60 | 121 | .Nm |
3730bb22 | 122 | will abort if any of the following |
123 | commands fail: | |
7e35f994 | 124 | .Ic get , put , rename , ln , |
a4e5acef | 125 | .Ic rm , mkdir , chdir , ls , |
ea530517 | 126 | .Ic lchdir , chmod , chown , |
127 | .Ic chgrp , lpwd , df , | |
a5ec8a3d | 128 | and |
acf06a60 | 129 | .Ic lmkdir . |
a4e5acef | 130 | Termination on error can be suppressed on a command by command basis by |
131 | prefixing the command with a | |
f74de0d7 | 132 | .Sq \- |
bd47824b | 133 | character (for example, |
134 | .Ic -rm /tmp/blah* ) . | |
433e60ac | 135 | .It Fl C |
136 | Enables compression (via ssh's | |
137 | .Fl C | |
138 | flag). | |
b68241c3 | 139 | .It Fl c Ar cipher |
140 | Selects the cipher to use for encrypting the data transfers. | |
141 | This option is directly passed to | |
142 | .Xr ssh 1 . | |
433e60ac | 143 | .It Fl F Ar ssh_config |
144 | Specifies an alternative | |
145 | per-user configuration file for | |
146 | .Xr ssh 1 . | |
147 | This option is directly passed to | |
148 | .Xr ssh 1 . | |
3496b8d4 | 149 | .It Fl i Ar identity_file |
150 | Selects the file from which the identity (private key) for public key | |
151 | authentication is read. | |
152 | This option is directly passed to | |
153 | .Xr ssh 1 . | |
61e96248 | 154 | .It Fl o Ar ssh_option |
38539909 | 155 | Can be used to pass options to |
156 | .Nm ssh | |
c21a7c4a | 157 | in the format used in |
158 | .Xr ssh_config 5 . | |
159 | This is useful for specifying options | |
38539909 | 160 | for which there is no separate |
161 | .Nm sftp | |
bd47824b | 162 | command-line flag. |
163 | For example, to specify an alternate port use: | |
e3c1c3e6 | 164 | .Ic sftp -oPort=24 . |
433e60ac | 165 | For full details of the options listed below, and their possible values, see |
166 | .Xr ssh_config 5 . | |
167 | .Pp | |
168 | .Bl -tag -width Ds -offset indent -compact | |
169 | .It AddressFamily | |
170 | .It BatchMode | |
171 | .It BindAddress | |
172 | .It ChallengeResponseAuthentication | |
173 | .It CheckHostIP | |
174 | .It Cipher | |
175 | .It Ciphers | |
433e60ac | 176 | .It Compression |
177 | .It CompressionLevel | |
178 | .It ConnectionAttempts | |
927fcba2 | 179 | .It ConnectTimeout |
5e96b616 | 180 | .It ControlMaster |
181 | .It ControlPath | |
433e60ac | 182 | .It GlobalKnownHostsFile |
183 | .It GSSAPIAuthentication | |
184 | .It GSSAPIDelegateCredentials | |
ba9d1100 | 185 | .It HashKnownHosts |
433e60ac | 186 | .It Host |
187 | .It HostbasedAuthentication | |
188 | .It HostKeyAlgorithms | |
189 | .It HostKeyAlias | |
190 | .It HostName | |
191 | .It IdentityFile | |
3a065ed0 | 192 | .It IdentitiesOnly |
396070f8 | 193 | .It KbdInteractiveDevices |
433e60ac | 194 | .It LogLevel |
195 | .It MACs | |
196 | .It NoHostAuthenticationForLocalhost | |
197 | .It NumberOfPasswordPrompts | |
198 | .It PasswordAuthentication | |
199 | .It Port | |
200 | .It PreferredAuthentications | |
201 | .It Protocol | |
202 | .It ProxyCommand | |
203 | .It PubkeyAuthentication | |
db175906 | 204 | .It RekeyLimit |
433e60ac | 205 | .It RhostsRSAAuthentication |
206 | .It RSAAuthentication | |
8e99a198 | 207 | .It SendEnv |
5d8d32a3 | 208 | .It ServerAliveInterval |
209 | .It ServerAliveCountMax | |
433e60ac | 210 | .It SmartcardDevice |
211 | .It StrictHostKeyChecking | |
fd573618 | 212 | .It TCPKeepAlive |
433e60ac | 213 | .It UsePrivilegedPort |
214 | .It User | |
215 | .It UserKnownHostsFile | |
216 | .It VerifyHostKeyDNS | |
433e60ac | 217 | .El |
218 | .It Fl P Ar sftp_server_path | |
bd47824b | 219 | Connect directly to a local sftp server |
7d5e8c46 | 220 | (rather than via |
281cf948 | 221 | .Xr ssh 1 ) . |
7d5e8c46 | 222 | This option may be useful in debugging the client and server. |
3496b8d4 | 223 | .It Fl q |
224 | Quiet mode: disables the progress meter as well as warning and | |
225 | diagnostic messages from | |
226 | .Xr ssh 1 . | |
c25d3df7 | 227 | .It Fl R Ar num_requests |
bd47824b | 228 | Specify how many requests may be outstanding at any one time. |
229 | Increasing this may slightly improve file transfer speed | |
230 | but will increase memory usage. | |
b8c9ea19 | 231 | The default is 64 outstanding requests. |
e3c1c3e6 | 232 | .It Fl S Ar program |
233 | Name of the | |
234 | .Ar program | |
235 | to use for the encrypted connection. | |
236 | The program must understand | |
237 | .Xr ssh 1 | |
238 | options. | |
433e60ac | 239 | .It Fl s Ar subsystem | sftp_server |
240 | Specifies the SSH2 subsystem or the path for an sftp server | |
241 | on the remote host. | |
242 | A path is useful for using | |
243 | .Nm | |
244 | over protocol version 1, or when the remote | |
245 | .Xr sshd 8 | |
246 | does not have an sftp subsystem configured. | |
247 | .It Fl v | |
248 | Raise logging level. | |
249 | This option is also passed to ssh. | |
61e96248 | 250 | .El |
251 | .Sh INTERACTIVE COMMANDS | |
0426a3b4 | 252 | Once in interactive mode, |
253 | .Nm | |
3730bb22 | 254 | understands a set of commands similar to those of |
61e96248 | 255 | .Xr ftp 1 . |
f9d52dd1 | 256 | Commands are case insensitive. |
257 | Pathnames that contain spaces must be enclosed in quotes. | |
258 | Any special characters contained within pathnames that are recognized by | |
259 | .Xr glob 3 | |
260 | must be escaped with backslashes | |
261 | .Pq Sq \e . | |
262 | .Bl -tag -width Ds | |
68874d2b | 263 | .It Ic bye |
bd47824b | 264 | Quit |
265 | .Nm sftp . | |
0426a3b4 | 266 | .It Ic cd Ar path |
3730bb22 | 267 | Change remote directory to |
0426a3b4 | 268 | .Ar path . |
0426a3b4 | 269 | .It Ic chgrp Ar grp Ar path |
3730bb22 | 270 | Change group of file |
0426a3b4 | 271 | .Ar path |
272 | to | |
61e96248 | 273 | .Ar grp . |
f9d52dd1 | 274 | .Ar path |
275 | may contain | |
276 | .Xr glob 3 | |
277 | characters and may match multiple files. | |
61e96248 | 278 | .Ar grp |
0426a3b4 | 279 | must be a numeric GID. |
280 | .It Ic chmod Ar mode Ar path | |
3730bb22 | 281 | Change permissions of file |
0426a3b4 | 282 | .Ar path |
283 | to | |
284 | .Ar mode . | |
f9d52dd1 | 285 | .Ar path |
286 | may contain | |
287 | .Xr glob 3 | |
288 | characters and may match multiple files. | |
0426a3b4 | 289 | .It Ic chown Ar own Ar path |
3730bb22 | 290 | Change owner of file |
0426a3b4 | 291 | .Ar path |
292 | to | |
61e96248 | 293 | .Ar own . |
f9d52dd1 | 294 | .Ar path |
295 | may contain | |
296 | .Xr glob 3 | |
297 | characters and may match multiple files. | |
61e96248 | 298 | .Ar own |
299 | must be a numeric UID. | |
360b43ab | 300 | .It Xo Ic df |
301 | .Op Fl hi | |
302 | .Op Ar path | |
303 | .Xc | |
304 | Display usage information for the filesystem holding the current directory | |
305 | (or | |
306 | .Ar path | |
307 | if specified). | |
308 | If the | |
309 | .Fl h | |
310 | flag is specified, the capacity information will be displayed using | |
311 | "human-readable" suffixes. | |
312 | The | |
313 | .Fl i | |
314 | flag requests display of inode information in addition to capacity information. | |
315 | This command is only supported on servers that implement the | |
316 | .Dq statvfs@openssh.com | |
317 | extension. | |
17910dce | 318 | .It Ic exit |
bd47824b | 319 | Quit |
320 | .Nm sftp . | |
58c54a79 | 321 | .It Xo Ic get |
f9d52dd1 | 322 | .Op Fl P |
58c54a79 | 323 | .Ar remote-path |
324 | .Op Ar local-path | |
325 | .Xc | |
61e96248 | 326 | Retrieve the |
0426a3b4 | 327 | .Ar remote-path |
61e96248 | 328 | and store it on the local machine. |
329 | If the local | |
3730bb22 | 330 | path name is not specified, it is given the same name it has on the |
bd47824b | 331 | remote machine. |
f9d52dd1 | 332 | .Ar remote-path |
333 | may contain | |
334 | .Xr glob 3 | |
335 | characters and may match multiple files. | |
336 | If it does and | |
337 | .Ar local-path | |
338 | is specified, then | |
339 | .Ar local-path | |
340 | must specify a directory. | |
bd47824b | 341 | If the |
58c54a79 | 342 | .Fl P |
f9d52dd1 | 343 | flag is specified, then full file permissions and access times are |
58c54a79 | 344 | copied too. |
17910dce | 345 | .It Ic help |
346 | Display help text. | |
433e60ac | 347 | .It Ic lcd Ar path |
348 | Change local directory to | |
349 | .Ar path . | |
0426a3b4 | 350 | .It Ic lls Op Ar ls-options Op Ar path |
3730bb22 | 351 | Display local directory listing of either |
61e96248 | 352 | .Ar path |
353 | or current directory if | |
354 | .Ar path | |
0426a3b4 | 355 | is not specified. |
f9d52dd1 | 356 | .Ar ls-options |
357 | may contain any flags supported by the local system's | |
358 | .Xr ls 1 | |
359 | command. | |
360 | .Ar path | |
361 | may contain | |
362 | .Xr glob 3 | |
363 | characters and may match multiple files. | |
0426a3b4 | 364 | .It Ic lmkdir Ar path |
61e96248 | 365 | Create local directory specified by |
0426a3b4 | 366 | .Ar path . |
3a7fe5ba | 367 | .It Ic ln Ar oldpath Ar newpath |
3730bb22 | 368 | Create a symbolic link from |
3a7fe5ba | 369 | .Ar oldpath |
370 | to | |
371 | .Ar newpath . | |
0426a3b4 | 372 | .It Ic lpwd |
373 | Print local working directory. | |
00b3ad3e | 374 | .It Xo Ic ls |
f9d52dd1 | 375 | .Op Fl 1aflnrSt |
00b3ad3e | 376 | .Op Ar path |
377 | .Xc | |
f9d52dd1 | 378 | Display a remote directory listing of either |
61e96248 | 379 | .Ar path |
f9d52dd1 | 380 | or the current directory if |
0426a3b4 | 381 | .Ar path |
bd47824b | 382 | is not specified. |
f9d52dd1 | 383 | .Ar path |
384 | may contain | |
385 | .Xr glob 3 | |
386 | characters and may match multiple files. | |
c4c84934 | 387 | .Pp |
f9d52dd1 | 388 | The following flags are recognized and alter the behaviour of |
c4c84934 | 389 | .Ic ls |
f9d52dd1 | 390 | accordingly: |
391 | .Bl -tag -width Ds | |
392 | .It Fl 1 | |
393 | Produce single columnar output. | |
394 | .It Fl a | |
395 | List files beginning with a dot | |
396 | .Pq Sq \&. . | |
397 | .It Fl f | |
398 | Do not sort the listing. | |
399 | The default sort order is lexicographical. | |
400 | .It Fl l | |
401 | Display additional details including permissions | |
402 | and ownership information. | |
403 | .It Fl n | |
404 | Produce a long listing with user and group information presented | |
405 | numerically. | |
406 | .It Fl r | |
407 | Reverse the sort order of the listing. | |
408 | .It Fl S | |
409 | Sort the listing by file size. | |
410 | .It Fl t | |
411 | Sort the listing by last modification time. | |
412 | .El | |
0426a3b4 | 413 | .It Ic lumask Ar umask |
3730bb22 | 414 | Set local umask to |
0426a3b4 | 415 | .Ar umask . |
416 | .It Ic mkdir Ar path | |
61e96248 | 417 | Create remote directory specified by |
0426a3b4 | 418 | .Ar path . |
b65c3807 | 419 | .It Ic progress |
420 | Toggle display of progress meter. | |
58c54a79 | 421 | .It Xo Ic put |
f9d52dd1 | 422 | .Op Fl P |
58c54a79 | 423 | .Ar local-path |
2ea16b0b | 424 | .Op Ar remote-path |
58c54a79 | 425 | .Xc |
61e96248 | 426 | Upload |
0426a3b4 | 427 | .Ar local-path |
bd47824b | 428 | and store it on the remote machine. |
429 | If the remote path name is not specified, it is given the same name it has | |
430 | on the local machine. | |
f9d52dd1 | 431 | .Ar local-path |
432 | may contain | |
433 | .Xr glob 3 | |
434 | characters and may match multiple files. | |
435 | If it does and | |
436 | .Ar remote-path | |
437 | is specified, then | |
438 | .Ar remote-path | |
439 | must specify a directory. | |
bd47824b | 440 | If the |
58c54a79 | 441 | .Fl P |
442 | flag is specified, then the file's full permission and access time are | |
443 | copied too. | |
0426a3b4 | 444 | .It Ic pwd |
445 | Display remote working directory. | |
0426a3b4 | 446 | .It Ic quit |
bd47824b | 447 | Quit |
448 | .Nm sftp . | |
0426a3b4 | 449 | .It Ic rename Ar oldpath Ar newpath |
61e96248 | 450 | Rename remote file from |
451 | .Ar oldpath | |
452 | to | |
0426a3b4 | 453 | .Ar newpath . |
0426a3b4 | 454 | .It Ic rm Ar path |
61e96248 | 455 | Delete remote file specified by |
0426a3b4 | 456 | .Ar path . |
433e60ac | 457 | .It Ic rmdir Ar path |
458 | Remove remote directory specified by | |
459 | .Ar path . | |
3a7fe5ba | 460 | .It Ic symlink Ar oldpath Ar newpath |
3730bb22 | 461 | Create a symbolic link from |
3a7fe5ba | 462 | .Ar oldpath |
463 | to | |
464 | .Ar newpath . | |
048ff12c | 465 | .It Ic version |
466 | Display the | |
467 | .Nm | |
468 | protocol version. | |
d3cd4016 | 469 | .It Ic \&! Ns Ar command |
3730bb22 | 470 | Execute |
61e96248 | 471 | .Ar command |
0426a3b4 | 472 | in local shell. |
d0445371 | 473 | .It Ic \&! |
0426a3b4 | 474 | Escape to local shell. |
d0445371 | 475 | .It Ic \&? |
0426a3b4 | 476 | Synonym for help. |
477 | .El | |
61e96248 | 478 | .Sh SEE ALSO |
433e60ac | 479 | .Xr ftp 1 , |
f9d52dd1 | 480 | .Xr ls 1 , |
2cad6cef | 481 | .Xr scp 1 , |
61e96248 | 482 | .Xr ssh 1 , |
483 | .Xr ssh-add 1 , | |
484 | .Xr ssh-keygen 1 , | |
f9d52dd1 | 485 | .Xr glob 3 , |
c21a7c4a | 486 | .Xr ssh_config 5 , |
2cad6cef | 487 | .Xr sftp-server 8 , |
488 | .Xr sshd 8 | |
489 | .Rs | |
7b518233 | 490 | .%A T. Ylonen |
491 | .%A S. Lehtinen | |
2cad6cef | 492 | .%T "SSH File Transfer Protocol" |
493 | .%N draft-ietf-secsh-filexfer-00.txt | |
494 | .%D January 2001 | |
495 | .%O work in progress material | |
496 | .Re |