Secure File Transfer Protocol (SFTP): Your Ultimate Guide to Securely Transfer Files

Want a secure way to transfer files? Learn how to use SFTP, the Secure File Transfer Protocol, to protect your data while transferring files to and from a remote server. This guide provides actionable steps and examples to maximize your data security.

What is SFTP and Why Should You Use It?

FTP (File Transfer Protocol) is outdated and insecure. SFTP (Secure File Transfer Protocol) offers a secure alternative. SFTP uses SSH for authentication and secure connection, making it ideal for safeguarding your data during file transfers.

In a nutshell, SFTP is better due to its built-in security features. Learn how to use SFTP effectively by understanding its command-line interface—often the most direct and powerful way to interact with remote servers.

Connecting to a Remote Server with SFTP

SFTP leverages SSH for secure connections. You can use passwords, but using SSH keys is highly recommended for increased security.

Generate SSH Keys: Create a pair of cryptographic keys.
Transfer Public Key: Copy to the server so that you want to access.
Disable Password Authentication: Enhance security by only allowing key-based authentication.

Once you've configured SSH keys, connect to your server with this command:

ssh sammy@your_server_ip_or_remote_hostname

If that works, you’re ready to start using SFTP using this command:

sftp sammy@your_server_ip_or_remote_hostname

For custom SSH ports, use:

sftp -oPort=custom_port sammy@your_server_ip_or_remote_hostname

Quick Tip

Prioritize SSH keys for enhanced security. Managing keys is a one-time setup that significantly reduces the risk of unauthorized access.

SFTP Quick Command Guide

Typing help or ? after connecting opens the door to understanding the commands available. Get a summary of available commands:

help

The commands that are displayed help manage files and directories securely. Read on to grasp how to navigate, upload, and download with SFTP.

Navigating the Remote File System with SFTP

Navigating with SFTP is similar to using a terminal. The commands include:

pwd: Show the current directory.
ls: List files in the current directory.
cd: Change directory.

For example:

pwd

ls -la

cd testDirectory

These commands function as their counterparts in the shell making it easy to transition to the secure file transfer protocol.

Navigating the Local File System with SFTP

SFTP also allows local navigation using similar commands prefixed with l:

lpwd: Show the local current directory.
lls: List local files.
lcd: Change local directory.

Use these local commands to manage files while using SFTP to transfer with a remote server.

lpwd

lls

lcd Desktop

Quick Tip

Mix local (l*) and remote commands freely to manage file locations seamlessly during your SFTP session.

Transferring Files with SFTP

The get and put commands transfer files.

get remoteFile: Downloads a file from the remote server to your local machine, keeping the name.
put localFile: Uploads a file from your local machine to the remote server, also keeping the name.

Use the -r flag for recursive operations on directories.

get remoteFile localFile

get -r someDirectory

put localFile

Maintaining Permissions

The -P or -p flags preserve permissions and access times during transfers.

get -Pr someDirectory

Perform Disk Checks

Use the df -h command to check disk space on the remote server.

df -h

To check local disk space, use the ! command to drop into a local shell:

followed by

df -h

After checking disk space, exit the local shell to return to the SFTP session:

exit

Basic File Manipulation

SFTP includes commands for basic file manipulation:

chown userID file: Change the owner of a file.
chgrp groupID file: Change the group of a file.
chmod 777 publicFile: Change permissions of a file.
lumask 022: Set the local umask

chown userID file

chgrp groupID file

chmod 777 publicFile

SFTP requires UIDs and GIDs instead of usernames and group names.

Displaying Username and Group ID Workaround

SFTP doesn't directly provide a way to look up user IDs and group IDs. To find valid IDs, read the /etc/passwd and /etc/group files which you can access using these commands:

get /etc/passwd
!less passwd

get /etc/group
!less group

The UID is in the third, and the GID in the fourth column respectively.

More commands that you can perform include:

ln: create symbolic links
rm: remove files
rmdir: remove directories

Ending the SFTP Session

To disconnect, use the bye or exit command:

bye

exit

SFTP: A Secure File Transfer Alternative

SFTP provides a secure, command-line interface useful in environments that require secure file transfers, especially when integrating compatibility with legacy systems is crucial. For limiting user functionality in various environments, SFTP is a robust tool.

Consider SFTP when FTP or SCP protocols do not meet your security standards. It's not just an alternative; it's an upgrade.

Secure File Transfer Protocol (SFTP): Your Ultimate Guide to Securely Transfer Files

What is SFTP and Why Should You Use It?

Connecting to a Remote Server with SFTP

SFTP leverages SSH for secure connections. You can use passwords, but using SSH keys is highly recommended for increased security.

Generate SSH Keys: Create a pair of cryptographic keys.
Transfer Public Key: Copy to the server so that you want to access.
Disable Password Authentication: Enhance security by only allowing key-based authentication.

Once you've configured SSH keys, connect to your server with this command:

ssh sammy@your_server_ip_or_remote_hostname

If that works, you’re ready to start using SFTP using this command:

sftp sammy@your_server_ip_or_remote_hostname

For custom SSH ports, use:

sftp -oPort=custom_port sammy@your_server_ip_or_remote_hostname

Quick Tip

Prioritize SSH keys for enhanced security. Managing keys is a one-time setup that significantly reduces the risk of unauthorized access.

SFTP Quick Command Guide

Typing help or ? after connecting opens the door to understanding the commands available. Get a summary of available commands:

help

The commands that are displayed help manage files and directories securely. Read on to grasp how to navigate, upload, and download with SFTP.

Navigating the Remote File System with SFTP

Navigating with SFTP is similar to using a terminal. The commands include:

pwd: Show the current directory.
ls: List files in the current directory.
cd: Change directory.

For example:

pwd

ls -la

cd testDirectory

These commands function as their counterparts in the shell making it easy to transition to the secure file transfer protocol.

Navigating the Local File System with SFTP

SFTP also allows local navigation using similar commands prefixed with l:

lpwd: Show the local current directory.
lls: List local files.
lcd: Change local directory.

Use these local commands to manage files while using SFTP to transfer with a remote server.

lpwd

lls

lcd Desktop

Quick Tip

Mix local (l*) and remote commands freely to manage file locations seamlessly during your SFTP session.

Transferring Files with SFTP

The get and put commands transfer files.

get remoteFile: Downloads a file from the remote server to your local machine, keeping the name.
put localFile: Uploads a file from your local machine to the remote server, also keeping the name.

Use the -r flag for recursive operations on directories.

get remoteFile localFile

get -r someDirectory

put localFile

Maintaining Permissions

The -P or -p flags preserve permissions and access times during transfers.

get -Pr someDirectory

Perform Disk Checks

Use the df -h command to check disk space on the remote server.

df -h

To check local disk space, use the ! command to drop into a local shell:

followed by

df -h

After checking disk space, exit the local shell to return to the SFTP session:

exit

Basic File Manipulation

SFTP includes commands for basic file manipulation:

chown userID file: Change the owner of a file.
chgrp groupID file: Change the group of a file.
chmod 777 publicFile: Change permissions of a file.
lumask 022: Set the local umask

chown userID file

chgrp groupID file

chmod 777 publicFile

SFTP requires UIDs and GIDs instead of usernames and group names.

Displaying Username and Group ID Workaround

SFTP doesn't directly provide a way to look up user IDs and group IDs. To find valid IDs, read the /etc/passwd and /etc/group files which you can access using these commands: