Annotation of src/usr.bin/ssh/sftp.1, Revision 1.68
1.68 ! djm 1: .\" $OpenBSD: sftp.1,v 1.67 2008/07/15 02:23:14 djm Exp $
1.1 djm 2: .\"
1.9 deraadt 3: .\" Copyright (c) 2001 Damien Miller. All rights reserved.
1.1 djm 4: .\"
5: .\" Redistribution and use in source and binary forms, with or without
6: .\" modification, are permitted provided that the following conditions
7: .\" are met:
8: .\" 1. Redistributions of source code must retain the above copyright
9: .\" notice, this list of conditions and the following disclaimer.
10: .\" 2. Redistributions in binary form must reproduce the above copyright
11: .\" notice, this list of conditions and the following disclaimer in the
12: .\" documentation and/or other materials provided with the distribution.
13: .\"
14: .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15: .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16: .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17: .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18: .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19: .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20: .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21: .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22: .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23: .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24: .\"
1.68 ! djm 25: .Dd $Mdocdate: July 15 2008 $
1.1 djm 26: .Dt SFTP 1
27: .Os
28: .Sh NAME
29: .Nm sftp
1.44 jmc 30: .Nd secure file transfer program
1.1 djm 31: .Sh SYNOPSIS
1.43 jmc 32: .Nm sftp
1.41 jmc 33: .Bk -words
1.46 jmc 34: .Op Fl 1Cv
35: .Op Fl B Ar buffer_size
1.29 markus 36: .Op Fl b Ar batchfile
1.46 jmc 37: .Op Fl F Ar ssh_config
1.29 markus 38: .Op Fl o Ar ssh_option
1.46 jmc 39: .Op Fl P Ar sftp_server_path
1.30 djm 40: .Op Fl R Ar num_requests
1.26 stevesk 41: .Op Fl S Ar program
1.46 jmc 42: .Op Fl s Ar subsystem | sftp_server
1.26 stevesk 43: .Ar host
1.41 jmc 44: .Ek
1.43 jmc 45: .Nm sftp
1.68 ! djm 46: .Oo Ar user Ns @ Oc Ns
! 47: .Ar host Ns Op : Ns Ar
1.43 jmc 48: .Nm sftp
1.68 ! djm 49: .Oo Ar user Ns @ Oc Ns
1.41 jmc 50: .Ar host Ns Oo : Ns Ar dir Ns
1.68 ! djm 51: .Oo Ar / Oc Oc
1.43 jmc 52: .Nm sftp
1.42 djm 53: .Fl b Ar batchfile
1.45 jmc 54: .Oo Ar user Ns @ Oc Ns Ar host
1.1 djm 55: .Sh DESCRIPTION
56: .Nm
57: is an interactive file transfer program, similar to
58: .Xr ftp 1 ,
59: which performs all operations over an encrypted
60: .Xr ssh 1
61: transport.
62: It may also use many features of ssh, such as public key authentication and
63: compression.
64: .Nm
65: connects and logs into the specified
1.18 stevesk 66: .Ar host ,
1.1 djm 67: then enters an interactive command mode.
1.15 mouring 68: .Pp
1.21 itojun 69: The second usage format will retrieve files automatically if a non-interactive
1.18 stevesk 70: authentication method is used; otherwise it will do so after
71: successful interactive authentication.
1.15 mouring 72: .Pp
1.60 jaredy 73: The third usage format allows
74: .Nm
75: to start in a remote directory.
1.1 djm 76: .Pp
1.44 jmc 77: The final usage format allows for automated sessions using the
1.42 djm 78: .Fl b
1.44 jmc 79: option.
1.62 jmc 80: In such cases, it is necessary to configure non-interactive authentication
1.44 jmc 81: to obviate the need to enter a password at connection time (see
1.42 djm 82: .Xr sshd 8
1.43 jmc 83: and
1.42 djm 84: .Xr ssh-keygen 1
1.44 jmc 85: for details).
1.1 djm 86: The options are as follows:
87: .Bl -tag -width Ds
1.46 jmc 88: .It Fl 1
89: Specify the use of protocol version 1.
90: .It Fl B Ar buffer_size
91: Specify the size of the buffer that
92: .Nm
93: uses when transferring files.
94: Larger buffers require fewer round trips at the cost of higher
95: memory consumption.
96: The default is 32768 bytes.
1.10 deraadt 97: .It Fl b Ar batchfile
98: Batch mode reads a series of commands from an input
1.13 stevesk 99: .Ar batchfile
1.10 deraadt 100: instead of
1.13 stevesk 101: .Em stdin .
102: Since it lacks user interaction it should be used in conjunction with
1.51 jmc 103: non-interactive authentication.
1.50 djm 104: A
1.51 jmc 105: .Ar batchfile
106: of
107: .Sq \-
1.50 djm 108: may be used to indicate standard input.
1.13 stevesk 109: .Nm
1.21 itojun 110: will abort if any of the following
111: commands fail:
1.33 deraadt 112: .Ic get , put , rename , ln ,
1.41 jmc 113: .Ic rm , mkdir , chdir , ls ,
1.66 jmc 114: .Ic lchdir , chmod , chown ,
115: .Ic chgrp , lpwd , df ,
1.10 deraadt 116: and
1.13 stevesk 117: .Ic lmkdir .
1.41 jmc 118: Termination on error can be suppressed on a command by command basis by
119: prefixing the command with a
1.51 jmc 120: .Sq \-
1.44 jmc 121: character (for example,
122: .Ic -rm /tmp/blah* ) .
1.46 jmc 123: .It Fl C
124: Enables compression (via ssh's
125: .Fl C
126: flag).
127: .It Fl F Ar ssh_config
128: Specifies an alternative
129: per-user configuration file for
130: .Xr ssh 1 .
131: This option is directly passed to
132: .Xr ssh 1 .
1.1 djm 133: .It Fl o Ar ssh_option
1.23 stevesk 134: Can be used to pass options to
135: .Nm ssh
1.35 stevesk 136: in the format used in
137: .Xr ssh_config 5 .
138: This is useful for specifying options
1.23 stevesk 139: for which there is no separate
140: .Nm sftp
1.44 jmc 141: command-line flag.
142: For example, to specify an alternate port use:
1.26 stevesk 143: .Ic sftp -oPort=24 .
1.46 jmc 144: For full details of the options listed below, and their possible values, see
145: .Xr ssh_config 5 .
146: .Pp
147: .Bl -tag -width Ds -offset indent -compact
148: .It AddressFamily
149: .It BatchMode
150: .It BindAddress
151: .It ChallengeResponseAuthentication
152: .It CheckHostIP
153: .It Cipher
154: .It Ciphers
155: .It Compression
156: .It CompressionLevel
157: .It ConnectionAttempts
1.54 dtucker 158: .It ConnectTimeout
1.55 djm 159: .It ControlMaster
160: .It ControlPath
1.46 jmc 161: .It GlobalKnownHostsFile
162: .It GSSAPIAuthentication
163: .It GSSAPIDelegateCredentials
1.61 jmc 164: .It HashKnownHosts
1.46 jmc 165: .It Host
166: .It HostbasedAuthentication
167: .It HostKeyAlgorithms
168: .It HostKeyAlias
169: .It HostName
170: .It IdentityFile
1.52 markus 171: .It IdentitiesOnly
1.58 djm 172: .It KbdInteractiveDevices
1.46 jmc 173: .It LogLevel
174: .It MACs
175: .It NoHostAuthenticationForLocalhost
176: .It NumberOfPasswordPrompts
177: .It PasswordAuthentication
178: .It Port
179: .It PreferredAuthentications
180: .It Protocol
181: .It ProxyCommand
182: .It PubkeyAuthentication
1.63 dtucker 183: .It RekeyLimit
1.46 jmc 184: .It RhostsRSAAuthentication
185: .It RSAAuthentication
1.53 jmc 186: .It SendEnv
1.49 markus 187: .It ServerAliveInterval
188: .It ServerAliveCountMax
1.46 jmc 189: .It SmartcardDevice
190: .It StrictHostKeyChecking
1.48 markus 191: .It TCPKeepAlive
1.46 jmc 192: .It UsePrivilegedPort
193: .It User
194: .It UserKnownHostsFile
195: .It VerifyHostKeyDNS
196: .El
197: .It Fl P Ar sftp_server_path
1.44 jmc 198: Connect directly to a local sftp server
1.29 markus 199: (rather than via
1.59 jmc 200: .Xr ssh 1 ) .
1.29 markus 201: This option may be useful in debugging the client and server.
1.30 djm 202: .It Fl R Ar num_requests
1.44 jmc 203: Specify how many requests may be outstanding at any one time.
204: Increasing this may slightly improve file transfer speed
205: but will increase memory usage.
1.67 djm 206: The default is 64 outstanding requests.
1.26 stevesk 207: .It Fl S Ar program
208: Name of the
209: .Ar program
210: to use for the encrypted connection.
211: The program must understand
212: .Xr ssh 1
213: options.
1.46 jmc 214: .It Fl s Ar subsystem | sftp_server
215: Specifies the SSH2 subsystem or the path for an sftp server
216: on the remote host.
217: A path is useful for using
218: .Nm
219: over protocol version 1, or when the remote
220: .Xr sshd 8
221: does not have an sftp subsystem configured.
222: .It Fl v
223: Raise logging level.
224: This option is also passed to ssh.
1.1 djm 225: .El
226: .Sh INTERACTIVE COMMANDS
1.2 djm 227: Once in interactive mode,
228: .Nm
1.21 itojun 229: understands a set of commands similar to those of
1.1 djm 230: .Xr ftp 1 .
1.60 jaredy 231: Commands are case insensitive.
232: Pathnames that contain spaces must be enclosed in quotes.
233: Any special characters contained within pathnames that are recognized by
234: .Xr glob 3
235: must be escaped with backslashes
236: .Pq Sq \e .
237: .Bl -tag -width Ds
1.22 markus 238: .It Ic bye
1.44 jmc 239: Quit
240: .Nm sftp .
1.3 deraadt 241: .It Ic cd Ar path
1.21 itojun 242: Change remote directory to
1.3 deraadt 243: .Ar path .
244: .It Ic chgrp Ar grp Ar path
1.21 itojun 245: Change group of file
1.5 stevesk 246: .Ar path
247: to
1.1 djm 248: .Ar grp .
1.60 jaredy 249: .Ar path
250: may contain
251: .Xr glob 3
252: characters and may match multiple files.
1.1 djm 253: .Ar grp
1.5 stevesk 254: must be a numeric GID.
1.3 deraadt 255: .It Ic chmod Ar mode Ar path
1.21 itojun 256: Change permissions of file
1.5 stevesk 257: .Ar path
258: to
1.3 deraadt 259: .Ar mode .
1.60 jaredy 260: .Ar path
261: may contain
262: .Xr glob 3
263: characters and may match multiple files.
1.3 deraadt 264: .It Ic chown Ar own Ar path
1.21 itojun 265: Change owner of file
1.5 stevesk 266: .Ar path
267: to
1.1 djm 268: .Ar own .
1.60 jaredy 269: .Ar path
270: may contain
271: .Xr glob 3
272: characters and may match multiple files.
1.1 djm 273: .Ar own
274: must be a numeric UID.
1.65 djm 275: .It Xo Ic df
276: .Op Fl hi
277: .Op Ar path
278: .Xc
279: Display usage information for the filesystem holding the current directory
280: (or
281: .Ar path
282: if specified).
283: If the
284: .Fl h
285: flag is specified, the capacity information will be displayed using
286: "human-readable" suffixes.
287: The
288: .Fl i
289: flag requests display of inode information in addition to capacity information.
290: This command is only supported on servers that implement the
291: .Dq statvfs@openssh.com
292: extension.
1.11 deraadt 293: .It Ic exit
1.44 jmc 294: Quit
295: .Nm sftp .
1.7 djm 296: .It Xo Ic get
1.60 jaredy 297: .Op Fl P
1.7 djm 298: .Ar remote-path
299: .Op Ar local-path
300: .Xc
1.1 djm 301: Retrieve the
1.5 stevesk 302: .Ar remote-path
1.1 djm 303: and store it on the local machine.
304: If the local
1.21 itojun 305: path name is not specified, it is given the same name it has on the
1.44 jmc 306: remote machine.
1.60 jaredy 307: .Ar remote-path
308: may contain
309: .Xr glob 3
310: characters and may match multiple files.
311: If it does and
312: .Ar local-path
313: is specified, then
314: .Ar local-path
315: must specify a directory.
1.44 jmc 316: If the
1.7 djm 317: .Fl P
1.60 jaredy 318: flag is specified, then full file permissions and access times are
1.7 djm 319: copied too.
1.11 deraadt 320: .It Ic help
321: Display help text.
1.46 jmc 322: .It Ic lcd Ar path
323: Change local directory to
324: .Ar path .
1.3 deraadt 325: .It Ic lls Op Ar ls-options Op Ar path
1.21 itojun 326: Display local directory listing of either
1.1 djm 327: .Ar path
328: or current directory if
329: .Ar path
1.5 stevesk 330: is not specified.
1.60 jaredy 331: .Ar ls-options
332: may contain any flags supported by the local system's
333: .Xr ls 1
334: command.
335: .Ar path
336: may contain
337: .Xr glob 3
338: characters and may match multiple files.
1.3 deraadt 339: .It Ic lmkdir Ar path
1.1 djm 340: Create local directory specified by
1.3 deraadt 341: .Ar path .
1.12 djm 342: .It Ic ln Ar oldpath Ar newpath
1.21 itojun 343: Create a symbolic link from
1.12 djm 344: .Ar oldpath
345: to
346: .Ar newpath .
1.3 deraadt 347: .It Ic lpwd
348: Print local working directory.
1.36 djm 349: .It Xo Ic ls
1.60 jaredy 350: .Op Fl 1aflnrSt
1.36 djm 351: .Op Ar path
352: .Xc
1.60 jaredy 353: Display a remote directory listing of either
1.1 djm 354: .Ar path
1.60 jaredy 355: or the current directory if
1.5 stevesk 356: .Ar path
1.44 jmc 357: is not specified.
1.60 jaredy 358: .Ar path
359: may contain
360: .Xr glob 3
361: characters and may match multiple files.
362: .Pp
363: The following flags are recognized and alter the behaviour of
364: .Ic ls
365: accordingly:
366: .Bl -tag -width Ds
367: .It Fl 1
368: Produce single columnar output.
369: .It Fl a
370: List files beginning with a dot
371: .Pq Sq \&. .
372: .It Fl f
373: Do not sort the listing.
374: The default sort order is lexicographical.
375: .It Fl l
376: Display additional details including permissions
1.36 djm 377: and ownership information.
1.60 jaredy 378: .It Fl n
379: Produce a long listing with user and group information presented
1.56 djm 380: numerically.
1.60 jaredy 381: .It Fl r
382: Reverse the sort order of the listing.
383: .It Fl S
384: Sort the listing by file size.
385: .It Fl t
386: Sort the listing by last modification time.
387: .El
1.3 deraadt 388: .It Ic lumask Ar umask
1.21 itojun 389: Set local umask to
1.3 deraadt 390: .Ar umask .
391: .It Ic mkdir Ar path
1.1 djm 392: Create remote directory specified by
1.3 deraadt 393: .Ar path .
1.40 fgsch 394: .It Ic progress
395: Toggle display of progress meter.
1.7 djm 396: .It Xo Ic put
1.60 jaredy 397: .Op Fl P
1.7 djm 398: .Ar local-path
1.37 djm 399: .Op Ar remote-path
1.7 djm 400: .Xc
1.1 djm 401: Upload
1.5 stevesk 402: .Ar local-path
1.44 jmc 403: and store it on the remote machine.
404: If the remote path name is not specified, it is given the same name it has
405: on the local machine.
1.60 jaredy 406: .Ar local-path
407: may contain
408: .Xr glob 3
409: characters and may match multiple files.
410: If it does and
411: .Ar remote-path
412: is specified, then
413: .Ar remote-path
414: must specify a directory.
1.44 jmc 415: If the
1.7 djm 416: .Fl P
417: flag is specified, then the file's full permission and access time are
418: copied too.
1.3 deraadt 419: .It Ic pwd
420: Display remote working directory.
421: .It Ic quit
1.44 jmc 422: Quit
423: .Nm sftp .
1.3 deraadt 424: .It Ic rename Ar oldpath Ar newpath
1.1 djm 425: Rename remote file from
426: .Ar oldpath
427: to
1.3 deraadt 428: .Ar newpath .
1.46 jmc 429: .It Ic rm Ar path
430: Delete remote file specified by
431: .Ar path .
1.3 deraadt 432: .It Ic rmdir Ar path
1.1 djm 433: Remove remote directory specified by
1.3 deraadt 434: .Ar path .
1.12 djm 435: .It Ic symlink Ar oldpath Ar newpath
1.21 itojun 436: Create a symbolic link from
1.12 djm 437: .Ar oldpath
438: to
439: .Ar newpath .
1.38 fgsch 440: .It Ic version
441: Display the
442: .Nm
443: protocol version.
1.45 jmc 444: .It Ic \&! Ar command
1.21 itojun 445: Execute
1.1 djm 446: .Ar command
1.3 deraadt 447: in local shell.
1.45 jmc 448: .It Ic \&!
1.3 deraadt 449: Escape to local shell.
1.45 jmc 450: .It Ic \&?
1.5 stevesk 451: Synonym for help.
1.4 itojun 452: .El
1.1 djm 453: .Sh SEE ALSO
1.46 jmc 454: .Xr ftp 1 ,
1.60 jaredy 455: .Xr ls 1 ,
1.17 markus 456: .Xr scp 1 ,
1.1 djm 457: .Xr ssh 1 ,
458: .Xr ssh-add 1 ,
459: .Xr ssh-keygen 1 ,
1.60 jaredy 460: .Xr glob 3 ,
1.35 stevesk 461: .Xr ssh_config 5 ,
1.17 markus 462: .Xr sftp-server 8 ,
463: .Xr sshd 8
464: .Rs
1.20 deraadt 465: .%A T. Ylonen
466: .%A S. Lehtinen
1.17 markus 467: .%T "SSH File Transfer Protocol"
468: .%N draft-ietf-secsh-filexfer-00.txt
469: .%D January 2001
470: .%O work in progress material
471: .Re