FTP, the File Transfer Protocol, was a popular, unencrypted method of transferring files between two remote systems. As of 2022, it has been deprecated by most modern software due to a lack of security, and can mostly only be used in legacy applications.
SFTP, which stands for Secure File Transfer Protocol, is a separate protocol packaged built into SSH that can implement FTP commands over a secure connection. Typically, it can act as a drop-in replacement in any contexts where an FTP server is still needed.
In almost all cases, SFTP is preferable to FTP because of its underlying security features and ability to piggy-back on an SSH connection. FTP is an insecure protocol that should only be used in limited cases or on networks you trust.
Although SFTP is integrated into many graphical tools, this guide will demonstrate how to use it through its interactive command line interface.
By default, SFTP uses the SSH protocol to authenticate and establish a secure connection. Because of this, the same authentication methods are available that are present in SSH.
Although you can authenticate with passwords by default, we recommend you create SSH keys and transfer your public key to any system that you need to access. This is much more secure and can save you time in the long run.
Please see this guide to set up SSH keys in order to access your server if you have not done so already.
If you can connect to the machine using SSH, then you have completed all of the necessary requirements necessary to use SFTP to manage files. Test SSH access with the following command:
If that works, exit back out by typing:
Now we can establish an SFTP session by issuing the following command:
You will connect the the remote system and your prompt will change to an SFTP prompt.
If you are working on a custom SSH port (not the default port 22), then you can open an SFTP session as follows:
This will connect you to the remote system by way of your specified port.
The most useful command to learn first is the help command. This gives you access to a summary of the other SFTP commands. You can call it by typing either of these in the prompt:
or
This will display a list of the available commands:
OutputAvailable commands:
bye Quit sftp
cd path Change remote directory to 'path'
chgrp grp path Change group of file 'path' to 'grp'
chmod mode path Change permissions of file 'path' to 'mode'
chown own path Change owner of file 'path' to 'own'
df [-hi] [path] Display statistics for current directory or
filesystem containing 'path'
exit Quit sftp
get [-Ppr] remote [local] Download file
help Display this help text
lcd path Change local directory to 'path'
. . .
We will explore some of the commands you see in the following sections.
We can navigate through the remote system’s file hierarchy using a number of commands that function similarly to their shell counterparts.
First, let’s orient ourselves by finding out which directory we are in currently on the remote system. Just like in a typical shell session, we can type the following to get the current directory:
OutputRemote working directory: /home/demouser
We can view the contents of the current directory of the remote system with another familiar command:
OutputSummary.txt info.html temp.txt testDirectory
Note that the commands available within the SFTP interface are not a 1:1 match for typical shell syntax and are not as feature-rich. However, they do implement some of the more important optional flags, such as adding -la
to ls
to view more file metadata and permissions:
Outputdrwxr-xr-x 5 demouser demouser 4096 Aug 13 15:11 .
drwxr-xr-x 3 root root 4096 Aug 13 15:02 ..
-rw------- 1 demouser demouser 5 Aug 13 15:04 .bash_history
-rw-r--r-- 1 demouser demouser 220 Aug 13 15:02 .bash_logout
-rw-r--r-- 1 demouser demouser 3486 Aug 13 15:02 .bashrc
drwx------ 2 demouser demouser 4096 Aug 13 15:04 .cache
-rw-r--r-- 1 demouser demouser 675 Aug 13 15:02 .profile
. . .
To get to another directory, we can issue this command:
We can now traverse the remote file system, but what if we need to access our local file system? We can direct commands towards the local file system by preceding them with an l
for local.
All of the commands discussed so far have local equivalents. We can print the local working directory:
OutputLocal working directory: /Users/demouser
We can list the contents of the current directory on the local machine:
OutputDesktop local.txt test.html
Documents analysis.rtf zebra.html
We can also change the directory we want to interact with on the local system:
If we want to download files from our remote host, we can do so using the get
command:
OutputFetching /home/demouser/remoteFile to remoteFile
/home/demouser/remoteFile 100% 37KB 36.8KB/s 00:01
As you can see, by default, the get
command downloads a remote file to a file with the same name on the local file system.
We can copy the remote file to a different name by specifying the name afterwards:
The get
command also accepts some option flags. For instance, we can copy a directory and all of its contents by specifying the recursive option:
We can tell SFTP to maintain the appropriate permissions and access times by using the -P
or -p
flag:
Transferring files to the remote system works the same way, but with a put
command:
OutputUploading localFile to /home/demouser/localFile
localFile 100% 7607 7.4KB/s 00:00
The same flags that work with get
apply to put
. So to copy an entire local directory, you can run put -r
:
One familiar tool that is useful when downloading and uploading files is the df
command, which works similarly to the command line version. Using this, you can check that you have enough space to complete the transfers you are interested in:
Output Size Used Avail (root) %Capacity
19.9GB 1016MB 17.9GB 18.9GB 4%
Please note, that there is no local variation of this command, but we can get around that by issuing the !
command.
The !
command drops us into a local shell, where we can run any command available on our local system. We can check disk usage by typing:
and then
OutputFilesystem Size Used Avail Capacity Mounted on
/dev/disk0s2 595Gi 52Gi 544Gi 9% /
devfs 181Ki 181Ki 0Bi 100% /dev
map -hosts 0Bi 0Bi 0Bi 100% /net
map auto_home 0Bi 0Bi 0Bi 100% /home
Any other local command will work as expected. To return to your SFTP session, type:
You should now see the SFTP prompt return.
SFTP allows you to perform some kinds of filesystem housekeeping. For instance, you can change the owner of a file on the remote system with:
Notice how, unlike the system chmod
command, the SFTP command does not accept usernames, but instead uses UIDs. Unfortunately, there is no built-in way to know the appropriate UID from within the SFTP interface.
As a workaround, you can read from the /etc/passwd
file, which associates usernames with UIDs in most Linux environments:
Outputroot:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
. . .
Notice how instead of giving the !
command by itself, we’ve used it as a prefix for a local shell command. This works to run any command available on our local machine and could have been used with the local df
command earlier.
The UID will be in the third column of the file, as delineated by colon characters.
Similarly, we can change the group owner of a file with:
Again, there is no built-in way to get a listing of the remote system’s groups. We can work around it with the following command:
Outputroot:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
. . .
The third column holds the ID of the group associated with name in the first column. This is what we are looking for.
The chmod
SFTP command works as normal on the remote filesystem:
OutputChanging mode on /home/demouser/publicFile
There is no equivalent command for manipulating local file permissions, but you can set the local umask, so that any files copied to the local system will have their corresponding permissions.
That can be done with the lumask
command:
OutputLocal umask: 022
Now all regular files downloaded (as long as the -p
flag is not used) will have 644 permissions.
SFTP also allows you to create directories on both local and remote systems with lmkdir
and mkdir
respectively.
The rest of the file commands target only the remote filesystem:
These commands replicate the core behavior of their shell equivalents. If you need to perform these actions on the local file system, remember that you can drop into a shell by issuing this command:
Or execute a single command on the local system by prefacing the command with !
like so:
When you are finished with your SFTP session, use exit
or bye
to close the connection.
Although SFTP syntax is much less comprehensive than modern shell tooling, it can be useful for providing compatibility with legacy FTP syntax or for carefully limiting the functionality available to remote users of some environments.
For example, you can use SFTP to enable particular users to transfer files without SSH access. For more information on this process, check out our tutorial on How To Enable SFTP Without Shell Access.
If you are used to using FTP or SCP to accomplish your transfers, SFTP is a good way to leverage the strengths of both. While it is not appropriate for every situation, it is a flexible tool to have in your repertoire.
Need highly available block storage? Attach secure, scalable NVMe- and SSD-based Volumes Block Storage to your DigitalOcean virtual machine in seconds. We’ll make sure your data is reliably stored and secure.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Awesome tuts. Thanks.
Easier to use FilaZilla - hopefully my tutorial will be here soon.
FileZilla, CyberDuck and other FTP clients work amazing on a personal computer, however this article aims to cover the steps on transferring files between droplets where using FileZilla is not an option.
Regards
@Samuel,
Sorry to steal your thunder: <a href=“https://www.digitalocean.com/community/articles/how-to-use-filezilla-to-transfer-and-manage-files-securely-on-your-vps”>How To Use Filezilla to Transfer and Manage Files Securely on your VPS</a>.
Filezilla (and Cyberduck and others) are fine if you’re on a personal computer, but if you want to transfer between two servers (i.e., two droplets) you’ll be happy to have these instructions. Sure beats downloading files from the source server to your computer and then uploading them to the destination server.
That is correct! The article aims to cover the steps on transferring files between droplets.
Regards
-r works with put ?? i am trying , put -r localfile , and it is saying , invalid flag -r
Heya, @sauarav23
If you’re looking for a tool that supports recursive directory transfers over SSH and provides more control over file transfers, I’ll recommend using
rsync
This is an example command:
-a
stands for archive mode, which preserves permissions and recursively copies directories.-v
stands for verbose, to provide detailed output.-z
enables compression during transfer.-e "ssh -p port_number"
specifies the SSH port.Regards
Please help. Using “put -r localDirectory” as a template (I want to upload all the files and folders from a folder on my local machine) I ran: sftp> lpwd Local working directory: /Users/Larry/Documents/Website sftp> put -r .
But the results had errors: Uploading ./ to /var/www/html/. remote open(“/var/www/html/.DS_Store”): Permission denied Uploading of file ./.DS_Store to /var/www/html/.DS_Store failed! remote open(“/var/www/html/.htaccess”): Permission denied Uploading of file ./.htaccess to /var/www/html/.htaccess failed! remote open(“/var/www/html/index.php”): Permission denied Uploading of file ./index.php to /var/www/html/index.php failed!
Not sure what is wrong, or how to fix it. Perhaps locally I have to be one directory above the desired folder to copy?
sftp> lcd … sftp> lpwd Local working directory: /Users/Larry/Documents sftp> put -r Website Uploading Website/ to /var/www/html/Website Couldn’t canonicalise: No such file or directory Unable to canonicalise path “/var/www/html/Website” sftp>
The “Permission denied” errors suggest that the SFTP user does not have write permissions to the target directory (
/var/www/html/
) on the remote server.Ensure the user you are connecting with has write permissions. If necessary, you can adjust the permissions with:
Note: Replace
username
with your actual username. Be cautious withchmod
andchown
to avoid security risks.Also ensure the directory and files you are trying to upload have the correct ownership and permissions to allow your user to write to them.
Regards
Larry: It looks like you’re trying to upload files into a directory on the remote server that you do not have permission to write to.
There are a few ways around this. You could upload them to a directory on the remote server that you do have access to, like your home directory, and then sign in through SSH and move the files over to the correct location (using sudo or by signing in with root).
Another alternative is to log in as the root user when connecting through SFTP by giving a command like
sftp root@your_server_ip
. You would then have adequate permissions to transfer the files to the web root as you are attempting to do.Please write back if you have more questions.
Hi Jellingwood, I got stuck at the same place. The problem is a bit different from Larry’s. So when I followed the
mkdir localdirectory
step, I ran:it shows: Couldn’t create directory: No such file or directory. Why and how to fix? :/
EDIT: Found a way to fix this.
lcd
to the upper level of the local directory to upload. e.g. Desktop then run themkdir
e.g.mkdir MyWebsite
And do the put -r . there. But still I don’t know whymkdir /Desktop/MyWebsite
does not work.I had changed my ssh port when i configured my server so i use for example ssh -p 4444 username@server_ip_addr
but how can i do the same for sftp i tried sftp -p 4444 username@server_ip_addr but i did not work connection closing
If your version of
sftp
does not recognize the-P
option or if it’s not working, you can use the-o
option to specify the port in the SSH configuration.Example:
sftp -oPort=4444 username@server_ip_addr
Here’s what’s happening:
-oPort=4444
sets the port for the SFTP session to4444
.When you change the default SSH port on your server, you need to specify this port when connecting via SFTP as well. However, it looks like
sftp
doesn’t directly support the-p
option for specifying the port in some versions. Instead, you can achieve this using alternative methods.Here’s how you can handle specifying a non-default port for SFTP:
1. Using
sftp
with Port SpecificationIf your version of
sftp
does not recognize the-P
option or if it’s not working, you can use the-o
option to specify the port in the SSH configuration.Example:
bashCopy code
sftp -oPort=4444 username@server_ip_addr
Here’s what’s happening:
-oPort=4444
sets the port for the SFTP session to4444
.If you’re just transferring files and don’t need the interactive SFTP session, you can use
scp
(Secure Copy) which supports specifying the port directly with-P
.Example:
scp -P 4444 localfile.txt username@server_ip_addr:/remote/path/
-P 4444
specifies the port for the SCP command.Regards
You need to give the argument -oPort
sftp -oPort 4444 username@server_ip_addr
I had to add a
=
between-oPort
and the port number to make it work:When you change the default SSH port on your server, you need to specify this port when connecting via SFTP as well. However, it looks like
sftp
doesn’t directly support the-p
option for specifying the port in some versions. Instead, you can achieve this using alternative methods.Here’s how you can handle specifying a non-default port for SFTP:
If your version of
sftp
does not recognize the-P
option or if it’s not working, you can use the-o
option to specify the port in the SSH configuration.sftp -oPort=4444 username@server_ip_addr
Here’s what’s happening:
-oPort=4444
sets the port for the SFTP session to4444
.If you’re just transferring files and don’t need the interactive SFTP session, you can use
scp
(Secure Copy) which supports specifying the port directly with-P
.Example:
scp -P 4444 localfile.txt username@server_ip_addr:/remote/path/
-P 4444
specifies the port for the SCP command.Regards
Hey, I can ssh onto my droplet, but if I type “put”, it says “No command ‘put’ found”. It does the same for commands like “lpwd” and “lcd”. Any idea about what’s happening?
Heya,
Once you are in the SFTP session, you can use SFTP-specific commands such as
put
,lpwd
, andlcd
.Example Session:
sftp username@remote_hostname_or_IP
sftp> lcd /local/path sftp> lpwd Local directory: /local/path sftp> cd /remote/path sftp> put localfile.txt
In this session:
lcd
changes the local directory.lpwd
prints the local working directory.put
uploads a file from the local machine to the remote server.Regards
alishaaukani+digoc:
You need to use the <code>sftp</code> command instead of <code>ssh</code> when you wish to use the SFTP functionality. This will take you into an SFTP session instead of a normal SSH session, and allow you to use the commands you mention and transfer files.
Let me know if you have any additional questions.
For changed ports
if sftp -oPort port_number username@server_ip_addr
doesn’t work, this should:
sftp -oPort=port_number username@server_ip_addr
sftp -oPort=portnumber username@serverip_addr
Works for me. Thanks
Help, I’m stuck in the first step. When I type
ssh username@remote_hostname_or_IP
I getPermission denied (publickey)
. I get same answer when typingsftp username@remote_hostname_or_IP
. Of course, I changed remote_hostname_or_IP to the appropriate IPv4 address.The SSH key works great on Putty program, though. I logged in without problem.
Okidoki, you need to use your root’s account password no the password of the server (the one you have received from digitalocean and you use to connect via ssh). It works for me.
This comment has been deleted
This comment has been deleted
This comment has been deleted
This comment has been deleted
This comment has been deleted
Hi danielemm, I followed this tutorial all the way to the end to create SSH by editing /etc/ssh/sshd_config to
When I commented back PasswordAuthentication and changed UsePAM to yes I was able to use the root’s password as you said so. However, is there a way to disable username/password logins to achieve better security while allowing sftp access at the same time?
The
Permission denied (publickey)
error when trying to connect via SSH or SFTP typically indicates an issue with the authentication process. Given that your SSH key works with PuTTY, it’s likely that the problem is related to the configuration or the way the key is used by the command-line SSH client.Regards
This comment has been deleted
When I am using SFTP and upload my site folder, I got :
mysite.com/ is not regular file.
I have tried upload using both “User” and “root”
What does it mean ? ‘Not regular File’ ?
The error message typically indicates that the SFTP client is encountering an issue with the file or directory you’re trying to manage. This error suggests that the file or directory path is not recognized or is being interpreted incorrectly.
Ensure that you are not trying to upload files to a directory path where a regular file is expected. For example, if you’re trying to upload to
/var/www/html/mysite.com/
, make sure the path is correctly specified and that it points to a directory.Regards
Perfect!
i have used sftp username@remote_hostname_or_IP command and it takes me to sftp prompt. BUt i directly want the file to be transfered to the remote location without prompting to SFTP prompt.
Is there any solution to this
Yes, you can directly transfer files using SFTP without entering the SFTP prompt by specifying the
put
command along with the file path in a single command. This can be done by either using a batch file or by passing commands directly tosftp
using the-b
option or by echoing the command into thesftp
command.You can echo the SFTP command and pipe it directly into the
sftp
command.Regards
It’s even a lot easier to connect via coreFTP as opposed to Filezilla, Filezilla kept asking to type password for each file i wanted to upload.
CoreFTP is often favored for its ease of use compared to other clients like FileZilla, especially when dealing with frequent file transfers or managing multiple site profiles.
Regards
I do not understand. You state it has to be this method. What exactly is the username to be used? My login name for digitalocean is an email address so is it mydetails@domain.com@ipaddress ??
@Dayandnightpers: In this case, you would not be using your username for your DigitalOcean account, you would need to use the username for your server.
By default, most of the distributions use the
root
user account as the default account for your server. If you have completed some of the other guides on this site, you may have configured another account. So you need to use whichever account you use to log into your server.If you did not include SSH keys when you created your server, you would have received an email with the login credentials for your new server. These are the details you need.
I want to have a shared hosting server, with multiple domains and obviously different content on each. Do I have to create a folder for each domain in my home or root directory?
Yes, that is correct. Where you create the directories depends on how your server is structured. This is all explained in this tutorial: How To Set Up Apache Virtual Hosts on Ubuntu 14.04 LTS.
That will be the correct structure. Usually on a shared hosting environment like using cPanel, the main domain is hosted in the
public_html
folder and then the addon domains will have separate folders outside the public_html folder, e.g/home/$user/domain1
,/home/$user/domain2
Regards
How to set local directory path??
lpwd and pwd showing same path. plz help.
make sure you’re using your local machine cmd or gitbash but not putty that already connected inside the vps. Then you will see your local path.
You can use the
lcd
command to change the directory on your local machine:lcd /path/to/your/local/directory
Example:
lcd /home/user/Documents
This command changes the current local directory to
/home/user/Documents
.Use the
lpwd
(local print working directory) command to display the current local directory path:lpwd
This will show the path of the local directory currently set.
The
cd
command changes the directory on the remote server:cd /path/to/remote/directory
Example:
cd /var/www/html
Use
pwd
to verify the remote working directory:pwd
Regards
You can also use WinSCP, it’s easier then this, and it also uses SSH.
WinSCP is a powerful tool for managing files on a remote server, especially if you prefer a graphical interface over command-line interactions. It’s also an alternative of FileZilla if you’re looking to expand your options.
Regards
Thank you!
I think FileZilla is easier with GUI. Also, need to mention can only access root, not any virtualhosts. Also, need to ‘jail’ users to directories, as they will access the root folder. FTP allows access to admin@domain.com, but SFTP allow access only to root@domain.com.
I always prefer digitalocean tutorials for server setups.
We’re happy to hear that! Our aim is to make server setups and beyond easier with our tutorials, articles and answer here in the community!
Thank you for the kind words!
I can’t get this to work with fail2ban enabled even as I’ve enabled vsftpd in my jail.conf file for fail2ban. I also use a non-standard port for ssh and I think this may be another reason. I get port 22 connection closed when I try
sftp me@hostname
and when I dosftp -p customSSHPort me@hostname
I get No route to host. Any way to get around this? I think port 22 is actually open for the connection but being blocked by a firewall or something even as I’ve allowed it in my iptablesThe option for the port for the sftp command is
-P
, not-p
. Try using that instead:Does that work? If not, are you able to connect with a GUI SFTP client such as WinSCP, CyberDuck, or FileZilla?
Thanks. It works!
when i do lpwd in the sftp prompt, nothing shows up. and if i do llsnothing is in my local directory too. I don’t know what’s wrong with this. There’s for sure so many files in my laptop. Did I mistakenly understood the remote/local concept anywhere? I followed the tut and use my username (non-root-user for the droplet) in place of all the USERNAME. EDIT: Is local considered as username@ubuntu-1gb-nyc3-01 and the remote be considered as username@Droplet’sIPAddress? But then how can i upload the files in my laptop to the username@ubuntu-1gb-nyc3-01 or username@Droplet’sIPAddress?
Figured this out. Before running username@Droplet’sIPAddress you need to be in your local machine rather than logged into the VPS already.
Issue1: I got my folder in the wrong directory and now i want to remove them. After rmdir MyWebsiteDirectory does not work. as it gives:
Couldn't remove directory: Failure
And then I ran:using this method, i am able to delete some of the subdirectories but there are still some subdirectories can’t be removed using
rmdir
even though they are empty already. So…how shall i fix it now? Issue2: I actually need to put the files in/var/www/html
, so shall i ranmkdir MyWebsiteFolder
thenput -r MyWebsiteFolder
there? But the index.html is inside MyWebsiteFolder, will this two simply enable me to see my website from my domain? The name of MyWebsiteFolder differs from the domain’s name, will this matter? ThanksHeya,
There are some possible causes for
rmdir
failure. I’ll try to list the most common ones:.htaccess
or.git
), might still be in the directory.From a technical standpoint, Issue 2 should not be a problem if:
Regards
Hi ,
I am facing 1 problem, my requirement is to rename a list of files in remote server. I am having the list of those files on my local server. I used a while loop to read these files one by one and then doing sftp and renaming in remote server, that works fine. But now when i m trying to use while within sftp it is not working. Can anyone suggest can we use while loop within sftp ?
Thanks.
When working with SFTP to rename a list of files on a remote server, you cannot directly use a
while
loop within an SFTP session because SFTP is a file transfer protocol and not a shell that supports scripting constructs like loops.However, you can automate this process using a script that handles both the file listing and the SFTP commands outside of the SFTP session itself. This is typically done by leveraging shell scripting, which can execute the SFTP commands in a batch mode or via a loop structure that interacts with SFTP.
Regards
very good article, but i’m searching for good practices on how to enable sftp server (openssh-server) in a docker environment… for example with multiple containers…
Running an SFTP server in Docker containers allows you to have a scalable, flexible, and isolated environment, especially when dealing with multiple containers.
Also assign different ports to each SFTP instance if they coexist on the same host.
And not on last place Implement Security Best Practices:
Use Strong Passwords or SSH Keys: Opt for strong passwords or SSH key authentication for enhanced security.
SSH Key Authentication: Generate SSH key pairs and use them for SFTP access instead of passwords.
ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa_sftp
Limit Access: Use firewalls and security groups to restrict access to SFTP ports from only trusted IP addresses.
Disable Root Access: Always use non-root users for SFTP access to minimize security risks.
Regards
Once I upload files using Filezilla in this way, all files are owned by root, so causes issues when trying to install apps like WordPress or Sugar CRM
Justin,
Thanks for this timeless post. I see nowadays many universities are encouraging students to use SFTP and SSH instead of FTP, which I think is a good practice. I’m curious what you think about Web RTC and if you think it will be widely implement by individuals and companies.
– Sam Smith Technology Evangelist and Aspiring Chef Large file transfers made easy. www.innorix.com/en/DS
The enhanced security, reliability, and ease of use offered by SFTP and SSH protocols make them an excellent choice for secure file transfer and remote server management.
As for WebRTC, it has already established itself as a critical technology in the real-time communication. Platforms like Google Meet, Zoom, and Microsoft Teams utilize WebRTC for high-quality, low-latency video conferencing and VoIP calls.
Regards
To-the-point, useful tutorial. Thanks.
Good article, but if you have SFTP access, wouldn’t it always make more sense to just mount the remote directory with
sshfs
and use the regularcp
/mv
/rm
/ls
/chmod
commands?@slang It depends quite a bit on your use-case. If you plan on regularly accessing remote files, then
sshfs
might be the best option. However, if you just need an ad-hoc method of grabbing a file or two,sftp
can be pretty quick and doesn’t require planning in advance.I don’t think
sshfs
requires planning in advance. It’s only 1 command before you can start accessing files through that directory. I thinkscp
could involve less setup, since it’s only 1 command to do the entire file transfer, butsftp
is at least as much setup assshfs
since it requires opening up the sftp prompt.@slang If
sshfs
works better for you, then by all means use it. We have a tutorial covering it here. They both do similar things under the hood. I prefersftp
because it means that I don’t have to install an additional package or deal with a mount directory that I know I’ll forget about later. Some users might not even be operating on a system they have administrative privileges on, which would present a problem. Good to mention it as an alternative though.Using
sshfs
to mount remote directories can be an excellent alternative to traditional file transfer methods like SFTP, especially when you need to work with remote files as if they were part of your local filesystem.This method allows you to use familiar Unix commands (
cp
,mv
,rm
,ls
,chmod
, etc.) directly on the remote files, providing a seamless experience for managing remote file systems.Regards
I really became tired of being somehow hacked due to FTP missconfiguration / bruteforce / etc attacks… Today i use only PSFTP and I’m really glad and happy that now i don’t even have a FTP service installed on my VPS
It’s great to hear that you’ve successfully transitioned to using PSFTP instead of traditional FTP. The switch significantly enhances your server’s security, as SFTP provides a much more secure and robust method of transferring files.
It’s always great to explore other options for your daily tasks and general applications in order to improve security, performance and beyond.
Regards
I need to grant access to a technical support but the only way is to give them the private key to connect through FTP on the server
I’ve read countless of post, SSH here and there, but how I can grant access to a adduser that I’ve created, .ssh/ authorized.keys that I’ve copied in /home/user to grant the access through my server on FTP without asking for private key
doubt, also…
do I need to add another SSH on my droplet, create also another SSH for a user, or I can use just one key (that’s what I’m doing, copying the .ssh/ and pasting to users.
Granting access to a tech support team member through SFTP can be achieved securely without sharing your private key. Instead, you should create a new user and manage their SSH keys to allow them secure access to the server.
Here’s a detailed guide on how to achieve this:
Regards
Hi,while sftp the file to remote server it is not accepting ASCII keyword.is there any way to make it ?
SFTP, unlike traditional FTP, does not have a built-in ASCII mode for text file transfers. SFTP treats all files as binary and does not perform any automatic line-ending conversions between Unix/Linux and Windows systems.
Some graphical SFTP clients like FileZilla offer options for automatic conversion of text files during transfers.
This option allows you to define specific file types (e.g.,
.txt
,.html
) that should be treated as ASCII, ensuring the correct line endings for different platforms.Regards
how do ou get started?
You will need a droplet and a ssh terminal from your local machine or another droplet/server. From there you can follow the tutorial.
Regards
Update link at bottom
https://www.digitalocean.com/community/tutorials/how-to-enable-sftp-without-shell-access-on-ubuntu-16-04
&
https://www.digitalocean.com/community/tutorials/how-to-enable-sftp-without-shell-access-on-centos-7
Thanks for the feedback.
I’ll pass this internally!
Usually readers get confused with SFTP and FTPS protocol. SFTP (SSH File Transfer Protocol/Secure File Transfer Protocol) and FTPS is FTP with SSL for security. Besides this, if you want to know how to configure VSFTPD FTPS with SSL/TLS on Ubuntu 18.04, check out this blog.
If anyone is interested in VSFTPD they can check this article:
https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-for-a-user-s-directory-on-ubuntu-20-04
Regards
Thanks for this tutorial, very helpful!
Justin,
Thanks for this timeless post. I see nowadays many universities are encouraging students to use SFTP and SSH instead of FTP, which I think is a good practice. I’m curious what you think about Web RTC and if you think it will be widely implement by individuals and companies.
– Sam Smith Technology Evangelist and Aspiring Chef Large file transfers made easy. www.innorix.com/en/DS
The enhanced security, reliability, and ease of use offered by SFTP and SSH protocols make them an excellent choice for secure file transfer and remote server management.
As for WebRTC, it has already established itself as a critical technology in the real-time communication. Platforms like Google Meet, Zoom, and Microsoft Teams utilize WebRTC for high-quality, low-latency video conferencing and VoIP calls.
Regards
To-the-point, useful tutorial. Thanks.
Good article, but if you have SFTP access, wouldn’t it always make more sense to just mount the remote directory with
sshfs
and use the regularcp
/mv
/rm
/ls
/chmod
commands?@slang It depends quite a bit on your use-case. If you plan on regularly accessing remote files, then
sshfs
might be the best option. However, if you just need an ad-hoc method of grabbing a file or two,sftp
can be pretty quick and doesn’t require planning in advance.I don’t think
sshfs
requires planning in advance. It’s only 1 command before you can start accessing files through that directory. I thinkscp
could involve less setup, since it’s only 1 command to do the entire file transfer, butsftp
is at least as much setup assshfs
since it requires opening up the sftp prompt.@slang If
sshfs
works better for you, then by all means use it. We have a tutorial covering it here. They both do similar things under the hood. I prefersftp
because it means that I don’t have to install an additional package or deal with a mount directory that I know I’ll forget about later. Some users might not even be operating on a system they have administrative privileges on, which would present a problem. Good to mention it as an alternative though.Using
sshfs
to mount remote directories can be an excellent alternative to traditional file transfer methods like SFTP, especially when you need to work with remote files as if they were part of your local filesystem.This method allows you to use familiar Unix commands (
cp
,mv
,rm
,ls
,chmod
, etc.) directly on the remote files, providing a seamless experience for managing remote file systems.Regards
I really became tired of being somehow hacked due to FTP missconfiguration / bruteforce / etc attacks… Today i use only PSFTP and I’m really glad and happy that now i don’t even have a FTP service installed on my VPS
It’s great to hear that you’ve successfully transitioned to using PSFTP instead of traditional FTP. The switch significantly enhances your server’s security, as SFTP provides a much more secure and robust method of transferring files.
It’s always great to explore other options for your daily tasks and general applications in order to improve security, performance and beyond.
Regards
I need to grant access to a technical support but the only way is to give them the private key to connect through FTP on the server
I’ve read countless of post, SSH here and there, but how I can grant access to a adduser that I’ve created, .ssh/ authorized.keys that I’ve copied in /home/user to grant the access through my server on FTP without asking for private key
doubt, also…
do I need to add another SSH on my droplet, create also another SSH for a user, or I can use just one key (that’s what I’m doing, copying the .ssh/ and pasting to users.
Granting access to a tech support team member through SFTP can be achieved securely without sharing your private key. Instead, you should create a new user and manage their SSH keys to allow them secure access to the server.
Here’s a detailed guide on how to achieve this:
Regards
Hi,while sftp the file to remote server it is not accepting ASCII keyword.is there any way to make it ?
SFTP, unlike traditional FTP, does not have a built-in ASCII mode for text file transfers. SFTP treats all files as binary and does not perform any automatic line-ending conversions between Unix/Linux and Windows systems.
Some graphical SFTP clients like FileZilla offer options for automatic conversion of text files during transfers.
This option allows you to define specific file types (e.g.,
.txt
,.html
) that should be treated as ASCII, ensuring the correct line endings for different platforms.Regards
how do ou get started?
You will need a droplet and a ssh terminal from your local machine or another droplet/server. From there you can follow the tutorial.
Regards
Update link at bottom
https://www.digitalocean.com/community/tutorials/how-to-enable-sftp-without-shell-access-on-ubuntu-16-04
&
https://www.digitalocean.com/community/tutorials/how-to-enable-sftp-without-shell-access-on-centos-7
Thanks for the feedback.
I’ll pass this internally!
Usually readers get confused with SFTP and FTPS protocol. SFTP (SSH File Transfer Protocol/Secure File Transfer Protocol) and FTPS is FTP with SSL for security. Besides this, if you want to know how to configure VSFTPD FTPS with SSL/TLS on Ubuntu 18.04, check out this blog.
If anyone is interested in VSFTPD they can check this article:
https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-for-a-user-s-directory-on-ubuntu-20-04
Regards
Thanks for this tutorial, very helpful!
I always find you’re info reliable. Thanks a lot.
when i use other port ,it always refused,
port 6666: Connection refused Connection closed
, i confirm the port 6666 is free, so i want to know what are the possible reasons for it. thank you very much.Awesome! I couldn’t get FileZilla to stop trying to use pubkey auth, this helped me work around it!
Heya,
You can double check the Host Configuration Settings in FileZilla if you want to stop using PubKey authentication and also change other settings.
Regards
Great tutorial buddy. Really helpful The SFTP commands really working with my current web host Redserverhost .com Thanks again. Keep posting such articles. Have a great day