Tutorial

How To Use SFTP to Securely Transfer Files with a Remote Server

Updated on January 19, 2022
English
How To Use SFTP to Securely Transfer Files with a Remote Server

Introduction

FTP, the File Transfer Protocol, was a popular, unencrypted method of transferring files between two remote systems. As of 2022, it has been deprecated by most modern software due to a lack of security, and can mostly only be used in legacy applications.

SFTP, which stands for Secure File Transfer Protocol, is a separate protocol packaged built into SSH that can implement FTP commands over a secure connection. Typically, it can act as a drop-in replacement in any contexts where an FTP server is still needed.

In almost all cases, SFTP is preferable to FTP because of its underlying security features and ability to piggy-back on an SSH connection. FTP is an insecure protocol that should only be used in limited cases or on networks you trust.

Although SFTP is integrated into many graphical tools, this guide will demonstrate how to use it through its interactive command line interface.

How to Connect with SFTP

By default, SFTP uses the SSH protocol to authenticate and establish a secure connection. Because of this, the same authentication methods are available that are present in SSH.

Although you can authenticate with passwords by default, we recommend you create SSH keys and transfer your public key to any system that you need to access. This is much more secure and can save you time in the long run.

Please see this guide to set up SSH keys in order to access your server if you have not done so already.

If you can connect to the machine using SSH, then you have completed all of the necessary requirements necessary to use SFTP to manage files. Test SSH access with the following command:

  1. ssh sammy@your_server_ip_or_remote_hostname

If that works, exit back out by typing:

  1. exit

Now we can establish an SFTP session by issuing the following command:

  1. sftp sammy@your_server_ip_or_remote_hostname

You will connect the the remote system and your prompt will change to an SFTP prompt.

If you are working on a custom SSH port (not the default port 22), then you can open an SFTP session as follows:

  1. sftp -oPort=custom_port sammy@your_server_ip_or_remote_hostname

This will connect you to the remote system by way of your specified port.

Getting Help in SFTP

The most useful command to learn first is the help command. This gives you access to a summary of the other SFTP commands. You can call it by typing either of these in the prompt:

  1. help

or

  1. ?

This will display a list of the available commands:

Output
Available commands: bye Quit sftp cd path Change remote directory to 'path' chgrp grp path Change group of file 'path' to 'grp' chmod mode path Change permissions of file 'path' to 'mode' chown own path Change owner of file 'path' to 'own' df [-hi] [path] Display statistics for current directory or filesystem containing 'path' exit Quit sftp get [-Ppr] remote [local] Download file help Display this help text lcd path Change local directory to 'path' . . .

We will explore some of the commands you see in the following sections.

We can navigate through the remote system’s file hierarchy using a number of commands that function similarly to their shell counterparts.

First, let’s orient ourselves by finding out which directory we are in currently on the remote system. Just like in a typical shell session, we can type the following to get the current directory:

  1. pwd
Output
Remote working directory: /home/demouser

We can view the contents of the current directory of the remote system with another familiar command:

  1. ls
Output
Summary.txt info.html temp.txt testDirectory

Note that the commands available within the SFTP interface are not a 1:1 match for typical shell syntax and are not as feature-rich. However, they do implement some of the more important optional flags, such as adding -la to ls to view more file metadata and permissions:

  1. ls -la
Output
drwxr-xr-x 5 demouser demouser 4096 Aug 13 15:11 . drwxr-xr-x 3 root root 4096 Aug 13 15:02 .. -rw------- 1 demouser demouser 5 Aug 13 15:04 .bash_history -rw-r--r-- 1 demouser demouser 220 Aug 13 15:02 .bash_logout -rw-r--r-- 1 demouser demouser 3486 Aug 13 15:02 .bashrc drwx------ 2 demouser demouser 4096 Aug 13 15:04 .cache -rw-r--r-- 1 demouser demouser 675 Aug 13 15:02 .profile . . .

To get to another directory, we can issue this command:

  1. cd testDirectory

We can now traverse the remote file system, but what if we need to access our local file system? We can direct commands towards the local file system by preceding them with an l for local.

All of the commands discussed so far have local equivalents. We can print the local working directory:

  1. lpwd
Output
Local working directory: /Users/demouser

We can list the contents of the current directory on the local machine:

  1. lls
Output
Desktop local.txt test.html Documents analysis.rtf zebra.html

We can also change the directory we want to interact with on the local system:

  1. lcd Desktop

Transferring Files with SFTP

If we want to download files from our remote host, we can do so using the get command:

  1. get remoteFile
Output
Fetching /home/demouser/remoteFile to remoteFile /home/demouser/remoteFile 100% 37KB 36.8KB/s 00:01

As you can see, by default, the get command downloads a remote file to a file with the same name on the local file system.

We can copy the remote file to a different name by specifying the name afterwards:

  1. get remoteFile localFile

The get command also accepts some option flags. For instance, we can copy a directory and all of its contents by specifying the recursive option:

  1. get -r someDirectory

We can tell SFTP to maintain the appropriate permissions and access times by using the -P or -p flag:

  1. get -Pr someDirectory

Transferring Local Files to the Remote System

Transferring files to the remote system works the same way, but with a put command:

  1. put localFile
Output
Uploading localFile to /home/demouser/localFile localFile 100% 7607 7.4KB/s 00:00

The same flags that work with get apply to put. So to copy an entire local directory, you can run put -r:

  1. put -r localDirectory

One familiar tool that is useful when downloading and uploading files is the df command, which works similarly to the command line version. Using this, you can check that you have enough space to complete the transfers you are interested in:

  1. df -h
Output
Size Used Avail (root) %Capacity 19.9GB 1016MB 17.9GB 18.9GB 4%

Please note, that there is no local variation of this command, but we can get around that by issuing the ! command.

The ! command drops us into a local shell, where we can run any command available on our local system. We can check disk usage by typing:

  1. !

and then

  1. df -h
Output
Filesystem Size Used Avail Capacity Mounted on /dev/disk0s2 595Gi 52Gi 544Gi 9% / devfs 181Ki 181Ki 0Bi 100% /dev map -hosts 0Bi 0Bi 0Bi 100% /net map auto_home 0Bi 0Bi 0Bi 100% /home

Any other local command will work as expected. To return to your SFTP session, type:

  1. exit

You should now see the SFTP prompt return.

Simple File Manipulations with SFTP

SFTP allows you to perform some kinds of filesystem housekeeping. For instance, you can change the owner of a file on the remote system with:

  1. chown userID file

Notice how, unlike the system chmod command, the SFTP command does not accept usernames, but instead uses UIDs. Unfortunately, there is no built-in way to know the appropriate UID from within the SFTP interface.

As a workaround, you can read from the /etc/passwd file, which associates usernames with UIDs in most Linux environments:

  1. get /etc/passwd
  2. !less passwd
Output
root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh . . .

Notice how instead of giving the ! command by itself, we’ve used it as a prefix for a local shell command. This works to run any command available on our local machine and could have been used with the local df command earlier.

The UID will be in the third column of the file, as delineated by colon characters.

Similarly, we can change the group owner of a file with:

  1. chgrp groupID file

Again, there is no built-in way to get a listing of the remote system’s groups. We can work around it with the following command:

  1. get /etc/group
  2. !less group
Output
root:x:0: daemon:x:1: bin:x:2: sys:x:3: adm:x:4: tty:x:5: disk:x:6: lp:x:7: . . .

The third column holds the ID of the group associated with name in the first column. This is what we are looking for.

The chmod SFTP command works as normal on the remote filesystem:

  1. chmod 777 publicFile
Output
Changing mode on /home/demouser/publicFile

There is no equivalent command for manipulating local file permissions, but you can set the local umask, so that any files copied to the local system will have their corresponding permissions.

That can be done with the lumask command:

  1. lumask 022
Output
Local umask: 022

Now all regular files downloaded (as long as the -p flag is not used) will have 644 permissions.

SFTP also allows you to create directories on both local and remote systems with lmkdir and mkdir respectively.

The rest of the file commands target only the remote filesystem:

  1. ln
  2. rm
  3. rmdir

These commands replicate the core behavior of their shell equivalents. If you need to perform these actions on the local file system, remember that you can drop into a shell by issuing this command:

  1. !

Or execute a single command on the local system by prefacing the command with ! like so:

  1. !chmod 644 somefile

When you are finished with your SFTP session, use exit or bye to close the connection.

  1. bye

Conclusion

Although SFTP syntax is much less comprehensive than modern shell tooling, it can be useful for providing compatibility with legacy FTP syntax or for carefully limiting the functionality available to remote users of some environments.

For example, you can use SFTP to enable particular users to transfer files without SSH access. For more information on this process, check out our tutorial on How To Enable SFTP Without Shell Access.

If you are used to using FTP or SCP to accomplish your transfers, SFTP is a good way to leverage the strengths of both. While it is not appropriate for every situation, it is a flexible tool to have in your repertoire.

Need highly available block storage? Attach secure, scalable NVMe- and SSD-based Volumes Block Storage to your DigitalOcean virtual machine in seconds. We’ll make sure your data is reliably stored and secure.

Learn more here

About the authors

Still looking for an answer?

Ask a questionSearch for more help

Was this helpful?
 
54 Comments
Leave a comment...

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Awesome tuts. Thanks.

Easier to use FilaZilla - hopefully my tutorial will be here soon.

alexdo
Site Moderator
Site Moderator badge
July 31, 2024

FileZilla, CyberDuck and other FTP clients work amazing on a personal computer, however this article aims to cover the steps on transferring files between droplets where using FileZilla is not an option.

Regards

@Samuel,

Sorry to steal your thunder: <a href=“https://www.digitalocean.com/community/articles/how-to-use-filezilla-to-transfer-and-manage-files-securely-on-your-vps”>How To Use Filezilla to Transfer and Manage Files Securely on your VPS</a>.

Filezilla (and Cyberduck and others) are fine if you’re on a personal computer, but if you want to transfer between two servers (i.e., two droplets) you’ll be happy to have these instructions. Sure beats downloading files from the source server to your computer and then uploading them to the destination server.

alexdo
Site Moderator
Site Moderator badge
July 31, 2024

That is correct! The article aims to cover the steps on transferring files between droplets.

Regards

-r works with put ?? i am trying , put -r localfile , and it is saying , invalid flag -r

alexdo
Site Moderator
Site Moderator badge
July 31, 2024

Heya, @sauarav23

If you’re looking for a tool that supports recursive directory transfers over SSH and provides more control over file transfers, I’ll recommend using rsync

This is an example command:

rsync -avz -e "ssh -p port_number" /local/directory/ username@server_ip_addr:/remote/directory/
  • -a stands for archive mode, which preserves permissions and recursively copies directories.
  • -v stands for verbose, to provide detailed output.
  • -z enables compression during transfer.
  • -e "ssh -p port_number" specifies the SSH port.

Regards

Please help. Using “put -r localDirectory” as a template (I want to upload all the files and folders from a folder on my local machine) I ran: sftp> lpwd Local working directory: /Users/Larry/Documents/Website sftp> put -r .

But the results had errors: Uploading ./ to /var/www/html/. remote open(“/var/www/html/.DS_Store”): Permission denied Uploading of file ./.DS_Store to /var/www/html/.DS_Store failed! remote open(“/var/www/html/.htaccess”): Permission denied Uploading of file ./.htaccess to /var/www/html/.htaccess failed! remote open(“/var/www/html/index.php”): Permission denied Uploading of file ./index.php to /var/www/html/index.php failed!

Not sure what is wrong, or how to fix it. Perhaps locally I have to be one directory above the desired folder to copy?

sftp> lcd … sftp> lpwd Local working directory: /Users/Larry/Documents sftp> put -r Website Uploading Website/ to /var/www/html/Website Couldn’t canonicalise: No such file or directory Unable to canonicalise path “/var/www/html/Website” sftp>

alexdo
Site Moderator
Site Moderator badge
July 31, 2024

The “Permission denied” errors suggest that the SFTP user does not have write permissions to the target directory (/var/www/html/) on the remote server.

Ensure the user you are connecting with has write permissions. If necessary, you can adjust the permissions with:

sudo chmod 755 /var/www/html sudo chown username:username /var/www/html

Note: Replace username with your actual username. Be cautious with chmod and chown to avoid security risks.

Also ensure the directory and files you are trying to upload have the correct ownership and permissions to allow your user to write to them.

sudo chown -R username:username /var/www/html/

Regards

Justin Ellingwood
DigitalOcean Employee
DigitalOcean Employee badge
March 26, 2014

Larry: It looks like you’re trying to upload files into a directory on the remote server that you do not have permission to write to.

There are a few ways around this. You could upload them to a directory on the remote server that you do have access to, like your home directory, and then sign in through SSH and move the files over to the correct location (using sudo or by signing in with root).

Another alternative is to log in as the root user when connecting through SFTP by giving a command like sftp root@your_server_ip. You would then have adequate permissions to transfer the files to the web root as you are attempting to do.

Please write back if you have more questions.

Hi Jellingwood, I got stuck at the same place. The problem is a bit different from Larry’s. So when I followed the mkdir localdirectory step, I ran:

mkdir /Desktop/MyWebsite

it shows: Couldn’t create directory: No such file or directory. Why and how to fix? :/

EDIT: Found a way to fix this. lcd to the upper level of the local directory to upload. e.g. Desktop then run the mkdir e.g. mkdir MyWebsite And do the put -r . there. But still I don’t know why mkdir /Desktop/MyWebsite does not work.

I had changed my ssh port when i configured my server so i use for example ssh -p 4444 username@server_ip_addr

but how can i do the same for sftp i tried sftp -p 4444 username@server_ip_addr but i did not work connection closing

alexdo
Site Moderator
Site Moderator badge
July 31, 2024

If your version of sftp does not recognize the -P option or if it’s not working, you can use the -o option to specify the port in the SSH configuration.

Example:

sftp -oPort=4444 username@server_ip_addr

Here’s what’s happening:

  • -oPort=4444 sets the port for the SFTP session to 4444.

When you change the default SSH port on your server, you need to specify this port when connecting via SFTP as well. However, it looks like sftp doesn’t directly support the -p option for specifying the port in some versions. Instead, you can achieve this using alternative methods.

Here’s how you can handle specifying a non-default port for SFTP:

1. Using sftp with Port Specification

If your version of sftp does not recognize the -P option or if it’s not working, you can use the -o option to specify the port in the SSH configuration.

Example:

bashCopy code

sftp -oPort=4444 username@server_ip_addr

Here’s what’s happening:

  • -oPort=4444 sets the port for the SFTP session to 4444.

If you’re just transferring files and don’t need the interactive SFTP session, you can use scp (Secure Copy) which supports specifying the port directly with -P.

Example:

scp -P 4444 localfile.txt username@server_ip_addr:/remote/path/

  • -P 4444 specifies the port for the SCP command.

Regards

You need to give the argument -oPort

sftp -oPort 4444 username@server_ip_addr

I had to add a = between -oPort and the port number to make it work:

sftp -oPort=4444 username@server_ip_addr
alexdo
Site Moderator
Site Moderator badge
July 31, 2024

When you change the default SSH port on your server, you need to specify this port when connecting via SFTP as well. However, it looks like sftp doesn’t directly support the -p option for specifying the port in some versions. Instead, you can achieve this using alternative methods.

Here’s how you can handle specifying a non-default port for SFTP:

If your version of sftp does not recognize the -P option or if it’s not working, you can use the -o option to specify the port in the SSH configuration.

sftp -oPort=4444 username@server_ip_addr

Here’s what’s happening:

  • -oPort=4444 sets the port for the SFTP session to 4444.

If you’re just transferring files and don’t need the interactive SFTP session, you can use scp (Secure Copy) which supports specifying the port directly with -P.

Example:

scp -P 4444 localfile.txt username@server_ip_addr:/remote/path/

  • -P 4444 specifies the port for the SCP command.

Regards

Hey, I can ssh onto my droplet, but if I type “put”, it says “No command ‘put’ found”. It does the same for commands like “lpwd” and “lcd”. Any idea about what’s happening?

alexdo
Site Moderator
Site Moderator badge
July 31, 2024

Heya,

Once you are in the SFTP session, you can use SFTP-specific commands such as put, lpwd, and lcd.

Example Session:

sftp username@remote_hostname_or_IP

sftp> lcd /local/path sftp> lpwd Local directory: /local/path sftp> cd /remote/path sftp> put localfile.txt

In this session:

  • lcd changes the local directory.
  • lpwd prints the local working directory.
  • put uploads a file from the local machine to the remote server.

Regards

Justin Ellingwood
DigitalOcean Employee
DigitalOcean Employee badge
June 21, 2014

alishaaukani+digoc:

You need to use the <code>sftp</code> command instead of <code>ssh</code> when you wish to use the SFTP functionality. This will take you into an SFTP session instead of a normal SSH session, and allow you to use the commands you mention and transfer files.

Let me know if you have any additional questions.

For changed ports

if sftp -oPort port_number username@server_ip_addr

doesn’t work, this should:

sftp -oPort=port_number username@server_ip_addr

sftp -oPort=portnumber username@serverip_addr

Works for me. Thanks

Help, I’m stuck in the first step. When I type ssh username@remote_hostname_or_IP I get Permission denied (publickey). I get same answer when typing sftp username@remote_hostname_or_IP. Of course, I changed remote_hostname_or_IP to the appropriate IPv4 address.

The SSH key works great on Putty program, though. I logged in without problem.

Okidoki, you need to use your root’s account password no the password of the server (the one you have received from digitalocean and you use to connect via ssh). It works for me.

This comment has been deleted

    This comment has been deleted

      This comment has been deleted

        This comment has been deleted

          This comment has been deleted

            Hi danielemm, I followed this tutorial all the way to the end to create SSH by editing /etc/ssh/sshd_config to

            [...]
            PasswordAuthentication no
            [...]
            UsePAM no
            [...]
            

            When I commented back PasswordAuthentication and changed UsePAM to yes I was able to use the root’s password as you said so. However, is there a way to disable username/password logins to achieve better security while allowing sftp access at the same time?

            alexdo
            Site Moderator
            Site Moderator badge
            July 31, 2024

            The Permission denied (publickey) error when trying to connect via SSH or SFTP typically indicates an issue with the authentication process. Given that your SSH key works with PuTTY, it’s likely that the problem is related to the configuration or the way the key is used by the command-line SSH client.

            Regards

            This comment has been deleted

              When I am using SFTP and upload my site folder, I got :

              mysite.com/ is not regular file.

              I have tried upload using both “User” and “root”

              What does it mean ? ‘Not regular File’ ?

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              The error message typically indicates that the SFTP client is encountering an issue with the file or directory you’re trying to manage. This error suggests that the file or directory path is not recognized or is being interpreted incorrectly.

              Ensure that you are not trying to upload files to a directory path where a regular file is expected. For example, if you’re trying to upload to /var/www/html/mysite.com/, make sure the path is correctly specified and that it points to a directory.

              Regards

              i have used sftp username@remote_hostname_or_IP command and it takes me to sftp prompt. BUt i directly want the file to be transfered to the remote location without prompting to SFTP prompt.

              Is there any solution to this

              alexdo
              Site Moderator
              Site Moderator badge
              August 22, 2024

              Yes, you can directly transfer files using SFTP without entering the SFTP prompt by specifying the put command along with the file path in a single command. This can be done by either using a batch file or by passing commands directly to sftp using the -b option or by echoing the command into the sftp command.

              You can echo the SFTP command and pipe it directly into the sftp command.

              echo "put /path/to/local/file /path/to/remote/directory/" | sftp username@remote_hostname_or_IP
              

              Regards

              It’s even a lot easier to connect via coreFTP as opposed to Filezilla, Filezilla kept asking to type password for each file i wanted to upload.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              CoreFTP is often favored for its ease of use compared to other clients like FileZilla, especially when dealing with frequent file transfers or managing multiple site profiles.

              Regards

              I do not understand. You state it has to be this method. What exactly is the username to be used? My login name for digitalocean is an email address so is it mydetails@domain.com@ipaddress ??

              Justin Ellingwood
              DigitalOcean Employee
              DigitalOcean Employee badge
              January 13, 2015

              @Dayandnightpers: In this case, you would not be using your username for your DigitalOcean account, you would need to use the username for your server.

              By default, most of the distributions use the root user account as the default account for your server. If you have completed some of the other guides on this site, you may have configured another account. So you need to use whichever account you use to log into your server.

              If you did not include SSH keys when you created your server, you would have received an email with the login credentials for your new server. These are the details you need.

              I want to have a shared hosting server, with multiple domains and obviously different content on each. Do I have to create a folder for each domain in my home or root directory?

              Kamal Nasser
              DigitalOcean Employee
              DigitalOcean Employee badge
              April 27, 2015

              Yes, that is correct. Where you create the directories depends on how your server is structured. This is all explained in this tutorial: How To Set Up Apache Virtual Hosts on Ubuntu 14.04 LTS.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              That will be the correct structure. Usually on a shared hosting environment like using cPanel, the main domain is hosted in the public_html folder and then the addon domains will have separate folders outside the public_html folder, e.g /home/$user/domain1 , /home/$user/domain2

              Regards

              How to set local directory path??

              lpwd and pwd showing same path. plz help.

              make sure you’re using your local machine cmd or gitbash but not putty that already connected inside the vps. Then you will see your local path.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              You can use the lcd command to change the directory on your local machine:

              lcd /path/to/your/local/directory

              Example:

              lcd /home/user/Documents

              This command changes the current local directory to /home/user/Documents.

              • Verify Current Local Directory:

              Use the lpwd (local print working directory) command to display the current local directory path:

              lpwd

              This will show the path of the local directory currently set.

              • Change Remote Directory Path (for Context):

              The cd command changes the directory on the remote server:

              cd /path/to/remote/directory

              Example:

              cd /var/www/html

              Use pwd to verify the remote working directory:

              pwd

              Regards

              You can also use WinSCP, it’s easier then this, and it also uses SSH.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              WinSCP is a powerful tool for managing files on a remote server, especially if you prefer a graphical interface over command-line interactions. It’s also an alternative of FileZilla if you’re looking to expand your options.

              Regards

              Thank you!

              I think FileZilla is easier with GUI. Also, need to mention can only access root, not any virtualhosts. Also, need to ‘jail’ users to directories, as they will access the root folder. FTP allows access to admin@domain.com, but SFTP allow access only to root@domain.com.

              I always prefer digitalocean tutorials for server setups.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              We’re happy to hear that! Our aim is to make server setups and beyond easier with our tutorials, articles and answer here in the community!

              Thank you for the kind words!

              I can’t get this to work with fail2ban enabled even as I’ve enabled vsftpd in my jail.conf file for fail2ban. I also use a non-standard port for ssh and I think this may be another reason. I get port 22 connection closed when I try sftp me@hostname and when I do sftp -p customSSHPort me@hostname I get No route to host. Any way to get around this? I think port 22 is actually open for the connection but being blocked by a firewall or something even as I’ve allowed it in my iptables

              Kamal Nasser
              DigitalOcean Employee
              DigitalOcean Employee badge
              January 3, 2016

              The option for the port for the sftp command is -P, not -p. Try using that instead:

              sftp -P customSSHPort me@hostname
              

              Does that work? If not, are you able to connect with a GUI SFTP client such as WinSCP, CyberDuck, or FileZilla?

              Thanks. It works!

              when i do lpwd in the sftp prompt, nothing shows up. and if i do llsnothing is in my local directory too. I don’t know what’s wrong with this. There’s for sure so many files in my laptop. Did I mistakenly understood the remote/local concept anywhere? I followed the tut and use my username (non-root-user for the droplet) in place of all the USERNAME. EDIT: Is local considered as username@ubuntu-1gb-nyc3-01 and the remote be considered as username@Droplet’sIPAddress? But then how can i upload the files in my laptop to the username@ubuntu-1gb-nyc3-01 or username@Droplet’sIPAddress?

              Figured this out. Before running username@Droplet’sIPAddress you need to be in your local machine rather than logged into the VPS already.

              Issue1: I got my folder in the wrong directory and now i want to remove them. After rmdir MyWebsiteDirectory does not work. as it gives: Couldn't remove directory: Failure And then I ran:

              cd MyWebsiteDirectory
              rm MyWebsiteSubDirectory/*
              rmdir MyWebsiteSubDirectory
              

              using this method, i am able to delete some of the subdirectories but there are still some subdirectories can’t be removed using rmdir even though they are empty already. So…how shall i fix it now? Issue2: I actually need to put the files in /var/www/html, so shall i ran mkdir MyWebsiteFolder then put -r MyWebsiteFolder there? But the index.html is inside MyWebsiteFolder, will this two simply enable me to see my website from my domain? The name of MyWebsiteFolder differs from the domain’s name, will this matter? Thanks

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              Heya,

              There are some possible causes for rmdir failure. I’ll try to list the most common ones:

              1. Hidden Files: Some files, such as hidden files (files starting with a dot, like .htaccess or .git), might still be in the directory.
              2. Permissions Issues: You might not have the necessary permissions to remove the directory or its contents.
              3. In Use: The directory might be open or in use by another process.
              4. File System Errors: There could be underlying file system errors or locks.

              From a technical standpoint, Issue 2 should not be a problem if:

              • The web server configuration correctly points to the directory where your files are located.
              • The directory name does not affect the functionality as long as the web server configuration is correct.
              • Your domain’s DNS settings are correctly pointing to your server.

              Regards

              Hi ,

              I am facing 1 problem, my requirement is to rename a list of files in remote server. I am having the list of those files on my local server. I used a while loop to read these files one by one and then doing sftp and renaming in remote server, that works fine. But now when i m trying to use while within sftp it is not working. Can anyone suggest can we use while loop within sftp ?

              Thanks.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              When working with SFTP to rename a list of files on a remote server, you cannot directly use a while loop within an SFTP session because SFTP is a file transfer protocol and not a shell that supports scripting constructs like loops.

              However, you can automate this process using a script that handles both the file listing and the SFTP commands outside of the SFTP session itself. This is typically done by leveraging shell scripting, which can execute the SFTP commands in a batch mode or via a loop structure that interacts with SFTP.

              Regards

              very good article, but i’m searching for good practices on how to enable sftp server (openssh-server) in a docker environment… for example with multiple containers…

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              Running an SFTP server in Docker containers allows you to have a scalable, flexible, and isolated environment, especially when dealing with multiple containers.

              • You can run different instances of SFTP servers in separate containers for different projects or environments (e.g., development, staging, production). This ensures isolation and simplifies management.

              Also assign different ports to each SFTP instance if they coexist on the same host.

              docker run -d -p 2222:22 --name sftp-server-dev sftp-server 
              docker run -d -p 2223:22 --name sftp-server-prod sftp-server
              
              • Use Docker volumes to store data outside the container, ensuring that files are retained even if the container restarts.
              docker run -d -p 2222:22 \     -v /host/sftp/data:/home/sftpuser/uploads \     --name sftp-server sftp-server
              

              And not on last place Implement Security Best Practices:

              • Use Strong Passwords or SSH Keys: Opt for strong passwords or SSH key authentication for enhanced security.

              • SSH Key Authentication: Generate SSH key pairs and use them for SFTP access instead of passwords.

              ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa_sftp

              • Limit Access: Use firewalls and security groups to restrict access to SFTP ports from only trusted IP addresses.

              • Disable Root Access: Always use non-root users for SFTP access to minimize security risks.

              Regards

              Once I upload files using Filezilla in this way, all files are owned by root, so causes issues when trying to install apps like WordPress or Sugar CRM

              Justin,

              Thanks for this timeless post. I see nowadays many universities are encouraging students to use SFTP and SSH instead of FTP, which I think is a good practice. I’m curious what you think about Web RTC and if you think it will be widely implement by individuals and companies.

              – Sam Smith Technology Evangelist and Aspiring Chef Large file transfers made easy. www.innorix.com/en/DS

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              The enhanced security, reliability, and ease of use offered by SFTP and SSH protocols make them an excellent choice for secure file transfer and remote server management.

              As for WebRTC, it has already established itself as a critical technology in the real-time communication. Platforms like Google Meet, Zoom, and Microsoft Teams utilize WebRTC for high-quality, low-latency video conferencing and VoIP calls.

              Regards

              To-the-point, useful tutorial. Thanks.

              Good article, but if you have SFTP access, wouldn’t it always make more sense to just mount the remote directory with sshfs and use the regular cp / mv / rm / ls / chmod commands?

              Justin Ellingwood
              DigitalOcean Employee
              DigitalOcean Employee badge
              January 9, 2017

              @slang It depends quite a bit on your use-case. If you plan on regularly accessing remote files, then sshfs might be the best option. However, if you just need an ad-hoc method of grabbing a file or two, sftp can be pretty quick and doesn’t require planning in advance.

              I don’t think sshfs requires planning in advance. It’s only 1 command before you can start accessing files through that directory. I think scp could involve less setup, since it’s only 1 command to do the entire file transfer, but sftp is at least as much setup as sshfs since it requires opening up the sftp prompt.

              Justin Ellingwood
              DigitalOcean Employee
              DigitalOcean Employee badge
              January 9, 2017

              @slang If sshfs works better for you, then by all means use it. We have a tutorial covering it here. They both do similar things under the hood. I prefer sftp because it means that I don’t have to install an additional package or deal with a mount directory that I know I’ll forget about later. Some users might not even be operating on a system they have administrative privileges on, which would present a problem. Good to mention it as an alternative though.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              Using sshfs to mount remote directories can be an excellent alternative to traditional file transfer methods like SFTP, especially when you need to work with remote files as if they were part of your local filesystem.

              This method allows you to use familiar Unix commands (cp, mv, rm, ls, chmod, etc.) directly on the remote files, providing a seamless experience for managing remote file systems.

              Regards

              I really became tired of being somehow hacked due to FTP missconfiguration / bruteforce / etc attacks… Today i use only PSFTP and I’m really glad and happy that now i don’t even have a FTP service installed on my VPS

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              It’s great to hear that you’ve successfully transitioned to using PSFTP instead of traditional FTP. The switch significantly enhances your server’s security, as SFTP provides a much more secure and robust method of transferring files.

              It’s always great to explore other options for your daily tasks and general applications in order to improve security, performance and beyond.

              Regards

              I need to grant access to a technical support but the only way is to give them the private key to connect through FTP on the server

              I’ve read countless of post, SSH here and there, but how I can grant access to a adduser that I’ve created, .ssh/ authorized.keys that I’ve copied in /home/user to grant the access through my server on FTP without asking for private key

              doubt, also…

              do I need to add another SSH on my droplet, create also another SSH for a user, or I can use just one key (that’s what I’m doing, copying the .ssh/ and pasting to users.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              Granting access to a tech support team member through SFTP can be achieved securely without sharing your private key. Instead, you should create a new user and manage their SSH keys to allow them secure access to the server.

              Here’s a detailed guide on how to achieve this:

              • Create a New User
              • Generate SSH Keys for the User
              • Copy the Public Key to the Server
              • Set Permissions and Ownership

              Regards

              Hi,while sftp the file to remote server it is not accepting ASCII keyword.is there any way to make it ?

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              SFTP, unlike traditional FTP, does not have a built-in ASCII mode for text file transfers. SFTP treats all files as binary and does not perform any automatic line-ending conversions between Unix/Linux and Windows systems.

              Some graphical SFTP clients like FileZilla offer options for automatic conversion of text files during transfers.

              • Go to: EditSettingsTransfersFile Types
              • Choose “Treat files without extension as ASCII” for automatic conversion.

              This option allows you to define specific file types (e.g., .txt, .html) that should be treated as ASCII, ensuring the correct line endings for different platforms.

              Regards

              how do ou get started?

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              You will need a droplet and a ssh terminal from your local machine or another droplet/server. From there you can follow the tutorial.

              Regards

              Usually readers get confused with SFTP and FTPS protocol. SFTP (SSH File Transfer Protocol/Secure File Transfer Protocol) and FTPS is FTP with SSL for security. Besides this, if you want to know how to configure VSFTPD FTPS with SSL/TLS on Ubuntu 18.04, check out this blog.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              If anyone is interested in VSFTPD they can check this article:

              https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-for-a-user-s-directory-on-ubuntu-20-04

              Regards

              Thanks for this tutorial, very helpful!

              Justin,

              Thanks for this timeless post. I see nowadays many universities are encouraging students to use SFTP and SSH instead of FTP, which I think is a good practice. I’m curious what you think about Web RTC and if you think it will be widely implement by individuals and companies.

              – Sam Smith Technology Evangelist and Aspiring Chef Large file transfers made easy. www.innorix.com/en/DS

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              The enhanced security, reliability, and ease of use offered by SFTP and SSH protocols make them an excellent choice for secure file transfer and remote server management.

              As for WebRTC, it has already established itself as a critical technology in the real-time communication. Platforms like Google Meet, Zoom, and Microsoft Teams utilize WebRTC for high-quality, low-latency video conferencing and VoIP calls.

              Regards

              To-the-point, useful tutorial. Thanks.

              Good article, but if you have SFTP access, wouldn’t it always make more sense to just mount the remote directory with sshfs and use the regular cp / mv / rm / ls / chmod commands?

              Justin Ellingwood
              DigitalOcean Employee
              DigitalOcean Employee badge
              January 9, 2017

              @slang It depends quite a bit on your use-case. If you plan on regularly accessing remote files, then sshfs might be the best option. However, if you just need an ad-hoc method of grabbing a file or two, sftp can be pretty quick and doesn’t require planning in advance.

              I don’t think sshfs requires planning in advance. It’s only 1 command before you can start accessing files through that directory. I think scp could involve less setup, since it’s only 1 command to do the entire file transfer, but sftp is at least as much setup as sshfs since it requires opening up the sftp prompt.

              Justin Ellingwood
              DigitalOcean Employee
              DigitalOcean Employee badge
              January 9, 2017

              @slang If sshfs works better for you, then by all means use it. We have a tutorial covering it here. They both do similar things under the hood. I prefer sftp because it means that I don’t have to install an additional package or deal with a mount directory that I know I’ll forget about later. Some users might not even be operating on a system they have administrative privileges on, which would present a problem. Good to mention it as an alternative though.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              Using sshfs to mount remote directories can be an excellent alternative to traditional file transfer methods like SFTP, especially when you need to work with remote files as if they were part of your local filesystem.

              This method allows you to use familiar Unix commands (cp, mv, rm, ls, chmod, etc.) directly on the remote files, providing a seamless experience for managing remote file systems.

              Regards

              I really became tired of being somehow hacked due to FTP missconfiguration / bruteforce / etc attacks… Today i use only PSFTP and I’m really glad and happy that now i don’t even have a FTP service installed on my VPS

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              It’s great to hear that you’ve successfully transitioned to using PSFTP instead of traditional FTP. The switch significantly enhances your server’s security, as SFTP provides a much more secure and robust method of transferring files.

              It’s always great to explore other options for your daily tasks and general applications in order to improve security, performance and beyond.

              Regards

              I need to grant access to a technical support but the only way is to give them the private key to connect through FTP on the server

              I’ve read countless of post, SSH here and there, but how I can grant access to a adduser that I’ve created, .ssh/ authorized.keys that I’ve copied in /home/user to grant the access through my server on FTP without asking for private key

              doubt, also…

              do I need to add another SSH on my droplet, create also another SSH for a user, or I can use just one key (that’s what I’m doing, copying the .ssh/ and pasting to users.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              Granting access to a tech support team member through SFTP can be achieved securely without sharing your private key. Instead, you should create a new user and manage their SSH keys to allow them secure access to the server.

              Here’s a detailed guide on how to achieve this:

              • Create a New User
              • Generate SSH Keys for the User
              • Copy the Public Key to the Server
              • Set Permissions and Ownership

              Regards

              Hi,while sftp the file to remote server it is not accepting ASCII keyword.is there any way to make it ?

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              SFTP, unlike traditional FTP, does not have a built-in ASCII mode for text file transfers. SFTP treats all files as binary and does not perform any automatic line-ending conversions between Unix/Linux and Windows systems.

              Some graphical SFTP clients like FileZilla offer options for automatic conversion of text files during transfers.

              • Go to: EditSettingsTransfersFile Types
              • Choose “Treat files without extension as ASCII” for automatic conversion.

              This option allows you to define specific file types (e.g., .txt, .html) that should be treated as ASCII, ensuring the correct line endings for different platforms.

              Regards

              how do ou get started?

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              You will need a droplet and a ssh terminal from your local machine or another droplet/server. From there you can follow the tutorial.

              Regards

              Usually readers get confused with SFTP and FTPS protocol. SFTP (SSH File Transfer Protocol/Secure File Transfer Protocol) and FTPS is FTP with SSL for security. Besides this, if you want to know how to configure VSFTPD FTPS with SSL/TLS on Ubuntu 18.04, check out this blog.

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              If anyone is interested in VSFTPD they can check this article:

              https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-for-a-user-s-directory-on-ubuntu-20-04

              Regards

              Thanks for this tutorial, very helpful!

              I always find you’re info reliable. Thanks a lot.

              when i use other port ,it always refused, port 6666: Connection refused Connection closed, i confirm the port 6666 is free, so i want to know what are the possible reasons for it. thank you very much.

              Awesome! I couldn’t get FileZilla to stop trying to use pubkey auth, this helped me work around it!

              alexdo
              Site Moderator
              Site Moderator badge
              July 31, 2024

              Heya,

              You can double check the Host Configuration Settings in FileZilla if you want to stop using PubKey authentication and also change other settings.

              Regards

              Great tutorial buddy. Really helpful The SFTP commands really working with my current web host Redserverhost .com Thanks again. Keep posting such articles. Have a great day

              Try DigitalOcean for free

              Click below to sign up and get $200 of credit to try our products over 60 days!

              Sign up

              Join the Tech Talk
              Success! Thank you! Please check your email for further details.

              Please complete your information!

              Become a contributor for community

              Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

              DigitalOcean Documentation

              Full documentation for every DigitalOcean product.

              Resources for startups and SMBs

              The Wave has everything you need to know about building a business, from raising funding to marketing your product.

              Get our newsletter

              Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

              New accounts only. By submitting your email you agree to our Privacy Policy

              The developer cloud

              Scale up as you grow — whether you're running one virtual machine or ten thousand.

              Get started for free

              Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

              *This promotional offer applies to new accounts only.