unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (OSF1-V5.1-alpha)
Page:
Section:
Apropos / Subsearch:
optional field



sftp2(1)							     sftp2(1)



NAME

  sftp2, sftp -	Secure Shell file transfer client

SYNOPSIS

  sftp2	[-v] [-D debug_level_spec] [-B batchfile] [-S path] [-h] [-P port]
  [-b buffer_size] [-N max_requests] [-V] [-4] [-6] [-c	cipher]	[-m MAC] [-o
  ssh-option] [user@] host [port#]

OPTIONS

  -v  Displays information in verbose mode. This is equal to specifying	the
      -D 2 option.

  -D debug_level_spec
      Prints debug information to stderr. The debug_level_spec argument	can
      be a number between 0 and	99, where 99 specifies that all	debug infor-
      mation should be displayed, or a comma-separated list of assignments;
      for example, ModulePattern=debug_level where ModulePattern is sftp2 for
      the main sftp2 application.

  -B batchfile
      Reads commands from a file instead of standard input. Because this mode
      is intended for scripts or cron jobs, the	sftp2 command will not try to
      interact with the	user, which means that only authentication methods
      that do not use passwords	will work.  In batch mode, a failure to
      change the current working directory will	cause the sftp2	command	to
      abort. Other errors are ignored.

  -S path
      Specifies	the path to the	ssh2 binary.

  -h  Displays help.

  -P port
      Sets the port on the remote host.	 This option can also be specified in
      the configuration	file.

  -b buffer_size
      Defines the maximum buffer size for one request. The default is 32768
      bytes.

  -N max_requests
      Defines the maximum number of concurrent requests. The default is	10.

  -V  Displays the Secure Shell	version	number.

  -4  Instructs	ssh2 to	use IPv4.

  -6  Instructs	ssh2 to	use IPv6.

  -c cipher
      Selects the encryption algorithm.	 See ssh2(1) for more information.

  -m MAC
      Selects the Message Authentication Code (MAC) algorithm.	See ssh2(1)
      for more information.

  -o ssh-options
      Can be used to give options in the format	used in	the ssh2_config	file.
      This is useful for specifying options for	which there is no separate
      command-line flag.  The option has the same format as a line  in the
      configuration file.  Comment lines are not accepted.  Where applicable,
      egrep regex format is used.

OPERANDS

  When the sftp2 command is ready to accept operands, it will display the
  following prompt:

       sftp>>

  You can then enter any of the	following operands:

  open hostname
      Tries to connect to a system specified with hostname.

  open -l
      Tries to connect to a system specified with hostname.  The -l option
      opens the	remote end to the localhost without connecting to an sshd2
      daemon.

  lopen	hostname
      Tries to connect to a host specified with	hostname. The connection is
      created without connecting to an sshd2 daemon. This is intended for
      debugging	and testing.

  lopen	-l
      Tries to connect to a host specified with	hostname. The -l  option, the
      local end	is opened to the localhost without connecting to an sshd2
      daemon. This is intended for debugging and testing. The localopen	com-
      mand is a	synonym	for this operand.

  close
      Closes the current session.

  quit
      Quits the	application.

  cd directory
      Changes the current remote working directory.

  lcd directory
      Changes the current local	working	directory.

  pwd Displays the name	of the current remote working directory.

  lpwd
      Displays the name	of the current local working directory.

  ls [-R ] [ -l	] [ file ... ]
      Lists the	names of the files on the remote system. For directories, the
      contents of the directory	are listed. When the -R	option is specified,
      the directory trees are listed recursively. (By default, the subdirec-
      tories of	the argument directories are not visited.) When	the -l option
      is specified, permissions, owners, sizes,	and modification times are
      also shown. When no arguments are	given, the contents of	the current
      working directory	are listed.  The -R and	-l options are incompatible.

  lls [-R ] [ -l ] [ file ... ]
      Same as the ls command, but operates on local files.

  get [file ...	]
      Transfers	the specified files from the remote system to the local
      system. Directories are recursively copied with their contents.

  mget [file ... ]
      Synonymous to the	get command.

  put [file ...	]
      Transfers	the specified files from the local system to the remote	sys-
      tem. Directories are recursively copied with their contents.

  mput [file ... ]
      Synonymous to the	put command.

  rename source	target
      Renames the file source to target. If the	target already exists, the
      files are	left intact.

  lrename source target
      Same as the rename command, but operates on local	files.

  rm file
      Deletes the file specified in file.

  lrm file
      Same as the rm command, but operates on local files.

  mkdir	directory
      Creates the directory specified in directory.

  lmkdir directory
      Same as the mkdir	command, but operates on local files.

  rmdir	directory
      Deletes the directory specified in directory.

  lrmdir directory
      Same as the rmdir	command, but operates on local files.

  help [topic]
      If topic is not given, lists the available topics. If topic is given,
      displays the online help for that	topic.

  lsroots
      Dumps the	virtual	roots of the server (this is a VShell from VanDyke
      Software)	extension, and only usable against that. SSH Communications
      Security's Windows server	displays the file system roots in the unix
      style, and does not require this extension).

  ascii	 [-s] [-f] [<remote_nl_conv>] [<local_nl_conv>]
      With the exception of the	-s option, this	operand	sets the transfer
      mode to ascii (i.e., newlines will be converted according	to the con-
      ventions.	Available conventions are dos, unix or mac, using \r\n,	\n
      and \r as	newlines, respectively.	The -s option shows current newline
      conventions.  The	-f option favors this configuration over what the
      server specifies during  connection. (This option	is mainly for test-
      ing).

      The <remote_nl_conv> sets	the remote newline convention.	The
      <local_nl_conv> operates on the local side, but is not as	useful.	(The
      correct local newline convention is usually compiled in, so this is
      mainly for testing). You can set either of these to ask, which will
      cause sftp to prompt you for the newline convention when needed.

  binary
      Files will be transferred	unmodified.

  auto
      Files whose extension matches the	one set	with setext, will be
      transferred using	ascii mode. Other files	will be	transferred unmodi-
      fied.

  setext <extension> [<extension> ... ]
      Sets the file types that will be transferred in ascii mode if the
      transfer mode is auto. Standard zsh-fileglob regexs can be used for
      matching (only the file extension	is matched).

  getext
      Displays the extensions of files that will be transferred	using ascii
      (newline)	conversion in the auto transfer	mode.

DESCRIPTION

  The sftp2 command creates a secure connection	between	a Secure Shell client
  and a	server to transfer files over a	network. The sftp2 command is
  intended as a	secure replacement for the ftp command.	A secure connection
  provides client and server authentication, user authentication, data
  encryption, data integrity, and nonrepudiation.

  The sftp2 command uses ssh2 to secure	traffic.  Even though sftp works like
  ftp, it does not use the FTP daemon (ftpd or wu-ftpd)	for connections. In
  order	to connect using sftp2,	you need to confirm that sshd2 is running on
  the remote machine where you are connecting.	The sftp2 command uses a sub-
  system of sshd2 to transfer files securely.

  You can also use the scp2 command to create a	secure network connection
  between a Secure Shell client	and a server to	copy files.

  Command Interpretation


  The sftp2 command understands	both backslashes and quotation marks on	the
  command line.	A backslash preceding a	character can be used to ignore	the
  character in the command-line	interpretation.	Quotation marks	can be used
  for specifying file names with spaces.

  The ls, lls, get, and	put commands support globbing patterns (wildcards).
  See sshregex(5) for more information about globbing patterns.

  The command-line processing and globbing use the backslash ( \ ) as an
  escape character. If you want	to use a backslash to escape the metacharac-
  ters in the globbing,	you must precede the backslash with another backslash
  ( \\ ) to escape its special meaning in the command-line processing.

  The get . command or the put . command will get or put every file in the
  current directory and	will overwrite files with the same file	name.

  Command-line editing


  The following	key sequences can be used for command-line editing:

  Ctrl-Space
      Set the mark.

  Ctrl-A
      Go to the	beginning of the line.

  Ctrl-B
      Move the cursor one character to the left.

  Ctrl-D
      Erase the	character on the right of the cursor, or exit the program if
      the command line is empty.

  Ctrl-E
      Go to the	end of the line.

  Ctrl-F
      Move the cursor one character to the right.

  Ctrl-H
      Backspace.

  Ctrl-I
      Tab.

  Ctrl-J
      Enter.

  Ctrl-K
      Delete to	the end	of the line.

  Ctrl-L
      Redraw the line.

  Ctrl-M
      Enter.

  Ctrl-N
      Move to the next line.

  Ctrl-P
      Move to the previous line.

  Ctrl-T
      Toggle two characters.

  Ctrl-U
      Delete the line.

  Ctrl-W
      Delete a region. The region's end	is marked with Ctrl-Space.

  Ctrl-X
      Begin an extended	command.

  Ctrl-Y
      Yank the deleted line.

  Ctrl-_
      Undo.

  Ctrl-X Ctrl-L
      Lowercase	the region.

  Ctrl-X Ctrl-U
      Uppercase	the region.

  Ctrl-X Ctrl-X
      Exchange the cursor and the mark.

  Ctrl-X H
      Mark the whole buffer.

  Ctrl-X U
      Undo.

  Esc Ctrl-H
      Backwards	word-delete.

  Esc Delete
      Backwards	word-delete.

  Esc Space
      Delete extra spaces (leaves only one space).

  Esc <&lt;
      Go to the	beginning of the line.

  Esc >&gt;
      Go to the	end of the line.

  Esc @
      Mark the current word.

  Esc A
      Go one sentence backwards.

  Esc B
      Go one word backwards.

  Esc C
      Capitalize the current word.

  Esc D
      Delete the current word.

  Esc E
      Go one sentence forwards.

  Esc F
      Go one word forwards.

  Esc K
      Delete the current sentence.

  Esc L
      Lowercase	the current word.

  Esc T
      Transpose	words.

  Esc U
      Uppercase	the current word.

  Delete
      Backspace.

FILES

  /etc/ssh2/ssh2_config
      Specifies	Secure Shell client configuration information.

  /etc/ssh2/sshd2_config
      Specifies	Secure Shell server configuration information.

  $HOME/.ssh2/identification
      Contains information on how the user will	be authenticated when con-
      tacting a	specific host.	The identification file	has the	same general
      syntax as	the configuration files. The following keywords	can be used:

      IdKey   Followed by the file name	of a private key in the	$HOME/.ssh2
	      directory	used for identification	when contacting	a host.	If
	      there is more than one IdKey, they are tried in the order	that
	      they appear in the identification	file.

      PgpSecretKeyFile
	      Followed by the file name	of the user's OpenPGP private keyring
	      in the $HOME/.ssh2 directory.  The OpenPGP keys listed after
	      this line	are expected to	be found from this file. The keys
	      identified with IdPgpKey*-keywords are used like ones identi-
	      fied with	IdKey-keyword.

      IdPgpKeyName
	      Followed by the OpenPGP key name of the key in the PgpSecret-
	      KeyFile file.

      IdPgpKeyFingerprint
	      Followed by the OpenPGP key fingerprint of the key in the
	      PgpSecretKeyFile file.

      IdPgpKeyId
	      Followed by the OpenPGP key ID of	the key	in the PgpSecretKey-
	      File file.

  $HOME/.ssh2/authorization
      Contains information on how the server will verify the identity of an
      user.  The authorization file has	the same general syntax	as the confi-
      guration files.  The following keywords can be used:

      Key     Followed by the file name	of a public key	in the $HOME/.ssh2
	      directory	used for identification	when contacting	the host.
	      More than	one key	is acceptable for login.

      PgpPublicKeyFile
	      Followed by the file name	of the user's OpenPGP public keyring
	      in the $HOME/.ssh2directory.  OpenPGP keys listed	after this
	      line are expected	to be found from this file.  Keys identified
	      with PgpKey*-keywords are	used like ones identified with Key-
	      keyword.

      PgpKeyName
	      Followed by the OpenPGP key name.

      PgpKeyFingerprint
	      Followed by the OpenPGP key fingerprint.

      PgpKeyId
	      Followed by the OpenPGP key ID.

      Command Specifies	a forced command that will be executed on the server
	      when the user is authenticated.  If used,	it must	follow the
	      Key or PgpKey* keyword. The command supplied by the user is put
	      in the SSH2_ORIGINAL_COMMAND environment variable	.

	      The command is run on a pseudoterminal if	the connection
	      requests a pseudoterminal; otherwise it runs without a termi-
	      nal.

	      This keyword can be useful for restricting certain public	keys
	      to perform a specific operation, such as a key that permits
	      remote backups but nothing else.

	      A	client can specify TCP/IP and/or X11 forwardings, unless they
	      are explicitly prohibited.

  $HOME/.ssh2/hostkeys/key_xxxx_yyyy.pub
      These files are the public keys of the hosts to which you	connect. They
      are updated automatically, unless	you set	the StrictHostKeyChecking
      parameter	to yes in the ssh2_config file.	If a host's key	changes, you
      should put the key here only if you are sure that	the new	key is valid;
      for example, you are sure	there was no man-in-the-middle attack.	The
      xxxx is the port on the server, where the	sshd2 deamon runs, and the
      yyyy is the host (specified on the command line).

  /etc/ssh2/hostkeys/key_xxxx_yyyy.pub
      If a host	key is not found in the	user's $HOME/.ssh2/hostkeys direc-
      tory, this is the	next location to be checked. These files must be
      updated manually.

  $HOME/.rhosts	and $HOME/.shosts
      Contains a list of remote	users who are not required to supply a pass-
      word when	they use Secure	Shell host-based authentication	with the ssh2
      command.

  /etc/hosts.equiv
      Contains the names of remote hosts and users that	are equivalent to the
      local host or user. An equivalent	host or	user is	allowed	to use the
      ssh2 command with	Secure Shell host-based	authentication without sup-
      plying a password.

  $HOME/.ssh2/knownhosts/xxxxyyyy.pub
      Contains the public host keys of hosts that users	need to	log in to
      when using host based authentication.

      The xxxx is the fully qualified domain name (FQDN) and yyyy is the pub-
      lic key algorithm. Public	key algorithms are ssh-dss and ssh-rsa.	 For
      example, if the FQDN for a host is server1.foo.fi	and it has a key
      algorithm	of ssh-dss, the	host key would be server1.foo.fi.ssh-dss.pub
      in the knownhosts	directory.

      A	user must add the host name to a $HOME/.shosts file or an
      $HOME/.rhosts file.

  /etc/ssh2/knownhosts/xxxxyyyy.pub
      Same as the $HOME/.ssh2/knownhosts/xxxxyyyy.pub file, but	system-wide.
      This file	is overridden if the user puts a file with the same name in
      the $HOME/.ssh2/knownhosts directory.

LEGAL NOTICES

  SSH is a registered trademark	of SSH Communication Security Ltd.

SEE ALSO

  Commands: ftp(1), scp2(1), ssh2(1), ssh-add2(1), ssh-agent2(1), ssh-
  keygen2(1), sshd2(8)

  Files: hosts.equiv(4), rhosts(4), shosts(4), ssh2_config(4),
  sshd2_config(4)

  Others: sshregex(5)

  Guides: Security Administration