How to Use SFTP to Secure File Transfer with a Remote Server

In this article, you can learn about – how to setup SFTP (Secured File Transfer Protocol) which will help us to transfer the files from local machine to remote server secure. FTP (File Transfer protocol) is a very popular method used to transfer files from one machine to another or from remote servers.

SFTP stands for Secure File Transfer protocol, is a separate protocol, which uses SSH to secure the connection and makes the file transfer which traverses the file system on both remote server & local machine.

How to Connect using SFTP

SFTP uses the SSH protocol to connect and establish a secure connection to authenticate. Although passwords are very easy to use and set the default, we recommend to create SSH keys and copy the public key to any system that needed to access. This not only secures the connection, but also helps to save some time in long runs.

Before we go further in using SFTP we needed to set up ssh access to remote machines without using any password.

Creating SSH Keys

# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
71:de:c6:b4:c4:8b:31:70:5f:bd:96:60:56:8e:74:b9 root@centos
The key's randomart image is:
+--[ RSA 2048]----+
|         . . .o+.|
|         o o.=+..|
|        . + B...+|
|         + O o E |
|         S o * . |
|               . |
|                 |
|                 |
|                 |
+-----------------+
For security the key itself is a protected using a strong passphrase, if a passphrase is used to protect their key,
the SSH-agent can be used to cache the passphrase.

Now we needed to copy the ssh-key to the remote host

# ssh-copy-id root@192.168.1.89
root@192.168.1.89's password:
Now try logging into the machine, with "ssh 'root@192.168.1.89'", and check in:
.ssh/authorized_keys
To make sure we haven't added extra keys that you weren't expecting.

To test the connection, please login to the remote server using ssh

# ssh root@192.168.1.89
Last login: Fri Apr 15 15:18:42 2016 from 192.168.1.125

Then exit from the server and connect to the server using SFTP

# sftp root@192.168.1.89
Connecting to 192.168.1.89...
sftp>

Then the prompt changes from # to sftp>

Simple Commands to Know the Environment

To know the present working directory on remote server

sftp>pwd
Remote working directory: /root

List the files and folders on the remote server

sftp>ls
Desktop               Documents
Downloads             Music
Pictures              Public
Templates             Videos

To print the local machine working directory

sftp> lpwd
Local working directory: /root

To list the local machine files

Transferring Remote Files to Local Machine

Syntax

sftp> get <remote file >

Usage:

sftp> get pdfflyer.sql
Fetching /root/pdfflyer.sql to pdfflyer.sql
/root/pdfflyer.sql 100% 1765KB 1.7MB/s 00:01

This will copy the remote file to the local machine in the present working directory

sftp> get <remotefile> <localfile>

This will copy the remote file to the present working directory with rename to different name which we specified in the command <local file>

sftp>get -r <Directory>

To copy a directory recursively with all the files and folders in the <Directory> we can use ‘-r’ option

Transfer Local files to Remote Machine

General Syntax:
sftp> put <localfile>
Usage:
sftp> put svn_backup.sh
Uploading svn_backup.sh to /root/svn_backup.sh
svn_backup.sh 100% 489 0.5KB/s 00:00
sftp>

Copy the local files recursively to the remote server we can use ‘-r’ option.

sftp> put -r <Local directory>

Simple File Manipulations with SFTP

SFTP allows you to perform all types of basic file maintenance that are useful when working with the file system. We can get the files from remote machine and see the files in local machine by simply adding ! In front of a command.

sftp> get /etc/passwd
sftp> !less passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
......

To list the local groups we can run the command by adding ! At the beginning.

sftp>!less /etc/group
root:x:0:
bin:x:1:bin,daemon
daemon:x:2:bin,daemon
sys:x:3:bin,adm
adm:x:4:adm,daemon
tty:x:5:
disk:x:6:
lp:x:7:daemon
mem:x:8:
kmem:x:9:
wheel:x:10:
....

There is no command for manipulating a local file permissions, but you can set the local umask, so that any files copied to the local system will have the appropriate permissions.

That can be done with the “lumask” command:

sftp>lumask 022
Local umask: 022

SFTP allows you to create directories on both remote and local machines with “lmkdir” and “mkdir”.

sftp> bye

To exit from the SFTP session, use “exit” or “bye” to close the connection.

After this we know how to transfer the files from local machine to remote machine using SFTP, which is a simple tool but very powerful for transferring the files between the remote server and local machine.

karthikeya Boyini

I love programming (: That's all I know

Updated on: 20-Jan-2020

1K+ Views

Kickstart Your Career

Get certified by completing the course

Get Started