 |
Index for
Section 1 |
|
 |
Alphabetical
listing for S |
|
 |
Bottom of
page |
|
sftp2(1)
NAME
sftp2, sftp - Secure Shell client remote copy application
SYNOPSIS
sftp2 [-D debug_level_spec] [-b batchfile] [-S path] [-h] [-V] [user@] host
[port #]
OPTIONS
-D debug_level_spec
Prints debug information to stderr. The debug_level_spec argument can
be a number between 0 and 99, where 99 specifies that all debug
information should be displayed, or a comma-separated list of
assignments; for example, ModulePattern=debug_level where ModulePattern
is sftp2 for the main sftp2 application.
-b batchfile
Reads commands from a file instead of standard input. Because this mode
is intended for scripts or cron jobs, the sftp2 command will not try to
interact with the user, which means that only the passwordless
authentication methods will work. In batch mode, a failure to change
the current working directory will cause the sftp2 command to abort.
Other errors are ignored.
-S path
Specifies the path to the ssh2 binary.
-h Displays help.
-V Displays the Secure Shell version number.
OPERANDS
user
Specifies the user name to use when connecting (optional).
host
Specifies the system to connect to.
port
Specifies the port on the system to connect to (optional).
DESCRIPTION
The sftp2 command creates a secure connection between a Secure Shell client
and server to copy files. The sftp2 command is intended as a secure
replacement for the ftp command. A secure connection provides client and
server authentication, user authentication, data encryption, data
integrity, and nonrepudiation.
After the client's, server's, and user's identity has been proven, the
Secure Shell server executes the command. All communication with the
remote command or shell will be automatically encrypted and checked for
integrity. The session terminates when the command completes.
A Secure Shell client and server use public host keys to authenticate each
other. When a client connect to a server for the first time, the user is
prompted to accept a copy of the server's public host key. If the user
accepts the key, a copy of the server's public host key is copied to the
user's hostkeys directory on the client. The client uses this public host
key to authenticate the server on subsequent connects. A Secure Shell
server authenticates a user by using password authentication, host-based
authentication, or public key authentication.
You can also use the Secure Shell scp2 command to create a secure network
connection between a Secure Shell client and server to copy files.
See Security Administration for more information about Secure Shell clients
and servers and Secure Shell authentication.
COMMANDS
When the sftp2 command is ready to accept commands, it will display a
prompt:
sftp>
The user can then enter any of the following commands:
open hostname
Tries to connect to a system specified in hostname.
localopen
Opens a local connection. The connection is created without connecting
to an sshd2 daemon. This is intended for debugging and testing.
close
Closes the current session.
quit
Quits the application.
cd directory
Changes the current remote working directory.
lcd directory
Changes the current local working directory.
pwd Displays the name of the current remote working directory.
lpwd
Displays the name of the current local working directory.
ls [-R ] [ -l ] [ file ... ]
Lists the names of the files on the remote system. For directories, the
contents of the directory are listed. When the -R option is specified,
the directory trees are listed recursively. (By default, the
subdirectories of the argument directories are not visited.) When the
-l option is specified, permissions, owners, sizes, and modification
times are also shown. When no arguments are given, it is assumed that
the contents of the current directory are being listed. Currently the
options -R and -l are mutually incompatible.
lls [-R ] [ -l ] [ file ... ]
Same as the ls command, but operates on local files.
get [file ... ]
Transfers the specified files from the remote system to the local
system. Directories are recursively copied with their contents.
mget [file ... ]
Synonymous to the get command.
put [file ... ]
Transfers the specified files from the local system to the remote
system. Directories are recursively copied with their contents.
mput [file ... ]
Synonymous to the put command.
rename source target
Renames the file source to target.
lrename source target
Same as the rename command, but operates on local files.
rm file
Deletes the file specified in file.
lrm file
Same as the rm command, but operates on local files.
mkdir directory
Creates the directory specified in directory.
lmkdir directory
Same as the mkdir command, but operates on local files.
rmdir directory
Deletes the directory specified in directory.
lrmdir directory
Same as the rmdir command, but operates on local files.
help [ topic ]
If topic is not given, lists the available topics. If topic is given,
displays the online help for that topic.
COMMAND INTERPRETATION
The sftp2 command understands both backslashes and quotation marks on the
command line. A backslash preceding a character can be used to ignore the
character in the command-line interpretation. Quotation marks can be used
for specifying file names with spaces.
The ls, lls, get, and put commands support globbing patterns (wildcards).
See sshregex(5) for more information about globbing patterns.
The command-line processing and globbing use the backslash ( \ ) as an
escape character. If you want to use a backslash to escape the
metacharacters in the globbing, you have to precede the backslash with
another backslash ( \\ ) to escape its special meaning in the command-line
processing.
The get . command or the put . command will get or put every file in the
current directory and will overwrite files with the same file name.
COMMAND-LINE EDITING
The following key sequences can be used for command-line editing:
Ctrl-Space
Set the mark.
Ctrl-A
Go to the beginning of the line.
Ctrl-B
Move the cursor one character to the left.
Ctrl-D
Erase the character on the right of the cursor, or exit the program if
the command line is empty.
Ctrl-E
Go to the end of the line.
Ctrl-F
Move the cursor one character to the right.
Ctrl-H
Backspace.
Ctrl-I
Tab.
Ctrl-J or Ctrl-M
Enter.
Ctrl-K
Delete to the end of the line.
Ctrl-L
Redraw the line.
Ctrl-N
Move to the next line.
Ctrl-P
Move to the previous line.
Ctrl-T
Toggle two characters.
Ctrl-U
Delete the line.
Ctrl-W
Delete a region. The region's end is marked with Ctrl-Space.
Ctrl-X
Begin an extended command.
Ctrl-Y
Yank the deleted line.
Ctrl-_ or Ctrl-X U
Undo.
Ctrl-X Ctrl-L
Lowercase the region.
Ctrl-X Ctrl-U
Uppercase the region.
Ctrl-X Ctrl-X
Exchange the cursor and the mark.
Ctrl-X H
Mark the whole buffer.
Esc Ctrl-H or Esc Delete
Backwards word-delete.
Esc Space or Esc
Delete extra spaces (leaves only one space).
Esc <
Go to the beginning of the line.
Esc >
Go to the end of the line.
Esc @
Mark the current word.
Esc A
Go one sentence backwards.
Esc B
Go one word backwards.
Esc C
Capitalize the current word.
Esc D
Delete the current word.
Esc E
Go one sentence forwards.
Esc F
Go one word forwards.
Esc K
Delete the current sentence.
Esc L
Lowercase the current word.
Esc T
Transpose words.
Esc U
Uppercase the current word.
Delete
Backspace.
FILES
/etc/ssh2/ssh2_config
Specifies Secure Shell client configuration information.
/etc/ssh2/sshd2_config
Specifies Secure Shell server configuration information.
$HOME/.ssh2/identification
Contains information on how the user will be authenticated when
contacting a specific host. The identification file has the same
general syntax as the configuration files. The following keywords can
be used:
IdKey This is followed by the file name of a private key in the
$HOME/.ssh2 directory used for identification when contacting a
host. If there is more than one IdKey, they are tried in the
order that they appear in the identification file.
PgpSecretKeyFile
This is followed by the file name of the user's OpenPGP private
keyring in the $HOME/.ssh2 directory. The OpenPGP keys listed
after this line are expected to be found from this file. The
keys identified with IdPgpKey*-keywords are used like ones
identified with IdKey-keyword.
IdPgpKeyName
This is followed by the OpenPGP key name of the key in the
PgpSecretKeyFile file.
IdPgpKeyFingerprint
This is followed by the OpenPGP key fingerprint of the key in
the PgpSecretKeyFile file.
IdPgpKeyId
This is followed by the OpenPGP key ID of the key in the
PgpSecretKeyFile file.
$HOME/.ssh2/authorization
Contains information on how the server will verify the identity of an
user. The authorization file has the same general syntax as the
configuration files. The following keywords can be used:
Key This is followed by the file name of a public key in the
$HOME/.ssh2 directory used for identification when contacting
the host. More than one key is acceptable for login.
PgpPublicKeyFile
This is followed by the file name of the user's OpenPGP public
keyring in the $HOME/.ssh2directory. OpenPGP keys listed after
this line are expected to be found from this file. Keys
identified with PgpKey*-keywords are used like ones identified
with Key-keyword.
PgpKeyName
This is followed by the OpenPGP key name.
PgpKeyFingerprint
This is followed by the OpenPGP key fingerprint.
PgpKeyId
This is followed by the OpenPGP key ID.
Command This keyword, if used, must follow the Key or PgpKey* keyword.
This is used to specify a forced command that will be executed
on the server when the user is authenticated. The command
supplied by the user (if any) is put in the environment
variable SSH2_ORIGINAL_COMMAND.
The command is run on a pseudoterminal if the connection
requests a pseudoterminal; otherwise it is run without a
terminal.
This keyword might be useful for restricting certain public
keys to perform a specific operation. For example, a key that
permits remote backups but nothing else.
A client can specify TCP/IP and/or X11 forwardings, unless they
are explicitly prohibited.
$HOME/.ssh2/hostkeys/key_xxxx_yyyy.pub
They files are the public keys of the hosts to which you connect. These
are updated automatically, unless you have set the
StrictHostKeyChecking parameter to yes in the ssh2_config file. If a
host's key changes, you should put the key here only if you are sure
that the new key is valid; for example that there was no man-in-the-
middle attack. The xxxx is the port on the server, where the sshd2
deamon runs, and the yyyy is the host (specified on the command line).
/etc/ssh2/hostkeys/key_xxxx_yyyy.pub
If a host key is not found from the user's $HOME/.ssh2/hostkeys
directory, this is the next location to be checked. These files have to
be updated manually; no files are put here automatically.
$HOME/.rhosts and $HOME/.shosts
Contains a list of remote users who are not required to supply a
password when they use Secure Shell host-based authentication with the
ssh2 command.
/etc/hosts.equiv
Contains the names of remote hosts and users that are equivalent to the
local host or user. An equivalent host or user is allowed to use the
ssh2 command with Secure Shell host-based authentication without
supplying a password.
$HOME/.ssh2/knownhosts/xxxxyyyy.pub
Contains the public host keys of hosts that users need to log in to
when using host based authentication.
The xxxx is the fully qualified domain name (FQDN) and yyyy is the
public key algorithm. Public key algorithms are ssh-dss and ssh-rsa.
For example, if the FQDN for a host is server1.foo.fi and it has a key
algorithm of ssh-dss, the host key would be server1.foo.fi.ssh-dss.pub
in the knownhosts directory.
A user must add the host name to a $HOME/.shosts file or an
$HOME/.rhosts file.
/etc/ssh2/knownhosts/xxxxyyyy.pub
Same as the $HOME/.ssh2/knownhosts/xxxxyyyy.pub file, but system-wide.
This file is overridden if the user puts a file with the same name in
the $HOME/.ssh2/knownhosts directory.
LEGAL NOTICES
SSH is a registered trademark of SSH Communication Security Ltd.
SEE ALSO
Commands: ftp(1), scp2(1), ssh2(1)
Files: hosts.equiv(4), rhosts(4), shosts(4), ssh2_config(4),
sshd2_config(4)
Guides: Security Administration
|
Index for
Section 1 |
|
|
Alphabetical
listing for S |
|
 |
Top of
page |
|