SFTP Commands: A Complete Reference Guide

SFTP (SSH File Transfer Protocol) is the standard way to transfer files securely between your local machine and a remote server. Unlike FTP, which transmits data in plaintext, SFTP encrypts everything over an SSH connection. If your hosting provider gives you SSH access, SFTP comes with it automatically on port 22.

This guide covers every SFTP command you need for day-to-day file management – connecting, navigating, uploading, downloading, managing permissions, and more. Commands work the same on Linux and Mac. Windows differences are noted where they apply. For a deeper look at how the protocol works under the hood, see What is SFTP and how does it work.

SFTP vs FTP vs FTPS

Three protocols are commonly used for file transfers to servers. They sound similar but work very differently.

FTP (File Transfer Protocol) is the original. It was designed in 1971, before security was a practical concern on networks. FTP transmits everything in plaintext – your username, password, and every file you upload or download can be read by anyone who can observe the network traffic between you and the server. FTP also uses a separate data connection for each transfer, which means it needs a range of ports open on the firewall (typically 20 plus a high port range for passive mode). This makes it painful to configure behind firewalls and NAT.

FTP should not be used for anything. It is not a question of preference. Transmitting credentials in plaintext over the internet is a security failure. If your hosting provider only offers FTP, that tells you something about how they approach infrastructure security.

FTPS (FTP over TLS) adds a TLS encryption layer on top of FTP. It solves the plaintext problem – credentials and data are encrypted in transit. But it inherits FTP’s architectural issues: multiple ports, separate control and data connections, and passive mode configuration that often breaks behind firewalls. FTPS requires a certificate on the server side, and certificate validation adds another point of failure. It works, but it is more complex to configure and troubleshoot than it needs to be.

SFTP (SSH File Transfer Protocol) is not FTP with encryption added on top. It is a completely different protocol that runs over SSH. Everything – authentication, commands, and data – travels over a single encrypted connection on port 22. There are no passive mode issues, no port range configurations, and no separate data channel. If you can SSH into a server, SFTP works automatically with the same credentials on the same port. There is nothing additional to install, configure, or maintain.

SFTP also supports SSH key authentication, which is stronger than password authentication and eliminates the need to type or store passwords. Key-based authentication is covered in the connecting with an SSH key section below.

For WordPress hosting, SFTP is the standard. It is what you should use for any file transfer to your server.

Connecting to an SFTP server

Basic connection

sftp username@hostname

For example:

sftp john@example.com

You will be prompted for your password. On successful login you see the sftp prompt:

sftp>

Connecting on a non-standard port

SFTP uses port 22 by default. If your server uses a different port:

sftp -P 2222 username@hostname

Note the capital -P – lowercase -p is used for preserving file timestamps, not port.

Connecting with an SSH key

Password authentication works but SSH key authentication is more secure and more convenient – no password prompt. If you have an SSH key configured:

sftp -i ~/.ssh/id_rsa username@hostname

On Hostney, SSH key authentication is configured through the control panel under the SSH Keys section. Once your public key is added, all SSH and SFTP connections use it automatically. See the SSH keys guide for setup instructions.

Connecting with a verbose output for debugging

If a connection fails, verbose mode shows exactly what is happening:

sftp -v username@hostname

Disconnecting

exit

or

quit

or press Ctrl+D.

Navigating directories

SFTP maintains two working directories simultaneously – your local directory and the remote directory. Most navigation commands have both a local and remote version.

Remote navigation

Print remote working directory:

sftp> pwd
Remote working directory: /home/john

List remote directory contents:

sftp> ls

List with details (permissions, size, date):

sftp> ls -la

Change remote directory:

sftp> cd /var/www/html

Go up one directory:

sftp> cd ..

Local navigation

Print local working directory:

sftp> lpwd
Local working directory: /home/john/projects

List local directory contents:

sftp> lls

Change local directory:

sftp> lcd /home/john/uploads

Creating and removing remote directories

Create a remote directory:

sftp> mkdir backup

Remove a remote directory (must be empty):

sftp> rmdir old_backup

Uploading files (put)

Upload a single file

sftp> put localfile.txt

This uploads localfile.txt from your current local directory to your current remote directory.

Upload to a specific remote path:

sftp> put localfile.txt /var/www/html/localfile.txt

Upload and rename:

sftp> put localfile.txt remotefile.txt

Upload multiple files (mput)

Upload multiple files matching a pattern:

sftp> mput *.jpg

This uploads all .jpg files from your current local directory. You will be prompted to confirm each file unless you disable confirmation:

sftp> mput -r *.jpg

Upload a directory recursively

sftp> put -r localfolder

This uploads the entire localfolder directory and all its contents to the remote server. The -r flag means recursive.

Upload a directory to a specific remote path:

sftp> put -r localfolder /var/www/html/

Preserve file timestamps and permissions during upload

sftp> put -p localfile.txt

The -p flag preserves the original file modification time and permissions. Useful when you want the remote copy to match the local copy exactly.

Recursive upload with preserved attributes:

sftp> put -rp localfolder

SFTP upload folder example

To upload an entire local project folder to your web root:

sftp> lcd /home/john/myproject
sftp> cd /var/www/html
sftp> put -r .

The . uploads everything in the current local directory recursively to the current remote directory. This is a common approach when migrating a WordPress site to a new host.

Downloading files (get)

Download a single file

sftp> get remotefile.txt

Downloads remotefile.txt from the current remote directory to your current local directory.

Download to a specific local path:

sftp> get remotefile.txt /home/john/downloads/remotefile.txt

Download and rename:

sftp> get remotefile.txt localcopy.txt

Download multiple files (mget)

sftp> mget *.log

Downloads all .log files from the current remote directory to your current local directory.

Download a directory recursively

sftp> get -r remotefolder

Downloads the entire remotefolder directory and all its contents to your current local directory.

Download with preserved timestamps

sftp> get -p remotefile.txt

Download example: backing up WordPress uploads

sftp> cd /var/www/html/wp-content/uploads
sftp> lcd /home/john/backups
sftp> get -r .

This downloads the entire WordPress uploads directory to your local backups folder. For a more complete WordPress backup approach, see How to back up WordPress manually.

Managing files and permissions

Rename or move a remote file

sftp> rename oldname.txt newname.txt

This works for both renaming and moving – just provide a different path:

sftp> rename file.txt /backup/file.txt

Delete a remote file

sftp> rm remotefile.txt

There is no confirmation prompt and no recycle bin. Deleted files are gone immediately.

Delete multiple files matching a pattern:

sftp> rm *.tmp

Change remote file permissions (chmod)

sftp> chmod 644 file.txt

chmod common values for WordPress (see WooCommerce security: file permissions for why these matter):

Apply recursively to a directory:

sftp> chmod -R 755 wp-content

Change file ownership (chown)

sftp> chown 1000 file.txt

Note: chown requires knowing the numeric user ID. On most Linux systems you can find your UID by running id in a regular SSH session. Most shared hosting environments restrict chown to prevent privilege escalation.

View file details

sftp> ls -la remotefile.txt

Shows permissions, owner, size, and modification date for a specific file.

Useful flags and options

Resume interrupted transfers

SFTP does not have a native resume flag, but you can use the -a flag with get to append to an existing partial download:

sftp> get -a largefile.zip

This is useful for large file transfers that were interrupted. SFTP is also the recommended way to upload very large files that exceed your web server’s HTTP upload limit – see 413 Request Entity Too Large in Nginx for details.

Limit transfer speed

To avoid saturating your connection during large transfers:

sftp -l 1000 username@hostname

The -l flag sets a bandwidth limit in Kbits/second. 1000 = approximately 125 KB/s.

Batch mode for scripting

To run SFTP non-interactively in scripts, pipe commands via stdin:

sftp -b - username@hostname << EOF
cd /var/www/html
put localfile.txt
exit
EOF

Or save commands to a file and pass it with -b :

# Create commands file
echo "put localfile.txt" > sftp_commands.txt
echo "exit" >> sftp_commands.txt

# Run batch
sftp -b sftp_commands.txt username@hostname

Batch mode requires SSH key authentication – it will not work with password prompts.

Compress transfers

sftp -C username@hostname

The -C flag enables SSH compression, which can speed up transfers of text files and uncompressed data. Less effective for already-compressed files like ZIP archives or JPEGs.

SFTP on Windows

Windows 10 and 11 include a built-in OpenSSH client, so the command line SFTP commands above work in PowerShell and Command Prompt without installing anything.

Open PowerShell or Command Prompt and connect:

sftp username@hostname

All commands covered in this guide work identically in Windows PowerShell.

Checking if OpenSSH is installed on Windows

Open PowerShell and run:

Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'

If OpenSSH.Client shows as “NotPresent”, install it:

Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

GUI SFTP clients for Windows

If you prefer a graphical interface over the command line, several free SFTP clients are available:

• WinSCP – the most popular Windows SFTP client, supports drag-and-drop transfers
• FileZilla – cross-platform, supports SFTP alongside FTP and FTPS
• Cyberduck – available for Windows and Mac, clean interface

These clients use the same underlying SFTP protocol and connect with the same credentials. The command line is more efficient for scripting and bulk operations; GUI clients are more convenient for one-off file management.

SFTP on Mac

Mac includes OpenSSH by default. All commands in this guide work in Terminal without any additional installation.

Open Terminal (Applications > Utilities > Terminal) and connect:

sftp username@hostname

Common errors and fixes

Connection refused

ssh: connect to host example.com port 22: Connection refused

Port 22 is blocked or the SSH service is not running. Check that your hosting provider has SSH enabled for your account and that your IP is not blocked by a firewall.

Permission denied

Permission denied (publickey,password)

Either the wrong password, or SSH key authentication is required but no key is configured. Check your credentials or set up SSH key authentication. On Hostney, SSH access and key configuration is managed through the control panel under Terminal Access.

No such file or directory

Couldn't get handle: No such file or directory

The remote path you specified does not exist. Use ls and pwd to confirm your current remote directory before running get or put.

Upload permission denied

Couldn't open file for writing: Permission denied

The remote directory does not allow your user to write to it. Check directory permissions with ls -la and ensure the target directory is owned by your user or is world-writable (though world-writable directories are a security risk on production servers).

When to use SFTP vs SSH

SFTP and SSH use the same connection and the same credentials, but they serve different purposes.

Use SFTP when you need to move files between your local machine and the server. Uploading a WordPress theme you downloaded to your laptop. Downloading a database export to your local machine. Transferring a folder of images from your desktop to the uploads directory. Any time files need to cross from local to remote (or remote to local), SFTP is the tool.

Use SSH when you need to work directly on the server. Running WP-CLI commands. Editing a configuration file with nano or vim. Checking disk usage. Restarting PHP-FPM. Tailing error logs. Anything where you need a shell on the remote machine.

Use SSH for server-to-server transfers. If you need to move files between two remote servers, SSH into the source and use scp or rsync to transfer directly to the destination. This avoids downloading to your local machine and re-uploading, which is slower and wasteful. The WordPress migration guide covers this approach in detail.

Use SSH for bulk permission fixes. While SFTP supports chmod , it does not support find with -exec , chown -R on most servers, or any compound command. If you need to recursively fix permissions across an entire WordPress installation, SSH and a one-liner like find /path -type d -exec chmod 755 {} \; is far more practical than changing directories one at a time in SFTP.

In practice, many developers keep an SSH session and an SFTP session open to the same server simultaneously – SSH for running commands, SFTP for dragging files back and forth.

SFTP access on Hostney

On Hostney, every account gets SFTP access through the same SSH connection used for terminal access. Your SFTP credentials are the same as your SSH credentials. Each account runs in its own isolated container – your SFTP session is confined to your own files and cannot access other accounts on the same server. See How Hostney isolates websites with containers for details on the container architecture.

Connect using:

• Host: your server hostname from the control panel
• Port: your assigned SSH port (shown in the control panel under Terminal Access)
• Username: your account username
• Authentication: SSH key (recommended) or password

Your SFTP session starts in your account’s home directory, which contains your website files.

Summary of essential SFTP commands