SFTP Commands: A Complete Reference Guide

SFTP (SSH File Transfer Protocol) is the standard way to transfer files securely between your local machine and a remote server. Unlike FTP, which transmits data in plaintext, SFTP encrypts everything over an SSH connection. If your hosting provider gives you SSH access, SFTP comes with it automatically on port 22. For copying files locally on the server itself, use cp instead.

This guide covers every SFTP command you need for day-to-day file management – connecting, navigating, uploading, downloading, managing permissions, and more. Commands work the same on Linux and Mac. Windows differences are noted where they apply. For a deeper look at how the protocol works under the hood, see What is SFTP and how does it work.

SFTP vs FTP vs FTPS#

Three protocols are commonly used for file transfers to servers. They sound similar but work very differently.

FTP (File Transfer Protocol) is the original. It was designed in 1971, before security was a practical concern on networks. FTP transmits everything in plaintext – your username, password, and every file you upload or download can be read by anyone who can observe the network traffic between you and the server. FTP also uses a separate data connection for each transfer, which means it needs a range of ports open on the firewall (typically port 21 plus a high port range for passive mode). This makes it painful to configure behind firewalls and NAT.

FTP should not be used for anything. It is not a question of preference. Transmitting credentials in plaintext over the internet is a security failure. If your hosting provider only offers FTP, that tells you something about how they approach infrastructure security.

FTPS (FTP over TLS) adds a TLS encryption layer on top of FTP. It solves the plaintext problem – credentials and data are encrypted in transit. But it inherits FTP’s architectural issues: multiple ports, separate control and data connections, and passive mode configuration that often breaks behind firewalls. FTPS requires a certificate on the server side, and certificate validation adds another point of failure. It works, but it is more complex to configure and troubleshoot than it needs to be.

SFTP (SSH File Transfer Protocol) is not FTP with encryption added on top. It is a completely different protocol that runs over SSH. Everything – authentication, commands, and data – travels over a single encrypted connection on port 22. There are no passive mode issues, no port range configurations, and no separate data channel. If you can SSH into a server, SFTP works automatically with the same credentials on the same port. There is nothing additional to install, configure, or maintain.

SFTP also supports SSH key authentication, which is stronger than password authentication and eliminates the need to type or store passwords. Key-based authentication is covered in the connecting with an SSH key section below.

For WordPress hosting, SFTP is the standard. It is what you should use for any file transfer to your server. For a full breakdown of when each protocol applies, see SFTP vs FTP vs FTPS: which should you use. For the WordPress angle – which directories matter, when SFTP is necessary versus when the control panel file manager is enough – see how to access WordPress files via FTP.

Connecting to an SFTP server#

Basic connection#

sftp username@hostname

For example:

sftp john@example.com

You will be prompted for your password. On successful login you see the sftp prompt:

sftp>

Connecting on a non-standard port#

SFTP uses port 22 by default. If your server uses a different port:

sftp -P 2222 username@hostname

Note the capital -P – lowercase -p is used for preserving file timestamps, not port. For more on SSH port numbers and how to configure them, see What port does SSH use.

Connecting with an SSH key#

Password authentication works but SSH key authentication is more secure and more convenient – no password prompt. If you have an SSH key configured:

sftp -i ~/.ssh/id_rsa username@hostname

On Hostney, SSH key authentication is configured through the control panel under the SSH Keys section. Once your public key is added, all SSH and SFTP connections use it automatically. See the SSH keys guide for setup instructions.

Connecting with a verbose output for debugging#

If a connection fails, verbose mode shows exactly what is happening:

sftp -v username@hostname

Disconnecting#

exit

or

quit

or press Ctrl+D.

Navigating directories#

SFTP maintains two working directories simultaneously – your local directory and the remote directory. Most navigation commands have both a local and remote version.

Remote navigation#

Print remote working directory:

sftp> pwd
Remote working directory: /home/john

List remote directory contents:

sftp> ls

List with details (permissions, size, date):

sftp> ls -la

Change remote directory:

sftp> cd /var/www/html

Go up one directory:

sftp> cd ..

Local navigation#

Print local working directory:

sftp> lpwd
Local working directory: /home/john/projects

List local directory contents:

sftp> lls

Change local directory:

sftp> lcd /home/john/uploads

Creating and removing remote directories#

Create a remote directory:

sftp> mkdir backup

Remove a remote directory (must be empty):

sftp> rmdir old_backup

Uploading files (put)#

Upload a single file#

sftp> put localfile.txt

This uploads localfile.txt from your current local directory to your current remote directory.

Upload to a specific remote path:

sftp> put localfile.txt /var/www/html/localfile.txt

Upload and rename:

sftp> put localfile.txt remotefile.txt

Upload multiple files (mput)#

Upload multiple files matching a pattern:

sftp> mput *.jpg

This uploads all .jpg files from your current local directory. You will be prompted to confirm each file unless you disable confirmation:

sftp> mput -r *.jpg

Upload a directory recursively#

sftp> put -r localfolder

This uploads the entire localfolder directory and all its contents to the remote server. The -r flag means recursive.

Upload a directory to a specific remote path:

sftp> put -r localfolder /var/www/html/

Preserve file timestamps and permissions during upload#

sftp> put -p localfile.txt

The -p flag preserves the original file modification time and permissions. Useful when you want the remote copy to match the local copy exactly.

Recursive upload with preserved attributes:

sftp> put -rp localfolder

SFTP upload folder example#

To upload an entire local project folder to your web root:

sftp> lcd /home/john/myproject
sftp> cd /var/www/html
sftp> put -r .

The . uploads everything in the current local directory recursively to the current remote directory. This is a common approach when migrating a WordPress site to a new host.

Downloading files (get)#

Download a single file#

sftp> get remotefile.txt

Downloads remotefile.txt from the current remote directory to your current local directory.

Download to a specific local path:

sftp> get remotefile.txt /home/john/downloads/remotefile.txt

Download and rename:

sftp> get remotefile.txt localcopy.txt

Download multiple files (mget)#

sftp> mget *.log

Downloads all .log files from the current remote directory to your current local directory.

Download a directory recursively#

sftp> get -r remotefolder

Downloads the entire remotefolder directory and all its contents to your current local directory.

Download with preserved timestamps#

sftp> get -p remotefile.txt

Download example: backing up WordPress uploads#

sftp> cd /var/www/html/wp-content/uploads
sftp> lcd /home/john/backups
sftp> get -r .

This downloads the entire WordPress uploads directory to your local backups folder. For a more complete WordPress backup approach, see How to back up WordPress manually.

Managing files and permissions#

Rename or move a remote file#

sftp> rename oldname.txt newname.txt

This works for both renaming and moving – just provide a different path:

sftp> rename file.txt /backup/file.txt

Delete a remote file#

sftp> rm remotefile.txt

There is no confirmation prompt and no recycle bin. Deleted files are gone immediately.

Delete multiple files matching a pattern:

sftp> rm *.tmp

Change remote file permissions (chmod)#

sftp> chmod 644 file.txt

chmod common values for WordPress (see WooCommerce security: file permissions for why these matter):

Apply recursively to a directory:

sftp> chmod -R 755 wp-content

Change file ownership (chown)#

sftp> chown 1000 file.txt

Note: chown requires knowing the numeric user ID. On most Linux systems you can find your UID by running id in a regular SSH session. Most shared hosting environments restrict chown to prevent privilege escalation. For a full explanation of the numeric permission system and when to use which values, see Linux file permissions: chmod and chown explained.

View file details#

sftp> ls -la remotefile.txt

Shows permissions, owner, size, and modification date for a specific file.

Useful flags and options#

Resume interrupted transfers#

SFTP does not have a native resume flag, but you can use the -a flag with get to append to an existing partial download:

sftp> get -a largefile.zip

This is useful for large file transfers that were interrupted. SFTP is also the recommended way to upload very large files that exceed your web server’s HTTP upload limit – see 413 Request Entity Too Large in Nginx for details.

Limit transfer speed#

To avoid saturating your connection during large transfers:

sftp -l 1000 username@hostname

The -l flag sets a bandwidth limit in Kbits/second. 1000 = approximately 125 KB/s.

Batch mode for scripting#

To run SFTP non-interactively in scripts, pipe commands via stdin:

sftp -b - username@hostname << EOF
cd /var/www/html
put localfile.txt
exit
EOF

Or save commands to a file and pass it with -b :

# Create commands file
echo "put localfile.txt" > sftp_commands.txt
echo "exit" >> sftp_commands.txt

# Run batch
sftp -b sftp_commands.txt username@hostname

Batch mode requires SSH key authentication – it will not work with password prompts.

Compress transfers#

sftp -C username@hostname

The -C flag enables SSH compression, which can speed up transfers of text files and uncompressed data. Less effective for already-compressed files like ZIP archives or JPEGs. For transferring entire directories efficiently, consider creating a tar.gz archive on the server first and downloading the single file rather than transferring thousands of files individually.

SFTP on Windows#

Windows 10 and 11 include a built-in OpenSSH client, so the command line SFTP commands above work in PowerShell and Command Prompt without installing anything.

Open PowerShell or Command Prompt and connect:

sftp username@hostname

All commands covered in this guide work identically in Windows PowerShell.

Checking if OpenSSH is installed on Windows#

Open PowerShell and run:

Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'

If OpenSSH.Client shows as “NotPresent”, install it:

Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

GUI SFTP clients for Windows#

If you prefer a graphical interface over the command line, several free SFTP clients are available:

• WinSCP – the most popular Windows SFTP client, supports drag-and-drop transfers
• FileZilla – cross-platform, supports SFTP alongside FTP and FTPS
• Cyberduck – available for Windows and Mac, clean interface

These clients use the same underlying SFTP protocol and connect with the same credentials. The command line is more efficient for scripting and bulk operations; GUI clients are more convenient for one-off file management.

SFTP on Mac#

Mac includes OpenSSH by default. All commands in this guide work in Terminal without any additional installation.

Open Terminal (Applications > Utilities > Terminal) and connect:

sftp username@hostname

Common errors and fixes#

Connection refused#

ssh: connect to host example.com port 22: Connection refused

Port 22 is blocked or the SSH service is not running. Check that your hosting provider has SSH enabled for your account and that your IP is not blocked by a firewall. For a full troubleshooting guide, see SSH connection refused: what it means and how to fix it.

Permission denied#

Permission denied (publickey,password)

Either the wrong password, or SSH key authentication is required but no key is configured. Check your credentials or set up SSH key authentication. On Hostney, SSH access and key configuration is managed through the control panel under Terminal Access.

No such file or directory#

Couldn't get handle: No such file or directory

The remote path you specified does not exist. Use ls and pwd to confirm your current remote directory before running get or put.

Upload permission denied#

Couldn't open file for writing: Permission denied

The remote directory does not allow your user to write to it. Check directory permissions with ls -la and ensure the target directory is owned by your user or is world-writable (though world-writable directories are a security risk on production servers).

When to use SFTP vs SSH#

SFTP and SSH use the same connection and the same credentials, but they serve different purposes.

Use SFTP when you need to move files between your local machine and the server. Uploading a WordPress theme you downloaded to your laptop. Downloading a database export to your local machine. Transferring a folder of images from your desktop to the uploads directory. Any time files need to cross from local to remote (or remote to local), SFTP is the tool.

Use SSH when you need to work directly on the server. Running WP-CLI commands. Editing a configuration file with nano or vim. Checking disk usage. Restarting PHP-FPM. Tailing error logs. Anything where you need a shell on the remote machine. You can also run commands over SSH without opening an interactive session – useful for quick checks and scripting.

Use SSH for server-to-server transfers. If you need to move files between two remote servers, SSH into the source and use scp or rsync to transfer directly to the destination. This avoids downloading to your local machine and re-uploading, which is slower and wasteful. See How to transfer files over SSH using SCP for one-off copies, rsync commands for incremental sync, and the WordPress migration guide for how this applies to site migrations.

Use SSH for bulk permission fixes. While SFTP supports chmod , it does not support find with -exec , chown -R on most servers, or any compound command. If you need to recursively fix permissions across an entire WordPress installation, SSH and a one-liner like find /path -type d -exec chmod 755 {} \; is far more practical than changing directories one at a time in SFTP.

In practice, many developers keep an SSH session and an SFTP session open to the same server simultaneously – SSH for running commands, SFTP for dragging files back and forth.

File transfer on Hostney#

Hostney offers three file-transfer options per account: SFTP (covered by the commands above), FTPS for workflows that need the FTP family of protocols, and a browser-based file manager in the control panel. The file manager is the recommended default for one-off work because it skips client setup entirely; SFTP is the right tool when you want to script transfers or work from a terminal.

Each account runs in its own isolated environment, so a transfer session can only see your own files. See How Hostney isolates websites with containers for the architecture context.

Summary of essential SFTP commands#