Skip to content
Connect

SFTP connection strings

Connect accepts SFTP endpoints in URI form. Combine these patterns with any CLI command (copy, move, sync, list, remove, etc.).

Base host

Section titled “Base host”
  • sftp://10.0.0.1 — Connect uses the current OS user for login.
  • sftp://10.0.0.1:2222 — specify a custom SSH port.

User and password

Section titled “User and password”
  • sftp://user1@10.0.0.1 — explicit username, password prompted or provided separately.
  • sftp://user1:Sup3rSecret@10.0.0.1 — inline password (wrap the URI in quotes to protect shell history and special characters).

Tip: avoid embedding passwords when possible. Use endpoint aliases (connect alias add) to store credentials securely.

Password encoding

Section titled “Password encoding”
  • URL-encode characters that are meaningful in URIs (@%40, :%3A, space → %20).
    Example: sftp://user:pa%40ss%3Aword@host/~/data.
  • When a password is present in the URI (or alias), Connect skips interactive password/passphrase prompts and uses the supplied secret directly.

SSH keys

Section titled “SSH keys”
  • sftp://user1@10.0.0.1 with --key ~/.ssh/id_ed25519 — both source and destination use the same private key.
  • sftp://user1@10.0.0.1 with --src-key ~/.ssh/src_key --dst-key ~/.ssh/dst_key — distinct keys for each side of a transfer.

Aliases can also hold key paths and passphrases. For example, an alias saved with connect alias add injects key material automatically when you reference @prod-sftp/... in commands.

Target folders

Section titled “Target folders”
  • sftp://user1@10.0.0.1/incoming/ — relative to the user’s home directory (e.g. /home/user1/incoming).
  • sftp://user1@10.0.0.1//var/logs/ — leading double slash forces an absolute path on the remote host (/var/logs).
  • sftp://user1@10.0.0.1/../archive/ — relative traversal allowed when the server supports it.
  • sftp://host/~/Reports/ — tilde paths are expanded to the remote user’s home directory; /~/ points to the home root.
  • Wildcards (*.csv) and regex (regex:^report_.*\\.zip$) operate server-side so you can target multiple files in one command.

Putting it together

Section titled “Putting it together”
Terminal window
$ connect copy --key ~/.ssh/id_ed25519 \
    report.csv \
    sftp://user1@10.0.0.1/var/finance/

This command copies report.csv using key-based authentication and writes it to /var/finance/ on the remote host.

Behind the scenes

Section titled “Behind the scenes”
  • Authentication order follows SSH best practices: agent → discovered keys (~/.ssh/id_*) → password → keyboard-interactive.
  • Host keys are stored in ~/.connect/known_hosts; the CLI prompts the first time it encounters an unknown host and validates subsequent connections.