Simple File Transfer Protocol
RFC 913

Document Type RFC - Historic (September 1984; No errata)
Last updated 2013-03-02
Stream Legacy
Formats plain text html pdf htmlized bibtex
Stream Legacy state (None)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state RFC 913 (Historic)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                     Mark K. Lottor
Request for Comments: 913                                            MIT
                                                          September 1984

                     Simple File Transfer Protocol

STATUS OF THIS MEMO

   This RFC suggests a proposed protocol for the ARPA-Internet
   community, and requests discussion and suggestions for improvements.
   Distribution of this memo is unlimited.

INTRODUCTION

   SFTP is a simple file transfer protocol.  It fills the need of people
   wanting a protocol that is more useful than TFTP but easier to
   implement (and less powerful) than FTP.  SFTP supports user access
   control, file transfers, directory listing, directory changing, file
   renaming and deleting.

   SFTP can be implemented with any reliable 8-bit byte stream oriented
   protocol, this document describes its TCP specification.  SFTP uses
   only one TCP connection; whereas TFTP implements a connection over
   UDP, and FTP uses two TCP connections (one using the TELNET
   protocol).

THE PROTOCOL

   SFTP is used by opening a TCP connection to the remote hosts' SFTP
   port (115 decimal).  You then send SFTP commands and wait for
   replies.  SFTP commands sent to the remote server are always 4 ASCII
   letters (of any case) followed by a space, the argument(s), and a
   <NULL>.  The argument can sometimes be null in which case the command
   is just 4 characters followed by <NULL>.  Replies from the server are
   always a response character followed immediately by an ASCII message
   string terminated by a <NULL>.  A reply can also be just a response
   character and a <NULL>.

      <command> : = <cmd> [<SPACE> <args>] <NULL>

      <cmd> : =  USER ! ACCT ! PASS ! TYPE ! LIST ! CDIR
                 KILL ! NAME ! DONE ! RETR ! STOR

      <response> : = <response-code> [<message>] <NULL>

      <response-code> : =  + | - |   | !

      <message> can contain <CRLF>

   Commands that can be sent to the server are listed below.  The server

Lottor                                                          [Page 1]



RFC 913                                                   September 1984
Simple File Transfer Protocol

   replies to each command with one of the possible response codes
   listed under each message.  Along with the response, the server
   should optionally return a message explaining the error in more
   detail.  Example message texts are listed but do not have to be
   followed.  All characters used in messages are ASCII 7-bit with the
   high-order bit zero, in an 8 bit field.

   The response codes and their meanings:

      +  Success.

      -  Error.

         An error occurred while processing your command.

         Number.

         The number-sign is followed immediately by ASCII digits
         representing a decimal number.

      !  Logged in.

         You have sent enough information to be able to log yourself in.
         This is also used to mean you have sent enough information to
         connect to a directory.

   To use SFTP you first open a connection to the remote SFTP server.
   The server replies by sending either a positive or negative greeting,
   such as:

      +MIT-XX SFTP Service

         (the first word should be the host name)

      -MIT-XX Out to Lunch

Lottor                                                          [Page 2]



RFC 913                                                   September 1984
Simple File Transfer Protocol

   If the server send back a '-' response it will also close the
   connection, otherwise you must now send a USER command.

      USER user-id

         Your userid on the remote system.

         The reply to this command will be one of:

            !<user-id> logged in

               Meaning you don't need an account or password or you
               specified a user-id not needing them.

            +User-id valid, send account and password

            -Invalid user-id, try again

         If the remote system does not have user-id's then you should
         send an identification such as your personal name or host name
         as the argument, and the remote system would reply with '+'.

      ACCT account

         The account you want to use (usually used for billing) on the
         remote system.

         Valid replies are:

            ! Account valid, logged-in

               Account was ok or not needed. Skip the password.

            +Account valid, send password

               Account ok or not needed. Send your password next.

            -Invalid account, try again

Lottor                                                          [Page 3]



RFC 913                                                   September 1984
Simple File Transfer Protocol

      PASS password

         Your password on the remote system.

         Valid replies are:

            ! Logged in

               Password is ok and you can begin file transfers.
Show full document text