ftp
Interactive File Transfer Protocol client
By CMD Script Team · 4 min read · Last updated
ftp [OPTIONS] [HOST]Options
| Flag | Description |
|---|---|
-p | Use passive mode for data connections (helps traverse firewalls/NAT); the default in most modern clients |
-n | Disable auto-login on connect; you'll need to run 'user' manually inside the session |
-i | Turn off interactive prompting during multiple-file transfers (mget/mput) |
-v | Verbose: show all responses from the remote server |
-d | Enable debugging output, showing the full command/response exchange |
Distribution compatibility
- Ubuntu
- Debian
- Fedora
- Arch
- macOS
What it does
ftp is an interactive command-line client for the File Transfer Protocol, one of the
oldest protocols on the internet for moving files between hosts. After connecting, it
drops into its own command prompt (ftp>) supporting subcommands like get, put,
mget, mput, ls, cd, binary, and ascii. Critically, standard FTP is
unencrypted: credentials and file contents travel in plain text, which is why it has
been largely superseded by sftp and scp for anything beyond talking to legacy
systems or public anonymous file mirrors.
Beginner examples
ftp ftp.example.com— connect and get prompted for a username/passwordget filename.txt— inside a session, download a file from the serverput filename.txt— inside a session, upload a local file to the serverbyeorquit— close the connection and exit the ftp client
ftp ftp.example.com
Advanced examples
- Download several files at once without a confirmation prompt for each: connect with
ftp -i ftp.example.com, thenmget *.txt - Switch transfer mode explicitly before moving a binary file (images, archives,
executables) to avoid corruption from newline translation:
binarythenget archive.zip - Automate a routine transfer with a script (heredoc into ftp, understanding the
security caveat below):
ftp -inv ftp.example.com <<'EOF' user anonymous anonymous@example.com cd pub get readme.txt bye EOF - Use anonymous FTP to grab a publicly mirrored file:
ftp ftp.gnu.orgthen login asanonymouswith any email as the password.
ftp -i ftp.example.com
Common mistakes
- Using
ftpto transfer anything containing real credentials or sensitive data over an untrusted network — the protocol has no encryption at all, unlike its name-alikesftp. - Forgetting to switch to
binarymode before transferring non-text files; ASCII mode (the default in some clients) can silently corrupt binaries by translating line endings. - Confusing
ftpwithsftp/scpwhen reading a script or runbook — they look similar in command names (get,put) but are fundamentally different protocols with different security properties. - Getting stuck behind a firewall/NAT in active mode without realizing passive mode
(usually the default now, or toggled with
passiveinside the session) resolves the connection issue.
Tips
- Always confirm whether you actually need
ftpor whethersftp/scp/rsync -e sshwould work instead — in most modern environments, they do and are strictly more secure. - Use
mget/mputwith wildcards for batch transfers, and-ion the command line (orpromptinside the session) to toggle off per-file confirmation. - If a transfer is stalling or failing, try toggling
passivemode inside the session — it resolves the majority of firewall/NAT-related FTP connection issues.
Best practices
- Treat plain
ftpas legacy-only: reserve it for talking to systems that genuinely don't support anything better, and migrate anything under your control tosftporscp. - Never script plaintext credentials into an automated
ftpsession in a shared or version-controlled file — if automation is unavoidable, prefercurl/lftpwith credentials sourced from a secrets manager, or better, switch the target system to SFTP. - When anonymous FTP is genuinely appropriate (public mirrors, open datasets), it's reasonably safe for downloads since there's no real credential to leak — but never use it to upload or transmit anything sensitive.
Try it yourself
A simulated shell with a sample home directory — experiment freely, nothing leaves your browser. Type help to list supported commands.
Real-world use cases
- Pulling installation files or ISOs from long-standing public anonymous FTP mirrors (many open-source projects and Linux distributions still host these).
- Interacting with legacy industrial, embedded, or vendor-supplied equipment whose only supported file transfer method is FTP.
- One-off interactive troubleshooting against an old internal FTP server that predates SFTP adoption in an organization.
Common interview questions
- Why is plain FTP considered insecure, and what should replace it? It transmits credentials and data unencrypted; SFTP (over SSH) or SCP should be used instead whenever both endpoints support it.
- What's the difference between active and passive FTP mode? In active mode the server initiates the data connection back to the client (often blocked by firewalls/NAT); in passive mode the client initiates both connections, which is far more compatible with modern network setups.
- What's the practical difference between ftp and sftp despite similar-looking commands? They're different protocols entirely — ftp is unencrypted and uses its own ports (21/20); sftp is a subsystem of SSH, fully encrypted, and runs over port 22.
Frequently Asked Questions
Is it safe to use ftp?
No, not for anything sensitive. Standard FTP transmits usernames, passwords, and file contents in plain text over the network — anyone able to observe the traffic (on shared WiFi, a compromised router, or anywhere along the path) can capture credentials and data. Use sftp or scp instead, which run over an encrypted SSH connection.
What's the difference between ftp and sftp?
They share a similar interactive command set (get, put, ls, cd) but are entirely different protocols: ftp is the original, unencrypted File Transfer Protocol running over its own ports (21 control, 20 data); sftp is the SSH File Transfer Protocol, tunneled entirely through an encrypted SSH connection on port 22. sftp is the modern, secure replacement.
Why would I still need ftp at all in 2026?
Mostly for interacting with legacy systems, embedded devices, or vendor equipment that only offers an FTP server, or for anonymous public file mirrors that still serve over FTP. For anything you control end-to-end, prefer sftp/scp/rsync-over-ssh.
What's the difference between active and passive FTP mode?
In active mode, the client opens a control connection and the server initiates a separate data connection back to the client — which often fails behind NAT/firewalls. In passive mode, the client initiates both the control and data connections, which is far more firewall/NAT-friendly and is the default in most modern clients.
Cheat sheet
Download a quick-reference cheat sheet for ftp.