>_cmd.script

ftp

Interactive File Transfer Protocol client

Networking

By CMD Script Team · 4 min read · Last updated

SYNTAX
ftp [OPTIONS] [HOST]

Options

Command options and flags
FlagDescription
-pUse passive mode for data connections (helps traverse firewalls/NAT); the default in most modern clients
-nDisable auto-login on connect; you'll need to run 'user' manually inside the session
-iTurn off interactive prompting during multiple-file transfers (mget/mput)
-vVerbose: show all responses from the remote server
-dEnable debugging output, showing the full command/response exchange

Distribution compatibility

  • Ubuntu
  • Debian
  • Fedora
  • Arch
  • macOS

What it does

ftp is an interactive command-line client for the File Transfer Protocol, one of the oldest protocols on the internet for moving files between hosts. After connecting, it drops into its own command prompt (ftp>) supporting subcommands like get, put, mget, mput, ls, cd, binary, and ascii. Critically, standard FTP is unencrypted: credentials and file contents travel in plain text, which is why it has been largely superseded by sftp and scp for anything beyond talking to legacy systems or public anonymous file mirrors.

Beginner examples

  • ftp ftp.example.com — connect and get prompted for a username/password
  • get filename.txt — inside a session, download a file from the server
  • put filename.txt — inside a session, upload a local file to the server
  • bye or quit — close the connection and exit the ftp client
ftp ftp.example.com

Advanced examples

  • Download several files at once without a confirmation prompt for each: connect with ftp -i ftp.example.com, then mget *.txt
  • Switch transfer mode explicitly before moving a binary file (images, archives, executables) to avoid corruption from newline translation: binary then get archive.zip
  • Automate a routine transfer with a script (heredoc into ftp, understanding the security caveat below): ftp -inv ftp.example.com <<'EOF' user anonymous anonymous@example.com cd pub get readme.txt bye EOF
  • Use anonymous FTP to grab a publicly mirrored file: ftp ftp.gnu.org then login as anonymous with any email as the password.
ftp -i ftp.example.com

Common mistakes

  • Using ftp to transfer anything containing real credentials or sensitive data over an untrusted network — the protocol has no encryption at all, unlike its name-alike sftp.
  • Forgetting to switch to binary mode before transferring non-text files; ASCII mode (the default in some clients) can silently corrupt binaries by translating line endings.
  • Confusing ftp with sftp/scp when reading a script or runbook — they look similar in command names (get, put) but are fundamentally different protocols with different security properties.
  • Getting stuck behind a firewall/NAT in active mode without realizing passive mode (usually the default now, or toggled with passive inside the session) resolves the connection issue.

Tips

  • Always confirm whether you actually need ftp or whether sftp/scp/rsync -e ssh would work instead — in most modern environments, they do and are strictly more secure.
  • Use mget/mput with wildcards for batch transfers, and -i on the command line (or prompt inside the session) to toggle off per-file confirmation.
  • If a transfer is stalling or failing, try toggling passive mode inside the session — it resolves the majority of firewall/NAT-related FTP connection issues.

Best practices

  • Treat plain ftp as legacy-only: reserve it for talking to systems that genuinely don't support anything better, and migrate anything under your control to sftp or scp.
  • Never script plaintext credentials into an automated ftp session in a shared or version-controlled file — if automation is unavoidable, prefer curl/lftp with credentials sourced from a secrets manager, or better, switch the target system to SFTP.
  • When anonymous FTP is genuinely appropriate (public mirrors, open datasets), it's reasonably safe for downloads since there's no real credential to leak — but never use it to upload or transmit anything sensitive.

Try it yourself

A simulated shell with a sample home directory — experiment freely, nothing leaves your browser. Type help to list supported commands.

Real-world use cases

  • Pulling installation files or ISOs from long-standing public anonymous FTP mirrors (many open-source projects and Linux distributions still host these).
  • Interacting with legacy industrial, embedded, or vendor-supplied equipment whose only supported file transfer method is FTP.
  • One-off interactive troubleshooting against an old internal FTP server that predates SFTP adoption in an organization.

Common interview questions

  • Why is plain FTP considered insecure, and what should replace it? It transmits credentials and data unencrypted; SFTP (over SSH) or SCP should be used instead whenever both endpoints support it.
  • What's the difference between active and passive FTP mode? In active mode the server initiates the data connection back to the client (often blocked by firewalls/NAT); in passive mode the client initiates both connections, which is far more compatible with modern network setups.
  • What's the practical difference between ftp and sftp despite similar-looking commands? They're different protocols entirely — ftp is unencrypted and uses its own ports (21/20); sftp is a subsystem of SSH, fully encrypted, and runs over port 22.

Frequently Asked Questions

Is it safe to use ftp?

No, not for anything sensitive. Standard FTP transmits usernames, passwords, and file contents in plain text over the network — anyone able to observe the traffic (on shared WiFi, a compromised router, or anywhere along the path) can capture credentials and data. Use sftp or scp instead, which run over an encrypted SSH connection.

What's the difference between ftp and sftp?

They share a similar interactive command set (get, put, ls, cd) but are entirely different protocols: ftp is the original, unencrypted File Transfer Protocol running over its own ports (21 control, 20 data); sftp is the SSH File Transfer Protocol, tunneled entirely through an encrypted SSH connection on port 22. sftp is the modern, secure replacement.

Why would I still need ftp at all in 2026?

Mostly for interacting with legacy systems, embedded devices, or vendor equipment that only offers an FTP server, or for anonymous public file mirrors that still serve over FTP. For anything you control end-to-end, prefer sftp/scp/rsync-over-ssh.

What's the difference between active and passive FTP mode?

In active mode, the client opens a control connection and the server initiates a separate data connection back to the client — which often fails behind NAT/firewalls. In passive mode, the client initiates both the control and data connections, which is far more firewall/NAT-friendly and is the default in most modern clients.

Cheat sheet

Download a quick-reference cheat sheet for ftp.