Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

ssh-convert-ftp (EFT Expansion Pack on Unix)

ssh-convert-ftp — Convert unsecured FTP connections to secured SFTP


ssh-convert-ftp [options...] COMMAND [arguments...]


ssh-convert-ftp is a component of SSH Tectia Client with EFT Expansion Pack on Unix.

The ssh-convert-ftp command runs the specified command with the given arguments. The command and its child processes will have automatic FTP-SFTP conversion and FTP tunneling enabled. Depending on the filter rules configured for the SSH Tectia Connection Broker, the connections may then be automatically converted from FTP to SFTP, or automatically tunneled.


The following options are available:

-D, --debug=LEVEL

Sets the debug level string to LEVEL. The following debug levels can be used:

  • 1 - includes information about fatal errors

  • 3 - includes initialization messages

  • 5 - includes information about the TCP connections

  • 7 - includes information about DNS resolving, and other more detailed debugging information.

-F, --fallback

Falls back to plaintext connection mode if a secure connection cannot be established (default: no fallback).

-h, --help

Displays a short summary of command-line options and exits.


Start an FTP session to with FTP-SFTP conversion enabled:

$ ssh-convert-ftp ftp

Start an FTP session to and allow the fallback to plaintext FTP in case the secure SFTP connection cannot be established:

$ ssh-convert-ftp -F ftp

Start a bash shell session with FTP-SFTP conversion enabled for all commands:

$ ssh-convert-ftp bash

The SSH Tectia Client software includes an example configuration for filter rules that enable FTP-SFTP conversion for any FTP connections (to port 21). See the ssh-broker-config-example-ftp-sftp.xml configuration file in the /etc/ssh2 directory.

Exit Values

If a command was invoked, ssh-convert-ftp returns the exit status of that command. Typically, the exit value shows the success of the command:

  • If an error occurred when executing the command, the exit value is non-zero. The exact value depends on the operating system.

  • If an error occurred when parsing the command line arguments, an error message is output to stderr and the exit value is 1.

  • If the platform is unsupported, an error message is output to stderr and the exit value is 2.

  • If no errors occurred, the exit value is whatever the given command returns. So in this case the exit value may be nonzero even if the command succeeds. This means that the exit value alone does not provide exact information about how the command succeeded.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now