Guide

How to automate SFTP uploads with cron

Schedule unattended SFTP uploads on Linux with cron, using SSH-key auth and sftp batch mode or lftp. Includes a working crontab line and tips to avoid silent failures.

A nightly export, a log shipment, a batch drop to a partner: these are exactly what cron plus SFTP is for. The trick to making it reliable is removing every interactive prompt, which means SSH-key auth (no passwords) and pre-trusted host keys (no “are you sure?” prompt). Here’s a setup that runs untouched.

Step 1, set up key-based auth

Generate a key (if you don’t have one) and register the public key with your SFTP user:

ssh-keygen -t ed25519 -f ~/.ssh/sftp_job -N ""

Add the public key (~/.ssh/sftp_job.pub) to the SFTP user in your provider’s console. With a managed gateway you paste it into the user; the private key stays on your machine.

Step 2, pre-trust the host key

So cron never hits an unknown-host prompt, add the server’s key to a known_hosts file once:

ssh-keyscan -t ed25519 sftp.example.com >> ~/.ssh/known_hosts

Verify the fingerprint against what your provider publishes before you trust it.

Step 3, write the transfer

Option A, sftp batch mode. Put the commands in a file:

# /opt/jobs/upload.batch
put /data/exports/nightly.csv /incoming/nightly.csv
bye

Then run it non-interactively with -b:

sftp -i ~/.ssh/sftp_job -b /opt/jobs/upload.batch [email protected]

Option B, lftp (better for many files, retries, and parallelism):

lftp -u alice, -e "mirror -R /data/exports /incoming; bye" sftp://sftp.example.com

Step 4, schedule it in cron

Edit your crontab (crontab -e) and add a line. This runs at 02:15 every night and logs output:

15 2 * * * /usr/bin/sftp -i /home/alice/.ssh/sftp_job -b /opt/jobs/upload.batch [email protected] >> /var/log/sftp-upload.log 2>&1

Don’t let it fail silently

Cron jobs are infamous for failing quietly. Guard against it:

  • Capture output (>> logfile 2>&1, as above) so you can see what happened.
  • Check the exit code. sftp returns non-zero on failure; wrap it in a small script that alerts (email, webhook) when the upload doesn’t return 0.
  • Use absolute paths for binaries and files; cron’s environment is minimal.
  • One key per job, so you can revoke a single automation without touching the rest.

Where the files land

If your endpoint is a bring-your-own-bucket gateway, each scheduled upload streams straight into your own S3, Azure, or GCS bucket, path-jailed to the user’s prefix, with every transfer recorded in the audit trail. See SFTP to S3, or upload files to S3 via SFTP for the manual version.

Try it on your own bucket

Connect a bucket you already own, Amazon S3, Azure Blob, Google Cloud Storage, or an S3-compatible store, and hand out a clean SFTP endpoint in minutes. Your files stay in your cloud.

Start free

← All guides