MOVEit Xfer Logo

MOVEit Xfer:
Command-Line Secure File Transfer
Client for MOVEit DMZ

Overview

MOVEit Xfer ("/ex-fer/") is a command-line application which securely transfers files between a MOVEit DMZ server and a Microsoft Windows computer or any computer running Java 1.7 or higher.  

Designed to mimic the interface of a standard command-line FTP client, this utility provides an easy upgrade path from command-line FTP clients working against an insecure or firewall-adverse FTP system to command-line MOVEit Xfer clients working with a secure and firewall-friendly MOVEit DMZ system.

MOVEit Xfer features:

Like any other well-behaved command-line utility, MOVEit Xfer can be driven by an automated script such as a Windows batch file or Unix shell script. In turn, these scripts can be scheduled by Windows Scheduled Tasks or Unix cron. In other words, the open functionality of MOVEit Xfer allows users to build an automated collection of MOVEit DMZ transfer scripts with this utility.

Table of Contents

Requirements

On Windows, MOVEit Xfer is a standalone executable that does not require any other software, assuming the operating system is Microsoft Windows 98, ME, NT, 2000, XP, 2003, Vista, 7, or 8. On other operating systems, MOVEit Xfer requires Java 1.7 or higher.

The Java version of MOVEit Xfer can also be run on Windows systems, but it's usually not necessary, even for testing, because MOVEit Xfer accepts the same commands under both native Windows and the Java runtime environment.

All versions of MOVEit Xfer require the remote MOVEit DMZ server to be version 3.1.7 or higher. (Version 3.1.7 was released in Nov. 2004.)

Installation

Windows Installation

To install MOVEit Xfer, simply run the MOVEit Xfer for Windows installation package. This package will ask into which folder and which "Start menu" program group you would like to install the application. It will change your "PATH" variable to allow you to run MOVEit Xfer from any command prompt. (You may be prompted to log off after the installation to allow this to occur.) The installation will also install a "Start Menu" link to this documentation.

The MOVEit Xfer for Windows installation package is also available in "MSI" format to aid mass-deployments.

Java Installation

To "install" MOVEit Xfer under Java, simply extract the contents of the MOVEit Xfer for Java archive file into a directory. To run MOVEit Xfer, you will either need to have a Java runtime executable in your command-line "executable path" or explicitly provide a path to that executable in the command line.

It will probably be useful to use a short script or other helper to avoid making a user type the full path to either MOVEit Xfer or the Java executable each time he/she would like to use MOVEit Xfer. Sample scripts for Windows and Unix platforms to carry out this task are provided in the MOVEit Xfer for Java package ("xfer.bat" and "xfer.sh").

Command Line

Use the following command syntax to run MOVEit Xfer:

xfer [args] [hostname]

...where "args" consists of any (or none) of the following options:

                                       
-?Prints a list of command-line parameters.
-dEnables debug mode, which will output extra information to the console.
-s:filenameRuns xfer in batch mode, using filename as a command file. The command file should contain the list of commands to be issued to xfer, each command on its own line. Blank lines and lines starting with the # character will be ignored.
-user:usernameIdentifies the username that xfer should use when connecting to the MOVEit DMZ server.
-password:passwordIdentifies the password that xfer should use when connecting to the MOVEit DMZ server.
-proxyuser:usernameIdentifies the username that xfer should use to authenticate to a proxy server.
-proxypass:passwordIdentifies the password that xfer should use to authenticate to a proxy server.
-quiterrorCauses xfer to exit with error code 3 if an error occurs with any DMZ operation.
-zCauses xfer to ignore any certificate issues with the MOVEit DMZ server.
-t:nsecsCauses xfer to use nsecs for the receive data timeout (default = 60).
-resumedelay:multCauses xfer to pause when resuming a failed upload. This is to avoid timeouts where the server is busy processing data up to the resume point. The amount of time delayed is dependent on the size of the partial file on the server. The base rate (mult = 1) is roughly 10 secs per every 100 mb of data. This is can be increased by specifying a larger multiplier, i.e. mult = 2 means roughly 20sec/100mb, mult = 3 means roughly 30sec/100mb, etc. The default is mult = 0, or no delay.
The Windows version adds these arguments.
-ccn:common_nameIdentifies the certificate to send to MOVEit DMZ, by certificate common name. This applies only if client certificates are being used. Xfer searches for the certificate in the Windows certificate store.
-csha1:SHA1_hex_hashIdentifies the certificate to send to MOVEit DMZ, by SHA1 thumbprint, as a 40-digit hexadecimal number.  For instance, -csha1:2F1B50183045ECC55191BBD5A9F8410C2085E6FB.  (The thumbprint can be gotten from the Windows MMC Certificates snap-in.)  This applies only if client certificates are being used.  Do not specify both -ccn and -csha1; use one or the other (or neither, if you are not using client certificates). 
-csn:storenameIdentifies the name of the client certificate store; used only when using -ccn.  This is almost always My. 
The Java version adds these arguments. (Note: the Windows version takes proxy information from the current user's Internet Explorer configuration.)
-proxyhost:hostnameIdentifies the hostname that xfer should use to access a proxy server.
-proxyport:portnumIdentifies the TCP port number of the proxy server.
-ccfile:pathIdentifies the filename of a file containing client certificates, if client certificates are being used. 
-cctype:typeIdentifies the type of the -ccfile client certificate file (if any): PKCS12 for .pfx files (which are the same as .p12 files), or JKS for Java keystore files.
-ccpass:passwordIdentifies the password to the -ccfile client certificate file, if any.

hostname is the domain name or numeric IP address of the MOVEit DMZ server.

If no hostname is given on the command line, MOVEit Xfer starts without a configured host. In this case, you must issue an open command to connect to a MOVEit DMZ server.

Return Codes

The following integer values are returned by MOVEit Xfer based on how it exits.

Compatibility with MOVEit Freely and Microsoft's "ftp.exe" Client

MOVEit Freely is a free, command-line FTP/SSL application also written and distributed by Ipswitch. The command-line syntax for MOVEit Xfer was based on existing MOVEit Freely command-line syntax. This uniformity allows people to convert most MOVEit Freely scripts to MOVEit Xfer scripts simply by replacing "ftps" with "xfer".

MOVEit Freely command-line syntax was itself based on the command-line syntax of Microsoft's non-secure ftp.exe client. Once again, this uniformity allows people to convert many scripts based on "ftp.exe" to MOVEit Xfer scripts simply by replacing "ftp" with "xfer".

Commands

Once MOVEit Xfer is started, it prompts for and reads single-line "FTP-style" commands. The commands are read from the console, or from the script filename supplied by using the -s parameter.

If a command that has required parameters is entered without the parameters, MOVEit Xfer will prompt for the parameters.

For many commands, to enter a parameter containing spaces, you must enclose the parameter in double quotes. For instance, to retrieve a file named My Document.txt, you should say get "My Document.txt".

Legal commands are listed below. Optional parameters are enclosed in brackets ([]). If you are familiar with FTP command syntax, there should be few surprises, as MOVEit Xfer's command syntax is entirely based on standard FTP command syntax.

about
Displays program information about MOVEit Xfer, the current version, and information about the system it is running under.

cd directory
Changes the working directory on the server.

close
Closes the connection to the server without exiting the program.

debug
Toggles debug mode, which prints extra information to the console.

delete filename
Deletes a filename on the DMZ server.

dir [filemask]
Gets a directory listing from the DMZ server.

exit
Closes any open connection and exits the program.

get remotefilename [localfilename]
Retrieves a file. If localfilename is not specified, the file will be saved to the local system as remotefilename. You may put " around the filenames in order to include spaces in the names.

help
Displays the list of commands accepted by MOVEit Xfer.

lcd directory
Changes the local directory.

ldir [filemask]
Gets a directory listing from the local system.

lls [filemask]
Gets a short-form directory listing from the local system (names only).

ls [filemask]
Gets a short-form directory listing from the DMZ server (names only).

mdelete remotefilemask
Deletes multiple files from the remote system. If not in batch mode, MOVEit Xfer prompts for whether to actually delete the file. The response should be "y" to delete the file, "n" to not delete the file, or "a" to delete the file and all others without asking again.

mget remotefilemask
Retrieves multiple files from the remote system. If not in batch mode, MOVEit Xfer prompts for whether to actually download the file. The response should be "y" to download the file, "n" to not download the file, or "a" to download the file and all others without asking again.

mkdir remotedirectory
Makes a directory on the remote system.

mput localfilemask [comments]
Sends multiple files to the remote system. If not in batch mode, MOVEit Xfer prompts for whether to actually upload the file. The response should be "y" to upload the file, "n" to not upload the file, or "a" to upload the file and all others without asking again. Comments should be surrounded by double-quotes (") if they contain spaces.

open [http:// | https://]hostname[:port][scriptpath]
Sets the DMZ host to connect to. If the protocol prefix is not included, a secure connection will be assumed. Otherwise, MOVEit Xfer will use a secure connection for "https://" prefixes, and a non-secure connection for "http://" prefixes. The default secure connection port is 443, and the default non-secure connection port is 80. Either may be overridden by designating the port to use. The scriptpath must be included if the target DMZ application does not reside in the root of the host webserver.

Example open commands:

pass password
Sets the password to be used when connecting to the DMZ host. This command should only be used in batch mode command files.

prompt
Toggles whether mget, mput, and mdelete prompt for each file.

put localfilename [remotefilename [comments]]
Sends a file to a remote DMZ server. If remotefilename is not specified, the name of the file on the remote system will be the same as localfilename. You may put " around the filenames in order to include spaces in the names. Comments should also be surrounded by double-quotes (") if they contain spaces.

pwd
Displays the current directory on the remote DMZ system if connected, as well as the current directory on the local system.

rename oldfilename newfilename
Renames a file on the remote system.

rmdir remotedirectory
Removes a directory on the remote system.

user [username [password]]
Sets the username and password to be used when connecting to the DMZ host. If no password is provided and the program is not in batch mode, MOVEit Xfer will prompt for a password. If neither the username or the password are provided and the program is not in batch mode, MOVEit Xfer will prompt for both the username and the password.

Examples

Simple Script Example

The following script and command line retrieve all files named *.rpt from the Incoming directory of a DMZ server. The command line is:

xfer -s:GetRpt.in moveit.bigcorp.com

The contents of GetRpt.in are:

jsmith
secret123
cd Incoming
mget *.rpt
quit

Note that the lines in the script are simply the lines of text that would be entered by the user if the transfer were done interactively rather than via a script. Also note that the script did NOT need to include the "Y" or "N" responses a user would normally see if typing in an "mget" or "mput" command manually; during batch mode, xfer assumes the answer to these questions would be "Y."

Simple Batch File to Upload a Single File

The following batch file lets a user upload a single file using a single command. If you save the following snippet as "uploadit.bat", usage would be: "uploadit (hostname) (username) (password) (file_to_transfer)"

echo put %4 > temp.txt
echo quit >> temp.txt
xfer -user:%2 -password:%3 -s:temp.txt %1
del temp.txt

Batch File that Checks for Errors

This batch file checks the exit code from MOVEit Xfer to see if any errors occurred.  The -quiterror parameter will make the program exit as soon as there is an error without reading any more commands from the script file.

xfer -user:dave -password:super -quiterror -s:script.txt moveit.bigcorp.com
if %ERRORLEVEL%==0 goto great
echo MOVEit Xfer returned error code: %ERRORLEVEL%
if %ERRORLEVEL%==3 goto out
if %ERRORLEVEL% GEQ 1 goto oops
echo Unknown File Transfer Problem
goto done
:oops
echo Error in File Transfer syntax
goto done
:out
echo An error occurred in the File Transfer
goto done
:great
echo The File Transfer completed successfully
:done

Distribution

Distribution Under Windows

Under Windows, the standard MOVEit Xfer for Windows installation packages will automatically set the "PATH" variable to include the folder into which MOVEit Xfer was installed. This allows users to invoke the MOVEit Xfer client from any command line prompt. You should use the standard MOVEit Xfer for Windows installation packages for distribution if your clients:

There are "MSI" and "EXE" versions of the MOVEit Xfer for Windows installation packages. In most cases you should use the "EXE" version as upgrading MSI packages can require end users to perform some extra steps. If you need to support Windows 98 or want to roll your own distribution, you may want to use the basic archive file (in "zip" format) instead.

Distribution Under Java

Under Java, the standard MOVEit Xfer for Java package is an archive file (in "zip" and "tar.gz" format) that contains the MOVEit Xfer software and documentation. You should the standard MOVEit Xfer for Java archive package for distribution if your clients:

USB-Friendly "Portable" Deployment

"A portable app is a computer program that you can carry around with you on a portable device and use on any Windows computer. When your USB thumbdrive, portable hard drive, iPod or other portable device is plugged in, you have access to your software and personal data just as you would on your own PC. And when you unplug, none of your personal data is left behind." (Rare Ideas, LLC, 2005)

MOVEit Xfer can be deployed/installed as a USB-Friendly "Portable" application. Simply copy the contents of a MOVEit Xfer archive file (e.g., "MOVEitXfer.zip") into a folder on your USB drive or other portable device.

With command line applications, MOVEit Xfer included, your personal information is generally confined to what you have written in batch files or piped out into log files. Please remember to keep any such batch or log files on the portable drive too.

You may wish to add the portable directory in which you installed MOVEit Xfer to your PATH if you want to be able to invoke MOVEit Xfer from any folder without specifying a full path to the executable. If you often find yourself running command-line applications in a portable environment, you will also probably want to create a portable "Launch Command Line" shortcut and/or batch file on your portable device so your favorite utilities are always available in command-line sessions.

Custom Distribution

If you elect to roll your own distribution of MOVEit Xfer, you MUST include:

You will also probably want to include any custom batch files, script input files and/or documentation in your own distribution. Usually all these files are placed into a single "archive" file (e.g., a "zip" file), but they may be bundled in other distributions as permitted by the license found in this document.

Other MOVEit Products

Need more desktop automation?

You can automate MOVEit Xfer by running a batch file to power it from the operating system's scheduler. However, if you would like to provide a "friendlier" automated client to your Windows users, you may want to examine MOVEit EZ. The MOVEit EZ client runs as an icon in your Windows system tray and automatically moves files back and forth between a local filesystem and a MOVEit DMZ server, and includes features MOVEit Xfer does not have such as automatic retry, logging and a GUI configuration interface. (More info...)

Need MISSION-CRITICAL automation?

If you run more than 10 automated MOVEit Xfer transfers or need mission-critical automated file-transfer, please consider using MOVEit Central instead of MOVEit Xfer. MOVEit Central is a fully-automated, schedule and event driven file transfer engine. It can move files between FTP servers, SSH servers, Windows file shares, email servers and comes with enterprise features such as remote control, task configuration/execution delegation, and automatic retry/resume of failed transfers. (More info...)

Need your own secure file transfer server?

The first Windows-based secure file transfer server to support all three modes of FTP over SSL, the first to add SSH support, and the first one to support both protocols plus browser-based (HTTPS) transfers was MOVEit DMZ. In addition to three secure IN TRANSIT protocols, MOVEit DMZ features integrated FIPS-140-validated AT REST encryption to protect files while they are stored on the server. Request an evalution and join the banks, governments, hospitals and others who have stepped up to MOVEit secure file transfer today! (More info...)

MOVEit Xfer LICENSE

MOVEit Xfer is protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. MOVEit Xfer is licensed, not sold. "MOVEit" is a registered trademark of Ipswitch, Inc.

1. GRANT OF LICENSE. This license agreement grants you the following rights:

Installation and Use. You may install and use MOVEit Xfer for your personal or company use. There is no charge for such use. You may also make copies of MOVEit Xfer for backup and archival purposes.

Distribution. You may make unlimited copies of and may distribute to any party the original MOVEit Xfer installation package as long as such distribution is performed without charge. You may reproduce or distribute components of the product (e.g., just "xfer.exe") as long as this license agreement accompanies the software.

2. DESCRIPTION OF OTHER RIGHTS AND LIMITATIONS.

Limitations on Reverse Engineering, Decompilation, and Disassembly. You may not reverse engineer, decompile, or disassemble MOVEit Xfer, except and only to the extent that such activity is expressly permitted by applicable law notwithstanding this limitation.

Software Transfer. You may not transfer your rights under this license agreement.

Termination. Without prejudice to any other rights, Ipswitch, Inc. may terminate this license agreement if you fail to comply with the terms and conditions of this license agreement. In such event, you must destroy all copies of MOVEit Xfer and all of its component parts.

Rental. You may not sell, rent, or lease MOVEit Xfer.

3. COPYRIGHT. All title and copyrights in and to MOVEit Xfer, the accompanying printed materials, and any copies of MOVEit Xfer are owned by Ipswitch, Inc. MOVEit Xfer is protected by copyright laws and international treaty provisions. Therefore, you must treat MOVEit Xfer like any other copyrighted material.

WARRANTY AND LIMITATION OF LIABILITY

WARRANTY. MOVEit Xfer is distributed on an "as is" basis with no warranty, either expressed or implied.

OTHER WARRANTIES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IPSWITCH, INC. AND ITS SUPPLIERS DISCLAIM ALL OTHER WARRANTIES AND CONDITIONS, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT, WITH REGARD TO MOVEit Xfer, AND THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT SERVICES. THIS LIMITED WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS. YOU MAY HAVE OTHERS, WHICH VARY FROM STATE/JURISDICTION TO STATE/JURISDICTION.

LIMITATION OF LIABILITY. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL IPSWITCH, INC. OR ITS SUPPLIERS BE LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, OR ANY OTHER PECUNIARY LOSS) ARISING OUT OF THE USE OF OR INABILITY TO USE MOVEit Xfer OR THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT SERVICES, EVEN IF IPSWITCH, INC. HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN ANY CASE, IPSWITCH, INC.'S ENTIRE LIABILITY UNDER ANY PROVISION OF THIS EULA SHALL BE LIMITED TO THE GREATER OF THE AMOUNT ACTUALLY PAID BY YOU FOR MOVEit Xfer OR U.S.$5.00; PROVIDED, HOWEVER, IF YOU HAVE ENTERED INTO A IPSWITCH, INC. SUPPORT SERVICES AGREEMENT, IPSWITCH, INC.'S ENTIRE LIABILITY REGARDING SUPPORT SERVICES SHALL BE GOVERNED BY THE TERMS OF THAT AGREEMENT. BECAUSE SOME STATES AND JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY, THE ABOVE LIMITATION MAY NOT APPLY TO YOU.

TRADEMARKS. MOVEit is a registered trademark of Ipswitch, Inc. All names of products and companies used in this document, the software, or the enclosed documentation may be trademarks of their corresponding owners. Their use in this document is intended to be in compliance with the respective guidelines and licenses.

Contacting the Vendor

Information site:   http://www.ipswitchft.com
Support site: http://my.ipswitchft.com