curlftpfs - Man Page

mount a ftp host as a local directory


curlftpfs [options] host path


The program curlftpfs is a tool to mount remote ftp hosts as local directories. It connects to the host FTP server and maps its directory structure to the path directory.

curlftpfs is powered by libcurl for all transfer-related features. See libcurl(3) for details. The filesystem part is implemented on top of FUSE. See for details.

FTP Options


Print help options.


Make libcurl print verbose debug output.


Print curlftpfs, libcurl and fuse versions.


Options are specified with a -o flag followed by a comma separated string of options.


(SSL) Pass a string naming a file holding one or more certificates to verify the peer with.

Note  that  option  is  by  default set to the system path where libcurl's cacert bundle is assumed to be stored, as  established at build time.


(SSL) Tells curlftpfs to use the specified certificate directory to verify the peer. The certificates must be in PEM format, and the directory must have been processed using  the  c_rehash  utility supplied  with  openssl.  Using capath can allow curlftpfs to make connections much more efficiently than using  cacert  if the cacert file contains many CA certificates.


(SSL) Tells curlftpfs to use the specified certificate file. The default format is "PEM" and can be changed with cert_type.


(SSL) Tells curlftpfs what certificate type the provided certificate is in. PEM, DER and ENG are recognized types.

ciphers=<list of ciphers>

(SSL) Specifies which ciphers to use in the connection. The list must be syntactically correct, it consists of one or more cipher strings separated  by colons. Commas or spaces are also acceptable separators but colons are normally used, , - and + can be  used  as operators.  Valid  examples  of  cipher lists include 'RC4-SHA', ´SHA1+DES', 'TLSv1' and 'DEFAULT'. The default list is  normally set when you compile OpenSSL.

Read up on SSL cipher list details on this URL:


Sets the encoding the ftp server uses to encode file names.


Maximum time in seconds that you allow the connection to the server to take. This only limits the connection phase, once curlftpfs has connected this option is of no more use.


Command used by curlftpfs to list files. The default is "LIST -a" but some servers might require extra options, e.g. "LIST -la".


Tell curlftpfs to disable the use of the EPRT and LPRT commands when doing active FTP transfers. Curlftpfs will normally always first attempt to use EPRT, then LPRT before using PORT, but with this option, it will use PORT right away. EPRT and LPRT are extensions to the original FTP protocol, may not work on all servers but enable more functionality in a better way than the traditional PORT command.


Tell curlftpfs to disable the use of the EPSV command when doing passive FTP transfers. This is the default.


Tell curlftpfs to enable the use of the EPSV command when doing passive FTP transfers. Curlftpfs will first attempt to use EPSV before PASV.


Select  the  OpenSSL crypto engine to use for cipher operations.  Use:
curl --engine list
to  print  a  list  of  build-time  supported engines.  Note  that  not all  (or  none) of the engines may be available at run-time.


Make curlftpfs print lots of debug information. Useful only in conjunction with the -d option.


Control what method curlftpfs should use to reach a file on the server. The method argument should be one of the following alternatives:


curlftpfs does a single CWD operation for each path part in the given URL. For deep hierarchies this means very many commands. This is how RFC1738 says it should be done. This is the default but the slowest behavior.


curlftpfs does one CWD with the full target directory and then operates on the file "normally" (like in the multicwd case).


Reverses the initiator/listener roles when connecting with ftp. This switch makes curlftpfs use the PORT command instead of PASV. In practice, PORT tells the server to connect to the client's specified address and port, while PASV asks the server for an ip address and port to connect to. <address> should be one of:


i.e "eth0" to specify which interface's IP address you want to use

IP address

i.e "" to specify exact IP number

host name

i.e "" to specify machine


make curlftpfs pick the same IP address that is already used for the control connection

Disable the attempt to use the EPRT command instead of PORT by using disable_eprt. EPRT is really PORT++.


Set the proxy type to HTTP. This is the default type.


Pass a string as parameter. This set the interface name  to  use as  outgoing network  interface.  The  name can be an interface name, an IP address or a host name.


Sets the charset used by the client side for codepage to charset translation. Default: UTF8.


If  libcurl  is  capable  of resolving an address to multiple IP versions (which it is if it is ipv6-capable), this option  tells libcurl  to  resolve names  to  IPv4  addresses only.


If  libcurl  is  capable  of resolving an address to multiple IP versions (which it is if it is ipv6-capable), this option  tells libcurl  to  resolve names  to  IPv6  addresses only.


(SSL) Private key file name. Allows you to provide your private key in this separate file. The  default format is "PEM" and can be changed with key_type.


(SSL) Pass a string in the format of your private key. Supported  formats are "PEM", "DER" and "ENG".

The  format  "ENG"  enables  you  to load the private key from a crypto engine. In this case key is used as an identifier  passed to  the  engine. You have to set the crypto engine with engine option.  "DER" format key file  currently  does not work because of a bug in OpenSSL.


Enable kerberos4 authentication and use. The level must be entered and should be one of 'clear', 'safe', 'confidential'  or 'private'.  Should  you  use  a level that is not one of these, 'private' will instead be used.

This option requires that the libcurl library was built  with  kerberos4 support.  This is  not  very common.


(SSL) Curlftpfs will not verify the hostname when connecting to a SSL enabled server.


(SSL) Curlftpfs will not verify the certificate when connecting to a SSL enabled server.


(SSL) Pass phrase for the private key.


Use specified HTTP proxy. If the port number is  not  specified, it is assumed at port 1080.

This  option  overrides existing environment variables that sets proxy to use. If  there's  an  environment  variable  setting  a proxy, you can set proxy to "" to override it.

This options implies the proxytunnel option.

Starting  with libcurl version 7.14.1, the proxy host can be specified the exact same way as the proxy environment  variables,  including protocol prefix (http://) and embedded user + password.


Tells curlftpfs to use a tunnel proxy. This option is implied by the  proxy option but you need to set it manually if you use the proxy environment variable.


Tells curl to pick a suitable authentication method when  communicating  with the  given  proxy.  This  will  cause  an  extra request/response round-trip.


Tells curlftpfs to use HTTP Basic authentication when communicating with the given proxy. Basic is the default authentication method curlftpfs is used with proxies.


Tells  curlftpfs to use HTTP Digest authentication when communicating with the given proxy.


Tells curlftpfs to use HTTP NTLM  authentication  when  communicating with the given proxy.


Specify user and password to use for proxy authentication.


Tell curlftpfs to not use the IP address the server suggests in its response to curlftpfs's PASV command when curlftpfs connects the data connection. Instead curlftpfs will re-use the same IP address it already uses for the control connection.


Set the proxy type to SOCKS4.


Set the proxy type to SOCKS5.


Make curlftpfs use SSL/TLS for both control and data connections.


Forces curlftpfs to use SSL version 3 when negotiating with a remote SSL server.


Make curlftpfs use SSL/TLS only for the control connection.


Curlftpfs will try to use SSL/TLS for both the control and data connections but if the server doesn't support it, it will still connect unencrypted.


Turn on the TCP_NODELAY option. See the curl_easy_setopt(3) man page for details about this option.


(SSL) Forces curlftpfs to use TLS version 1 when negotiating with a remote TLS server.


Append path to the absolute symlinks so that they still point inside the ftp directory structure. Otherwise those links will very probably be broken.


Specify  user  and  password  to  use for server authentication.  Overrides netrc configuration.


Try to transfer file list with UTF-8 encoding. Send OPTS UTF8 ON at the   beginning of file list transfer.

Fuse Options


Enable FUSE debug output. Implies -f.


Run curlftpfs in foreground mode.


Mount read-only.


Disable multi-threaded operation.


Options are specified with a -o flag followed by a comma separated string of options.


Allow access to other users. By default the mount point is only accessible to the user that mounted it and not even to root.


Allow access to root user. By default the mount point is only accessible to the user that mounted it and not even to root.


enable debug output


use direct I/O


set filesystem name in mtab


set file group


immediate removal (don't hide files)


Let the kernel VFS do some caching of the files.


issue large read requests (2.4 only)


set maximum size of read requests


allow mounts over non-empty file/dir


try to fill in d_ino in readdir


set file owner


set file permissions (octal)


let filesystem set inode numbers


Robson Braga Araujo is the author and maintainer of CurlFtpFS.


See Also



25 May 2007 CurlFtpFS 0.9.2 CurlFtpFS Manual