Box supports FTP (file transfer protocol) for Business and Enterprise customers. It is not available for Personal accounts (Free or Pro) or trial accounts. The purpose of FTP is for bulk migration of data. FTP is designed to be used for initial bulk upload and occasional bulk download of files from your account -- we do not recommend FTP as your main access method.
FTP, FTPS, and FTPES are supported, but not SFTP. When uploading a file with FTP, you will NOT receive email notifications. This is intentional. Please note that we support Passive mode FTP, but not Active mode FTP.
NOTE: Make sure you have FTP enabled for your account by going to the Admin console (ask the admin of the enterprise), then going to Apps, and then making sure FTP is enabled.
To Connect to Box with FTP Client
- Please see our FTP Overview article.
To Connect to Box with Command Line (Advanced users on Mac)
FTP (Mac):
- Open a Terminal session. Type:
ftp ftp.box.com
Then enter your Box username and password. - Type
passive on
- Type
epsv
- Use the
lcd
command to change your local directory - For example:
lcd /Users/user/Desktop
- To upload one file use
put
-
ftp>
put myfile.pdf <Enter>
- To upload many files, use
mput
ftp>
mput *.htm <Enter>
- Type quit to close the connection and go back to your original terminal window.
FTP with Windows Command Line:
Windows built-in FTP command line utility cannot support passive mode (even though "quote pasv" returns without any error). For customers that need command line FTP utility on Windows, please search for the "MOVEit Freely Free Command-line Client". Note: MOVEit Freely by default launches in active mode. You will need to use the -a argument when launching MOVEit Freely to start it in passive mode or use the passive command after the session is established to toggle passive mode.
FTPS with curl:
Open a terminal session
- To connect to Box via FTP over Port 21:
shell> curl -1 --disable-epsv --ftp-skip-pasv-ip -u username@example.com --ssl-reqd ftp://ftp.box.com
- To connect to Box via FTPS over Port 990:
shell> curl -1 --disable-epsv --ftp-skip-pasv-ip -u username@example.com --ssl-reqd ftps://ftp.box.com:990
To upload a file (example using FTP):
Open a terminal session:
shell> curl -1 --disable-epsv --ftp-skip-pasv-ip -u username@example.com --ssl-reqd --upload-file filename ftp://ftp.box.com/
Note: Without the trailing "/" in the dir name: "ftp://ftp.box.com/dir/", a "551 Box: Not Found" error will be generated.
To download a file (example using FTPS):
Open a terminal session:
shell> curl -u username@example.com ftps://ftp.box.com/apple.png -o ~/Downloads/apple.png
Note: Curl doesn't stay connected like a typical connect command. For further help, type either command in your terminal: man curl or curl --help
FTPS is FTP with support for Transport Layer Security (TLSv1.2).
FTPS has two modes of operation:
- Implicit: Port 990 is implicit. No handshake.
- Explicit: Port 21. Also known as FTPES.
Firewall incompatibilities
Because FTP utilizes a dynamic secondary port (for data channels), many firewalls were designed to snoop FTP protocol control messages to determine which secondary data connections they need to allow. However, if the FTP control connection is encrypted using TLS/SSL, the firewall cannot determine the TCP port number of a data connection negotiated between the client and FTP server. Therefore, in many firewalled networks, an FTPS deployment will fail when an unencrypted FTP deployment works. FTP relies on two channels to transfer data: the command channel and the data channel. If FTP is not working on your network, it could be because your firewall is blocking access to the data channel ports.
- This problem can be resolved with the use of a limited range of ports for the data channel.
- Configure your firewall to allow ports 10,000 - 29,999 for the data channel.
SSO (Single Sign On)
FTP as a transfer protocol does not support single sign-on. If SSO is enabled for your account, you must create a Box-specific password to supplement your SSO login. To do this, use a browser to log in to your Box account and go to Account Settings > Account. Then scroll down (if necessary) to the Authentication section:
- Because you are using Single Sign On (SSO), you will need to create a unique password to use with external applications that do not support SSO. If you have forgotten your current password, you may reset it.
Two-Step Verification
If you have Two-step verification turned on for your account, the workflow for logging in is as follows:
- Try and login normally with your Box specific password
- You will receive a text message with a six-character alphanumeric confirmation code separated by a space
- Login again with that six-character code as your FTP password
Notes and Troubleshooting:
- To access Box's FTP server, you must set Box FTP Server to available. To do this, from your Admin Console, in the left navigation click Apps. This option should be set to available by default. If Box FTP Server is disabled, Box displays an Authentication Failed message when you attempt to log in from the FTP client.
- FTP as a transfer protocol does not support multi-factor authentication (MFA) as a part of single sign-on (SSO). If SSO is enabled for your account, you must create a Box-specific password to supplement your SSO login. To do this, use a browser to log in to your Box account and go to Account Settings > Account. Then scroll down (if necessary) to the Create External Password section.
-
The FTP protocol uses separate channels for authentication and data. Ensure all required ports are allowlisted.
- Box supports FTP (port 21), FTPS implicit (port 990), and FTPES explicit (port 21), over passive FTP. Box does not support active FTP or SFTP.
-
For the data channel, Box uses ports 10,000 - 29,999. Verify that your firewall has these ports open.
-
Error: Connection timed out after 20 seconds of inactivity: Increase your timeout setting. In Filezilla, go to Preferences > Connection > Timeout to do this. Setting this to 120 seconds can be helpful for folders containing large numbers of files.
- Resuming an upload/download: Box does not support either the REST (restart) or the APPE (append) commands. This means we do not support resumable uploads/downloads on Box for FTP. You must retry any failed upload or download. In this case FTP client log displays 551 Box: Partial-file uploads are not supported.
- Box FTP does not support TLS session resumption on the data connection.
- 530 Box: CAPTCHA is required. You have triggered Captcha on your account. To clear Captcha, use your Web browser and Box credentials (or External Password, if you're using SSO) to log in to https://app.box.com .
- 530 Box: Login rejected: Limit of 40 logins per user already reached. Your Box account has more than 40 active concurrent FTP connections.
-
Error on output file. You may have folder names that include trailing space characters. These are not allowed. Rename any folders to remove the extra space.
- Request rate limit exceeded, please try again later. Reduce the number of simultaneous connections from your FTP client.
If you contact Box Support, please be sure to include a detailed/verbose copy of your FTP client log.