SFTP
Contents
SFTP
SFTP stands for SSH File Transfer Protocol. It is a secure way to transfer files over a network. Despite "FTP" in its name, SFTP is a distinct protocol that runs over SSH (Secure Shell), not the older FTP.
SFTP's main purpose is to provide a secure method to copy, move, list, and manage files on a remote computer or server.
How SFTP Works
SFTP operates by establishing a connection *inside* an already secure and encrypted SSH connection.
1. You use an SFTP client program (like FileZilla) to connect to a remote server running an SSH server. 2. An encrypted and secure SSH connection is established first. 3. Once the SSH connection is active, the SFTP protocol begins running within this secure tunnel. 4. All your file operations (uploading, downloading, listing, deleting, renaming) are sent through this secure SSH tunnel.
Because all data, including login details and file content, travels within the encrypted SSH tunnel, it is protected from interception.
What Encryption SFTP Uses
SFTP itself does not have separate encryption. It relies entirely on the **SSH protocol** for encryption and authentication.
SSH uses strong encryption methods (e.g., AES, Triple DES) to scramble data between your computer and the server. It also uses cryptographic techniques for authentication (verifying identity, usually with a password or public key) to ensure you connect to the correct server and only authorized users access files.
Therefore, SFTP's security and encryption come from the underlying SSH connection.
SFTP vs. FTP and FTPS
- **FTP (File Transfer Protocol):** An older protocol that sends data, including usernames and passwords, in plain text, making it **insecure**.
- **FTPS (FTP over SSL/TLS):** Adds an encryption layer (SSL/TLS, similar to secure websites) to FTP. More secure than plain FTP but can be more complex with firewalls than SFTP.
- **SFTP (SSH File Transfer Protocol):** Runs over SSH. Generally considered very secure and often simpler to use through firewalls as it typically uses the standard SSH port (usually port 22).
Usage
SFTP is commonly used for:
- Uploading website files to a web server.
- Transferring files to or from a remote server (e.g., a seedbox or VPS).
- Securely backing up files to a remote location.
- Managing files on a remote system from your local computer.
Many file transfer client programs (like FileZilla, WinSCP, Cyberduck) support SFTP, as do command-line tools (like the `sftp` command in Linux and macOS terminals).
Using FileZilla for SFTP
FileZilla is a popular, free, and open-source GUI SFTP client available for Windows, macOS, and Linux. Here's how to connect to a server using SFTP with FileZilla:
1. Open FileZilla: Launch the FileZilla client application on your computer. 2. Open Site Manager: Go to `File` > `Site Manager` (or press `Ctrl+S` on Windows/Linux, `Cmd+S` on macOS). 3. Create a New Site:
* Click the `New Site` button. * Give your new site a descriptive name (e.g., "My Web Server").
4. Configure Connection Details:
* Protocol: In the dropdown menu, select `SFTP - SSH File Transfer Protocol`. This is crucial for a secure connection. * Host: Enter the IP address or hostname of your server (e.g., `your_server_ip` or `example.com`). * Port: The default SSH/SFTP port is `22`. If your server uses a different port, enter it here. * Logon Type: Select `Normal` for username/password authentication, or `Key file` if you are using SSH keys. * User: Enter your username for the server. * Password: If `Normal` logon type is selected, enter your password. If `Key file` is selected, browse to your private key file.
5. Connect: Click the `Connect` button.
FileZilla will attempt to establish an SSH connection and then an SFTP session. Once connected, you will see your local files on the left pane and the remote server's files on the right pane, allowing you to drag-and-drop files for transfer.
