Difference between revisions of "SFTP"
(Created page with "SFTP is ''Secure File Transfer Protocol'' or sometimes called ''SSH File Transfer Protocol''. SFTP is a network protocol much like FTP is, except SFTP operates via a ...") |
|||
| Line 1: | Line 1: | ||
| − | SFTP | + | == SFTP == |
| + | |||
| + | '''[[SFTP]]''' stands for SSH File Transfer Protocol. It is a secure way to transfer [[Data transfer|files]] over a [[Networking|network]]. Even though it has "FTP" in its name, [[SFTP]] is actually a different protocol that runs over [[Secure Shell|SSH]] (Secure Shell), not the older [[File Transfer Protocol|FTP]]. | ||
| + | |||
| + | The main purpose of [[SFTP]] is to provide a secure way to copy, move, list, and manage [[Data transfer|files]] on a remote computer or server. | ||
| + | |||
| + | === How SFTP Works === | ||
| + | |||
| + | [[SFTP]] works by establishing a connection *inside* an already secure and encrypted [[Secure Shell|SSH]] connection. | ||
| + | |||
| + | 1. You use an [[SFTP]] client program to connect to a remote server that is running an [[Secure Shell|SSH]] server. | ||
| + | 2. The [[Secure Shell|SSH]] connection is established first. This connection is encrypted and secure. | ||
| + | 3. Once the [[Secure Shell|SSH]] connection is active, the [[SFTP]] protocol starts running within that secure tunnel. | ||
| + | 4. All your file operations (like uploading a file, downloading a file, listing the files in a folder, deleting a file, renaming a file) are sent through this secure [[Secure Shell|SSH]] tunnel. | ||
| + | |||
| + | Because everything happens *inside* the encrypted [[Secure Shell|SSH]] tunnel, the data (including your login details and the file content) is protected from being intercepted or read by others on the network. | ||
| + | |||
| + | === What Encryption SFTP Uses === | ||
| + | |||
| + | [[SFTP]] itself doesn't have its own separate [[Encryption (cryptography)|encryption]]. It relies entirely on the **[[Secure Shell|SSH]] protocol** for [[Encryption (cryptography)|encryption]] and [[Authentication|authentication]]. | ||
| + | |||
| + | [[Secure Shell|SSH]] uses strong [[Encryption (cryptography)|encryption]] methods (like AES or Triple DES) to scramble the data being sent between your computer and the server. It also uses cryptographic techniques for authentication (verifying your identity, usually with a password or [[Public key|public key]]) to ensure you are connecting to the correct server and that only authorized users can access the files. | ||
| + | |||
| + | So, when you use [[SFTP]], the security and [[Encryption (cryptography)|encryption]] come from the underlying [[Secure Shell|SSH]] connection. | ||
| + | |||
| + | === SFTP vs. FTP and FTPS === | ||
| + | |||
| + | * **[[File Transfer Protocol|FTP]] (File Transfer Protocol):** This is an older protocol for transferring files. It sends data, including usernames and passwords, in plain text, meaning it is **not secure** and can be easily intercepted. | ||
| + | * **[[FTPS|FTPS]] (FTP over SSL/TLS):** This adds an [[Encryption (cryptography)|encryption]] layer (SSL/TLS, like used by secure websites) to the [[File Transfer Protocol|FTP]] protocol. It is more secure than plain [[File Transfer Protocol|FTP]] but can sometimes be more complex to set up with [[Firewall|firewalls]] compared to [[SFTP]]. | ||
| + | * **[[SFTP]] (SSH File Transfer Protocol):** Runs over [[Secure Shell|SSH]]. Generally considered very secure and often simpler to use through [[Firewall|firewalls]] than [[FTPS|FTPS]] because it only needs the standard [[Secure Shell|SSH]] port (usually port 22). | ||
| + | |||
| + | === Usage === | ||
| + | |||
| + | [[SFTP]] is commonly used for: | ||
| + | |||
| + | * Uploading website files to a web server. | ||
| + | * Transferring files to or from a remote server, like a [[Seedbox|seedbox]] or [[Virtual Private Server|VPS]]. | ||
| + | * Securely backing up files to a remote location. | ||
| + | * Managing files on a remote system from your local computer. | ||
| + | |||
| + | Many file transfer client programs (like FileZilla, WinSCP, Cyberduck) support [[SFTP]], as do command-line tools (like the `sftp` command in Linux and macOS terminals). | ||
| + | |||
| + | === See Also === | ||
| + | |||
| + | * [[Secure Shell|SSH]] | ||
| + | * [[File Transfer Protocol|FTP]] | ||
| + | * [[FTPS|FTPS]] | ||
| + | * [[Encryption (cryptography)]] | ||
| + | * [[Client–server model]] | ||
| + | |||
| + | === References === | ||
| + | |||
| + | * {{cite web |url=https://www.ssh.com/academy/sftp |title=What is SFTP? |publisher=SSH.COM |access-date=2025-04-25}} - Explanation from the company that developed SSH. | ||
| + | * {{cite web |url=https://filezilla-project.org/learn.php |title=FileZilla Wiki - Learn about FTP, FTPS, and SFTP |publisher=FileZilla Project |access-date=2025-04-25}} - Explains the different protocols simply. | ||
| + | * {{cite web |url=https://www.ibm.com/topics/sftp |title=What is SFTP? |publisher=IBM |access-date=2025-04-25}} - Simple explanation. | ||
| + | |||
| + | [[Category:File transfer protocols]] | ||
| + | [[Category:Secure Shell]] | ||
| + | [[Category:Internet protocols]] | ||
| + | [[Category:Client–server model]] | ||
| + | [[Category:Computer security]] | ||
Latest revision as of 07:07, 25 April 2025
Contents
SFTP
SFTP stands for SSH File Transfer Protocol. It is a secure way to transfer files over a network. Even though it has "FTP" in its name, SFTP is actually a different protocol that runs over SSH (Secure Shell), not the older FTP.
The main purpose of SFTP is to provide a secure way to copy, move, list, and manage files on a remote computer or server.
How SFTP Works
SFTP works by establishing a connection *inside* an already secure and encrypted SSH connection.
1. You use an SFTP client program to connect to a remote server that is running an SSH server. 2. The SSH connection is established first. This connection is encrypted and secure. 3. Once the SSH connection is active, the SFTP protocol starts running within that secure tunnel. 4. All your file operations (like uploading a file, downloading a file, listing the files in a folder, deleting a file, renaming a file) are sent through this secure SSH tunnel.
Because everything happens *inside* the encrypted SSH tunnel, the data (including your login details and the file content) is protected from being intercepted or read by others on the network.
What Encryption SFTP Uses
SFTP itself doesn't have its own separate encryption. It relies entirely on the **SSH protocol** for encryption and authentication.
SSH uses strong encryption methods (like AES or Triple DES) to scramble the data being sent between your computer and the server. It also uses cryptographic techniques for authentication (verifying your identity, usually with a password or public key) to ensure you are connecting to the correct server and that only authorized users can access the files.
So, when you use SFTP, the security and encryption come from the underlying SSH connection.
SFTP vs. FTP and FTPS
- **FTP (File Transfer Protocol):** This is an older protocol for transferring files. It sends data, including usernames and passwords, in plain text, meaning it is **not secure** and can be easily intercepted.
- **FTPS (FTP over SSL/TLS):** This adds an encryption layer (SSL/TLS, like used by secure websites) to the FTP protocol. It is more secure than plain FTP but can sometimes be more complex to set up with firewalls compared to SFTP.
- **SFTP (SSH File Transfer Protocol):** Runs over SSH. Generally considered very secure and often simpler to use through firewalls than FTPS because it only needs the standard SSH port (usually port 22).
Usage
SFTP is commonly used for:
- Uploading website files to a web server.
- Transferring files to or from a remote server, like a seedbox or VPS.
- Securely backing up files to a remote location.
- Managing files on a remote system from your local computer.
Many file transfer client programs (like FileZilla, WinSCP, Cyberduck) support SFTP, as do command-line tools (like the `sftp` command in Linux and macOS terminals).
See Also
References
- Template:Cite web - Explanation from the company that developed SSH.
- Template:Cite web - Explains the different protocols simply.
- Template:Cite web - Simple explanation.
