Content Management.com

Secure File Transfer Protocol (SSH File Transfer Protocol)

By Alexander S. Gillis

What is Secure File Transfer Protocol (SFTP)?

Secure File Transfer Protocol (SFTP) is a network protocol for securely accessing, transferring and managing large files and sensitive data.

Designed by the Internet Engineering Task Force as an extension of Secure Shell (SSH), SFTP enables access, transfer and management of files over a network. It's used for secure file transfers over Transport Layer Security and the transfer of data for virtual private network (VPN) applications.

SFTP helps enterprises meet regulations for file transfer compliance in accordance with HIPAA, GDPR and other regulatory rulings. SFTP also lets businesses securely transfer billing data, funds and data recovery files. Individuals may also use SFTP to encrypt their communications.

SFTP uses SSH to transfer files and requires that the client be authenticated by the server. Commands and data are encrypted to prevent passwords and other sensitive information from being exposed to the network in plain text.

How does SFTP work?

Secure File Transfer Protocol was developed to securely transfer and manage files over a TCP/IP network. SFTP uses the same commands as the standard File Transfer Protocol (FTP), and most SFTP commands are similar or identical to the Linux shell commands. SFTP performs numerous tasks, including transferring sensitive files, removing files and resuming paused transfers. To establish server connections, SFTP only needs to be connected to the normal SSH port 22.

SFTP also needs an SFTP client and server. An STFP client is software that lets users connect to a server and store files on the server. Files are stored and retrieved from the STFP server. When a user clicks on a file, the request travels through the network and ultimately reaches a server. This data is then sent to the requesting device. SFTP ensures all files are encrypted before transferring them.

SSH keys are typically used to automate access to servers and are often used in scripts, backup systems and configuration management tools. SSH keys in SFTP have half of the key stored on the client device, while the other half is on the server associated with a public key. Users are properly authenticated when SSH key pairs match.

SFTP works over an SSH data stream to establish a secure connection. Encryption algorithms securely move data to a server, keeping files unreadable during the process. To further prevent unauthorized file access, authentication is also enabled. Users can choose to be identified by a user ID and password, SSH keys or both.

What is SFTP used for?

SFTP is used to do the following:

Advantages of SFTP

Advantages of SFTP include the following:

Disadvantages of SFTP

Some disadvantages that come with SFTP include the following:

Examples of SFTP

Common SFTP commands include the following:

What is the difference between SFTP vs. FTP?

FTP is a network protocol for transmitting files between computers over TCP/IP connections. FTP is considered an application layer protocol.

In an FTP transaction, the user's computer is called the local host. The second computer involved is the remote host, which is usually a server. Both devices must be connected by a network and configured properly to transfer files via FTP. FTP is used to transfer files behind the scenes for other applications. It's also sometimes used to download new applications via web browsers.

FTP differs from SFTP in the following ways:

If keeping data secure is important or data security is needed for regulation, then use SFTP.

Learn more about FTP and 11 other common network protocols as well as their functions.

13 Oct 2022

All Rights Reserved, Copyright 2011 - 2024, TechTarget | Read our Privacy Statement