SFTP, which stands for SSH (or Secure) File Transfer Protocol, usually runs on Port 22 (but can be assigned whatever port you want) and is a way for transferring files between machines over a Secure and Encrypted Connection, unlike FTP, which transfers data over an insecure and unencrypted connection.
SSH-2 is integrated into SFTP which provides for a fully encrypted transport layer over which you can execute SFTP commands as needed and transfer files across as well, which is its primary use.
Basics of the Protocol
Definition & RFC
SFTP was developed in the 1990's and is detailed thoroughly in this RFC Draft Specification .
Unlike File Transfer Protocol (FTP), STFP communicates over a Secure connection initiated through SSH2 and is a Packet-Based protocol, instead of a Text-Based protocol like FTP, which in turn will faster due to less data being transferred over the wire than FTP text-based protocol.
Unlike FTP/S, you cannot turn off encryption with SFTP, which is nice when you are trying to ensure that all connections are Secured and Encrypted for anyone transferring files.
With SFTP, files are transferred in-line over the Main Control Connection, rather than having to open a new, separate connection for transfers like FTP.
The resulting benefits of this method is a Single, Efficient and Secure connection transferring data through the firewall, resulting in a faster transfer speed.
One of the most overlooked advantages of using SFTP and its underlying protocol is the ability to deliver files with all of their attributes if needed, including permissions, Time/Date, Size and other information that isn't available when using FTP.
In order to use SFTP, you'll need both a Client program and a Server/Daemon software.
The server software is either already installed for you on a Web server (in this instance, if you are connected to a Web Hosting provider to upload files to your website), or a Corporate Server where your will upload/download files.
In order to correctly setup SFTP Server, you will need to have a internet facing Web Server with the Correct Port setup (usually Port 22) forwarded to the Server from your Firewall and SFTP Service/Daemon Setup and Installed on the system.
Once SFTP server software is installed, the SSH Host key is generated, you can then Create and Assign permissions/passwords to Users and Groups to allow access to the system.
SFTP Servers/Daemons can be installed on either Windows Systems, Unix/Linux Systems, Mac OSX and other devices that support SFTP services.
SFTP client is a software program, either command-line or GUI that gives you the ability to connect to a SFTP Server and has OpenSSH integrated into it.
Client software allows you to connect, authenticate and transfers files over a Secure and Encrypted connection with a Server, over port 22 or whichever port you specify.
In order to configure your STFP client, you will need the following information:
|Hostname of Server||Specify Hostname or IP Address of Server||hostname.server.com|
|Port Number||Port Number you want to Connect to (Usually Port 22)||22|
|Security Protocol||Choose the Protocol to Connect (FTP, SFTP, FTP/S, SCP, etc)||SFTP|
|Username||SSH Username that a client uses to connect to the Host/Server from Above||Username|
|Password||Password assigned to the Username from Above||Password|
You will need to accept the Server's Host Key when first connecting, after that, the Private key will be stored locally on your computer for future connections.
Check our our Reviews of the Best Free SFTP Clients for Download!