Overview of SFTP, FTPS, SCP, and FTP

April 2nd, 2014 by Rossy Guide

SFTP

The SSH File Transfer Protocol (also known as Secure FTP and SFTP) is a computing network protocol for accessing and managing files on remote file systems. SFTP also allows file transfers between hosts, similar to the SCP protocol. It encrypts commands and data both, preventing passwords and sensitive information from being transmitted in the clear over a network.

SFTP clients are programs that use SSH to access, manage, and transfer files.  Graphical clients are available for SFTP, or you can use it from the command line on a UNIX or Mac OS X computer.

FTPS

FTPS is an extension to the commonly used File Transfer Protocol (FTP) that adds support for  the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols.

Two separate methods were developed to invoke client security for use with FTP clients: Explicit or Implicit. The explicit method is a legacy compatible implementation where FTPS-aware clients can invoke security with an FTPS-aware server without breaking overall FTP functionality with non-FTPS-aware clients. The implicit method requires that all clients of the FTPS server be aware that SSL is to be used on the session, and thus is incompatible with non-FTPS-aware clients.

SCP

Secure copy or SCP is a means of securely transferring computer files between a local host and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol. The term SCP can refer to one of two related things, the SCP protocol or the SCP program.

The SCP protocol is a network protocol, based on the BSD RCP protocol, which supports file transfers between hosts on a network. The SCP program is a software tool implementing the SCP protocol as a service daemon or client.

FTP

File Transfer Protocol is a standard Internet protocol for transmitting files between computers on the Internet. It is an application protocol that uses the Internet’s TCP/IP protocols. It is commonly used to transfer Web page files from their creator to the computer that acts as their server for everyone on the Internet. It’s also commonly used to download programs and other files to your computer from other servers.

Basic FTP support is usually provided as part of a suite of programs that come with TCP/IP.

Main differences

FTPS is FTP using the SSL protocol for encryption. This is different from the SCP/SFTP family of protocols which use SSH as their transport tunnel. You will usually use the same client programs for scp and sftp, whereas you usually use a web browser or web Download manager for FTPS. FTPS is web-based, whereas SFTP is based on secure shell protocols pioneered on *NIX systems.

Differences between FTP, SFTP, FTPS, SCP

FTP

FTP classic

1. Plain FTP
2. Clear-text password sent over the network
3. Typically runs over TCP port 21

 

FTP/SSL

FTP over TLS/SSL

1. Often called ‘FTPS’ and ‘Secure FTP’
2. Plain FTP over TLS/SSL channel
3. Password and Transfer are encrypted
4. Typically runs over TCP port 21 or 990

 

SFTP

`SSH File Transfer Protocol

1. Has nothing common with original FTP
2. Often called ‘Secure FTP’
3. Password and Transfer are encrypted
4. Typically runs over TCP port 22

 

Leave a Reply