What's the difference between FTP and SFTP?

Despite having very similar names and ultimately performing the same function, FTP and SFTP vary in a number of ways.

FTP was created in the 1970s as as a way for people to share files with each other and has since undergone several improvements, including IPv6 and SSL support. Despite these improvements, FTP is still considerably dated and is quickly being replaced as a way of transferring files by SFTP and HTTP; SFTP for authenicated file sharing and HTTP for anonymous file sharing.

In order to use FTP, an FTP server and an FTP client are required. There are several very popular Linux FTP server packages available, including vsftpdProFTPD and Pure-FTPd. All of these packages are very easy to setup and have, for the most part, very subtle differences. They all use PAM by default, so you can authenticate using existing Linux users. The most popular FTP client is almost certainly an opensource application named Filezilla, which offers Windows, Mac and Linux binaries.

As FTP is inherently insecure, SFTP is a much better option. It transfers files over SSH and is a completely different protocol technologically. Everything sent using SFTP is encrypted, there is no anonymous mode and you can authenticate using SSH keys.

SFTP comes packaged with SSH, so the vast majority of Linux servers already have SFTP setup and ready to go. It also uses PAM so you can authenticate using any existing Linux user and immediately have access to that user's home directory.


Was this article helpful?

mood_bad Dislike 0
mood Like 0
visibility Views: 3054