FTP vs SFTP
FTP (File Transfer Protocol) is a protocol used for transferring files between hosts in the internet (or other TCP based networks). It is a protocol based on the client-server model. FTP server holds the files and databases that are required to provide the services requested by clients. Most often, FTP server is a high powered device that is able to handle multiple client requests at the same time. FTP client is generally a personal computer used by an end user or a mobile device, which is running the necessary software that is capable of requesting and receiving files over the internet from a FTP server. FTP maintains separate connections between the client and the server for transferring the control information and data. FTP client applications have evolved from command line applications to applications with graphical user interfaces throughout this time. SFTP (Secure File Transfer Protocol) is a protocol used for transferring files over a secure channel. It was developed as an extension of the Secure Shell protocol (SSH) by the Internet Engineering Task Force (IETF). SFTP assumes that the channel used for communication is secure and that the client is authenticated by the server and the information about the client is available for the use of the protocol.
What is FTP?
FTP is a protocol used for transferring files over the internet. The current specification of FTP is contained in RFC 959. This protocol operates on the application layer. As mentioned earlier, FTP maintains two connections for transferring control information and data. FTP protocol works as follows. A FTP server listens for incoming requests from the clients. A client that wants to communicate with the server could do so through port 21, and it is called the control connection. The control connection is opened throughout the duration of the whole session and it is used to communicate administration information. Then, a second connection is opened by the FTP server through port 20 with the communicated client and this connection is called a data connection. Files are transferred through the data connection and an ongoing transfer could be stopped by sending an abort signal over the control connection.
What is SFTP?
SFTP is a protocol used for transferring files over a secure channel. SFTP is also based on the client-server architecture. A widely known SFTP server is OpenSSH and SFTP clients are implemented as command line programs (as provided with OpenSSH) or GUI applications. SFTP provides encryption for both data and commands that are transferred providing safety for sensitive information such as passwords. Furthermore, uploaded files using the SFTP are associated with file attributes such as a timestamp, which is not possible with FTP. SFTP is not only a protocol for accessing and transferring files, it is actually a file system protocol.
What is the difference between FTP and SFTP?
SFTP provides a secure mechanism for transferring files over the internet. SFTP provides a mechanism for encrypting data and commands that are transferred between the client and the server, whereas the information transferred between the client and the server under FTP is in plain text. Furthermore, uploaded files using the SFTP are associated with file attributes such as a timestamp, which is not possible with FTP. Although SFTP provides a similar (more secure) functionality as FTP, due to the underlying differences in the protocols, a FTP client cannot be used to communicate with a SFTP server and a SFTP client cannot be used to communicate with a FTP server.