Submitted by on

Home > SFTP vs. Secure File Sharing Online

SFTP vs. Secure File Sharing Online

Share this Page

What Is SFTP and How It Works

SFTP, or secure file transfer protocol, was created by the Internet Engineering Task Force (IETF) as an extension of SSH (secure shell protocol) to allow files to be securely transferred and managed over a TCP/IP network. It is used for secure file transfers over Transport Layer Security (TLS) and data transfer for virtual private network (VPN) applications. In addition to enabling secure file transfers, SFTP allows users to perform basic administrative tasks on remote servers, including managing files and directories (e.g., copying and deleting) as well as setting file permissions.

SFTP builds on the File Transfer Protocol (FTP) and includes SSH security components.

It is used with SSH to transfer files between remote systems safely. SSH provides a secure connection, and SFTP secures the transfer by validating and authenticating the host and client. With SFTP, commands and data are encrypted to prevent passwords and other sensitive information from being exposed to the network in plain text. This protects data against sniffing and man-in-the-middle attacks.

While SFTP is often the preferred file transfer protocol for IT admins, secure online file sharing solutions take the functionality of SFTP further.

SFTP uses Advanced Encryption Standard (AES) and other encryption algorithms to secure data as it travels between remote systems. It also offers several options for the authentication of a connection, including user IDs and passwords, SSH keys, or combinations of these. Note that SSH keys must be created in advance to prevent unauthorized users from connecting to the server.

The SFTP protocol runs over the SSH protocol using port 22. The client identifies each operation with a unique number that must match the server response. Operations can be performed synchronously or asynchronously, but the SFTP protocol is initiated only when SSH is used for logging into the server. This stops additional ports from being exposed or requiring that additional authentications be maintained.  

An SFTP server requires both communicating parties to authenticate themselves by providing a user ID and password or validating an SSH key (or both). Half of the SSH key is stored on the computer of the two clients, while the other half is loaded on the server and associated with their account (public key). Only when the SSH key pair matches then authentication can occur.

To use SFTP, the protocol can be launched through a command line interface (CLI) or a graphical user interface (GUI). With a CLI, the user has to type in specific command lines to generate the SFTP protocol. A GUI approach for SFTP uses a program that abstracts SFTP visually for end users.

What Is SFTP Used For?

SFTP helps enterprises meet security requirements for regulations, such as Health Insurance Portability and Accessibility Act (HIPAA), General Data Protection Regulation (GDPR), and privacy laws. Additionally, SFTP is used to protect sensitive data from unauthorized access when it is in transit to prevent data breaches that can have catastrophic consequences for organizations. SFTP can also be used as a complement to a VPN. 

Advantages of SFTP

Compared to other file transfer protocols, such as FTPS, SFTP provides a number of advantages, including the following.

  • Data accessibility
    SFTP offers users-to-server and server-to-server facilities, which increases productivity.
  • Fast large file transfer
    SFTP supports large file transfers and simultaneously transferring multiple files from one server to another.
  • Integration with other security systems
    SFTP integrates well with VPNs and firewalls.
  • Management options
    SFTP can be managed through a web interface or an SFTP client.
  • Packet-based rather than text-based
    Typically, this makes SFTP faster than other file transfer protocols, because less data is changing hands. Packets are easier to process and require fewer CPU resources than text-based protocols with large strings that take more time to decrypt.  
  • Security
    SFTP enables data security, encryption, and public key authentication to protect data in transit.  
  • A single open port required
    SFTP is less risky than FTPS, because it only requires a single open port to send and receive initial authentication information, commands, and file transfers from another server.

Disadvantages of SFTP

While SFTP has many advantages, it has disadvantages, including the following.

  • Compatibility issues
    Because SFTP standards are optional and recommended rather than mandatory, software compatibility issues can arise. 
  • Challenges with SSH keys
    The SSH keys used with SFTP are not easy to manage and validate.
  • Complexity
    Although SFTP is manageable, the process of creating and setting up an SFTP client is more complicated than creating an FTP client.
  • Inability to log communication
    Because SFTP communication is binary, it cannot be logged.
  • Private key storage
    SFTP requires that private keys be stored on the device users want to transfer files from, which means that this device should also be protected. This can require more IT support time.

The Difference Between SFTP vs. FTP

FTPSFTP
Transfer securityFTP does not offer a secure channel to transfer files between hostsSFTP offers a secure channel for transferring files between the host
EncryptionFTP is accessible anonymously, and in most cases, it is not encryptedSFTP encrypts the data before sending it to another host
Architecture usedClient-serverSSH
ProtocolFTP is TCP/IP protocolSFTP protocol is a part of the SSH protocol 
Number of channels used21
Transfer methodDirect transferTunneling
Inbound PortAllow inbound connection on port 21Allows incoming connections on port 22
Outbound PortAllows outbound connection to port 21Allows outbound connections to port 22

How to Use SFTP to Securely Transfer Files with a Remote Server?

With SFTP, there are two ways in which files can be transferred using SFTP:

  • Using WinSCP, an SFTP client for Microsoft Windows that allows users to copy files between a local computer and remote servers
  • Using SFTP client software that uses the SFTP protocol to transfer files securely to and from a remote computer

Common SFTP commands for securely transferring files with a remote server and other tasks are:

  • sftp> put
    Upload a file
  • sftp> get
    Download a file
  • sftp> cd
    Change the active directory path
  • sftp> pwd
    Display the remote working directory
  • sftp> Icd
    Change the local system’s directory path
  • sftp> lpwd
    Display the local working directory
  • sftp> ls
    Display contents of the remote working directory
  • sftp> lls
    Display content of the local working directory
  • sftp> lmkdir
    Create a local directory
  • sftp> lumask
    Change the umask value
  • sftp> rename
    Rename a file on the remote host
  • sftp> rm
    Delete a file on the remote host

Why Secure Online File Sharing Solutions vs. SFTP?

Relying on SFTP alone is acceptable for some file transfer use cases, but sensitive file transactions require additional enterprise-grade protection, control, and visibility. While SFTP is often the preferred file transfer protocol for IT admins, secure online file sharing solutions take the functionality of SFTP further.

Secure online file sharing solutions provide file transfer automation, reporting, compliance support, and security that goes beyond SFTP. Secure online file sharing solutions provide the security features necessary to meet enterprise requirements for performance and security as well as for compliance with regulations and other governance policies.

Egnyte has experts ready to answer your questions. For more than a decade, Egnyte has helped more than 16,000 customers with millions of customers worldwide.

Last Updated: 25th April, 2023

Share this Page

Get started with Egnyte.

Request Demo