SFTP (SSH file transfer protocol) uses port number 22 by default, but can be configured to listen on different ports. SFTP only requires one port for moving data over an internet connection, making SFTP more secure and easier to use than other protocols, such as FTP/S, which require trading partners to open a range of ports behind their firewalls.
SFTP runs on SSH (Secure Shell or Secure Socket Shell), which was originally developed in the 1990s. A newer version, SSH-2, was introduced in 2006 using a Diffie-Hellman key exchange with authentication codes. As a result, SSH-2 has replaced SSH to such a degree that when we talk about SSH, we’re really talking about SSH-2.
SSH servers by default listen to TCP Port 22. The reason for this is mostly arbitrary, meaning users can configure SFTP servers to use other SSH ports without reducing security or functionality. SFTP servers only need one port to connect because SSH transfers both data and commands through a single connection, unlike FTP or telnet, for example.
SFTP should not be confused with secure FTP. While SFTP is a secure file transfer protocol in that it encrypts all information, it is very different from FTPS which adds SSL/TLS on top of the standard FTP protocol. SFTP by contrast is an extension of SSH.
For additional information, read the article Understanding Key Differences Between FTP, FTPS and SFTP.
SFTP Features And Capabilities
SFTP encrypts both the authentication credentials and the data being transferred, giving SFTP another security advantage over FTP/S. SFTP provides two methods of authentication, either a user ID and password or SSH keys. Your SFTP server will generate a public-private key combination and send the public key to your trading partner. The SFTP server can then authenticate the public key against the private key, while validating the user ID and password as well.
Public and private keys provide digital signatures that help prevent brute force attacks and spoofing attempts. Using a port other than the default port can also help prevent hacking attempts, such as man-in-the-middle attacks.
Another major difference between SFTP and FTP is that SSH is a packet-based or cryptographic protocol that encrypts packets of data before they’re sent. FTP on the other hand is a text-based protocol.
SFTP isn’t just for transferring files but for accessing remote servers, meaning it is more similar to a file system protocol than it is to, say, SCP. As a result, SFTP clients can be used to resume interrupted transfers, access directory listings and more SFTP commands.
How To Use SFTP
SFTP is important for any organization or individual who needs to transfer sensitive information over an unsecured network like the internet. This includes healthcare and financial services institutions that need to protect personally identifiable information (PII).
A secure connection with SFTP requires two endpoints that support the SFTP protocol (SSH uses a client-server configuration). This can be two servers or a server and a client. A user will have to submit login credentials in order to securely connect to an SFTP server. This includes:
- Username and password
- IP address (hostname)
- SFTP port number
- Private host key
Users can connect to SFTP servers using a command line interface, usually in Linux, or with a dedicated SFTP client that provides a graphical user interface (GUI).
Using Managed File Transfer Software For SFTP
Managed file transfer (MFT) tools often support SFTP while providing additional features and layers of security for IT and enterprise teams. One such tool, JSCAPE MFT Server software, is platform-agnostic and can be installed on Microsoft Windows, Linux, Mac OS X and Solaris. JSCAPE can also handle any file transfer protocol, making it easy to consolidate or replace FTP servers with a single solution. Multiple different protocols can be handled through a single JSCAPE server.
Get Your Free Trial
Would you like to try this yourself? JSCAPE MFT Server is platform-agnostic and can be installed on Microsoft Windows, Linux, Mac OS X and Solaris, and can handle any file transfer protocol as well as multiple FTP protocols from a single server. Additionally, JSCAPE enables you to handle any file type, including batch files and XML. Download your free 7-day trial of JSCAPE MFT Server now.Download JSCAPE MFT Server Trial