By default, SFTP (SSH file transfer protocol) uses port number 22, but can be configured to listen on ports other than port 22.
SFTP only requires one port for moving data over an internet connection, making SFTP more secure and easier to use than other file-sharing protocols, such as FTP/S, which require trading partners to open a range of ports behind their firewalls.
SFTP Uses Port Number 22
SFTP runs on SSH (Secure Shell or Secure Socket Shell), originally developed in the 1990s. A newer version, SSH-2, was introduced in 2006 using a Diffie-Hellman key exchange with authentication codes. As a result, SSH-2 has replaced SSH to such a degree that when we talk about SSH, we’re talking about SSH-2.
SSH servers, by default, listen to TCP Port 22. The reason for this is primarily arbitrary, meaning users can configure SFTP servers to use other SSH ports without reducing security or functionality. SFTP servers only need one port to connect because SSH transfers data and commands through a single connection, unlike FTP or telnet.
Important: SFTP should not be confused with FTPS (Secure FTP). While SFTP is a secure file transfer protocol that encrypts all information, it differs significantly from FTPS, which adds SSL/TLS to the standard FTP protocol. SFTP, by contrast, is an extension of SSH. FTPS uses port 990 for control connections and port 989 for data connections.
For additional information on SSH file transfer protocol (SFTP) and its differences with secure file transfer protocol (FTPS), you can read our article on Understanding Key Differences Between FTP, FTPS and SFTP.
SFTP Features And Capabilities
SFTP encrypts both the authentication credentials and the data being transferred, giving SFTP another security advantage over FTP/S. SFTP provides two authentication methods: a user ID and password or SSH keys.
Your SFTP server will generate a public-private key combination and send the public key to your trading partner. The SFTP server can then authenticate the public key against the private key while validating the user ID and password.
Public and private keys provide digital signatures that help prevent brute force attacks and spoofing attempts. Using a port other than the default port can also help prevent hacking attempts, such as man-in-the-middle attacks.
Another significant difference between SFTP and FTP is that SSH is a packet-based or cryptographic protocol that encrypts packets of data before they’re sent. FTP, on the other hand, is a text-based protocol.
SFTP isn’t just for transferring files but for accessing remote servers, meaning it is more similar to a file system protocol than to SCP, for example.
As a result, SFTP clients can be used to:
Resume interrupted transfers
Access directory listings
And more SFTP commands
How To Use SFTP
SFTP is essential for any organization or individual who transfers sensitive information over an unsecured network like the Internet. This includes healthcare and financial services institutions that need to protect personally identifiable information (PII).
A secure SFTP connection requires two endpoints supporting the SFTP protocol (SSH uses a client-server configuration). This can be two servers or a FTP server and a FTP client. A user must submit login credentials to connect to an SFTP server securely. This includes:
Username and password
IP address (hostname)
SFTP port number
Private host key
Users can connect to SFTP servers using a command line interface, usually in Linux, or a dedicated SFTP client providing a graphical user interface (GUI). SFTP clients are usually much more user-friendly and are available for all major operating systems (Windows, Linux, MacOS, iOS, Android, and more).
Using Managed File Transfer Software For SFTP
Managed file transfer (MFT) tools, such as JSCAPE MFT Server, often support SFTP while providing additional scalability, features, and layers of security for IT and enterprise teams.
JSCAPE MFT Server is platform-agnostic and can be installed on Microsoft Windows, Linux, Mac OS X, and Solaris. JSCAPE can also handle any file transfer protocol simultaneously, making consolidating or replacing FTP servers with a single solution easy.
MFT servers are also evolving into the cloud with new technologies such as MFTaaS, which has all of the same features as an MFT server but reduces the workload on your organization as the MFTaaS provider manages the infrastructure.
Ready to enhance your data transfer security and efficiency? Discover how JSCAPE MFT Server can streamline your file transfer processes with robust SFTP support and more. Schedule a free demo today and take the first step towards secure, managed file transfers tailored to your organizational needs
Get Your Free Trial
Would you like to try this yourself? JSCAPE enables you to handle any file type, including batch files and XML. Download your free 7-day trial of JSCAPE MFT Server now.
Download JSCAPE MFT Server Trial