What Is SFTP?

File transfer protocols allow users to transfer data between remote systems over the Internet. SFTP is one such protocol, offering users a secure way to send and receive files and folders.

In this tutorial, we will go over what SFTP is, how it works, when to use it, and which benefits it offers compared to other file transfer protocols.

What is SFTP?

SFTP Definition

SFTP (Secure File Transfer Protocol) is a file transfer protocol that uses SSH encryption to transfer files between systems securely. It comes as a standard part of SSH version 2.0.

SFTP allows users to choose the level of authentication they want to use when transferring files. Users can transfer files using SFTP with no added authentication, using a combination of user ID and password, or using a pair of SSH keys.

SFTP Vs. FTPS

SFTP was developed as a more secure alternative to FTP (File Transfer Protocol). Even though they share some similarities, SFTP is a subsystem of SSH and separate from FTP.

FTPS (FTP Secure) is an extension of FTP that upgrades file transfer security by adding support for cryptographic protocols. Earlier versions of FTPS used SSL encryption but have since moved to use TLS.

While both SFTP and FTPS offer a secure way to transfer files using the Internet, they use ports in a very different way. SFTP uses only a single port to establish a connection between a client and an SFTP server. In contrast, FTPS opens a new port for each file transfer request, which can cause problems with firewalls.

Most firewalls detect when users open a new port for data transfer. However, since FTPS uses SSL/TLS encryption, the firewall doesn't detect what the new port is used for, which causes the connection to fail. While users can resolve this issue by manually opening a limited range of ports, SFTP offers a solution built into the protocol itself.

What is SFTP Used for?

SFTP is used whenever there is a need to transfer files between systems while maintaining a high level of security.

Potential uses for SFTP include:

Secure Data Transfer: SFTP allows users to transfer critical files and sensitive data without the risk of exposing data to unauthorized parties. Secure data transfer is especially important in remote work scenarios.
Maintaining Compliance: SFTP makes it easier for users to comply with security regulations such as PCI-DSS, HIPAA, GDPR, and CCPA. Data-in-transit is encrypted with SSH, ensuring data compliance.
Ensuring Data Accessibility: SFTP servers can connect to clients, applications, and other servers, allowing you to configure a data transfer network that suits your needs.
Scaling Data Transfer: Solutions like cloud SFTP allow users to scale their data transfer capabilities up as their business grows.

Benefits of Using SFTP

Using SFTP to transfer files offers numerous benefits.

Data Security

Unlike some other file transfer protocols, SFTP was built from the ground up with security in mind. It ensures the safe transfer of data by using several security measures:

Single-Port Transfer: SFTP uses a separate port to transfer data (by default, this is port 22). By reducing the number of ports, SFTP limits the number of points vulnerable to eavesdropping and prevents man-in-the-middle attacks.
Data Encryption: SFTP encrypts each file during data transfer. Data encryption makes it virtually impossible for anyone without the right SSH key to decrypt the file.
Authentication: Clients receiving files using SFTP must authenticate before they can decrypt and access the data. SFTP offers the same authentication methods like SSH, including a user ID and password combination and public key pairs.
Data Integrity Checks: During each file transfer, SFTP performs a data integrity and authenticity check. That makes sure that the data wasn't altered during the transfer.

Achieving Compliance

Regulations such as PCI-DSS, HIPPA, GDPR, CCPA, SOX, or GLBA set a standard for secure file transfer. Failure to comply with these standards can result in substantial penalties.

Many of these regulations specify the need for encryption when transferring sensitive files. SFTP makes it easy to comply by including encryption as a default security measure when transferring data.

Advanced Features

SFTP also offers advanced features such as pausing and resuming file transfer. It allows users to perform basic administrative tasks remotely, like creating, renaming, and removing files and directories.

SFTP can also transfer file metadata by default, unlike many other file transfer protocols. These include file size, date and time, and file permissions.

Efficiency and Accessibility

File transfer protocols, including SFTP, make it easy to transfer large files or perform a bulk file transfer (transferring multiple files at once). SFTP is a more efficient solution than emails or cloud data storage for businesses with high data traffic needs.

Users can also automate SFTP file transfers by setting up triggers. These triggers can transfer files at a predetermined time or during certain events. This increases efficiency and reduces the chance for human error.

SFTP supports user-to-server and server-to-server configurations. Data stored on SFTP servers is available at all times, both to users and other servers.

SFTP for ETL and Reverse ETL

ETL (Extract, Transform, and Load) is a commonly used method of data integration. Reverse ETL does the same thing, except it reverses the order of operations.

Reverse ETL relies heavily on transferring files between systems. SFTP provides a way to safely and efficiently transfer data between vendors, customers, and other third parties, which greatly helps the reverse ETL process.

How Does SFTP Work?

An SFTP file transfer starts with a transfer request from a client system. SFTP uses port 22 to open a secure connection between the client and the SFTP server.

A flowchart showing how SFTP file transfer works

The server then reads the transfer request and encrypts the appropriate file using SSH. SFTP sends the file to the client, who uses SSH authentication to decrypt and access the file.

Note: Learn more about how SFTP works in our guide.

How to Use SFTP?

Using SFTP requires setting up a connection between the client system and the SFTP server using SSH. A commonly used option is to connect the two systems using an SSH public key.

Since SFTP comes as a standard part of SSH, no additional installation is necessary. To start using the SFTP interface to transfer files, connect to the remote server by providing a username and remote hostname or IP address:

sftp [username]@[remote hostname or IP address]

In the example below, we access the 192.168.100.5 IP address using the phoenixnap username:

sftp phoenixnap@192.168.100.5

An example of the SFTP interface

The SFTP interface, indicated by sftp> , allows you to request file transfers and execute SFTP commands.

Once you are done using SFTP, end the current connection with:

exit

SFTP offers a reliable way to transfer files and directories, with the added security of SSH encryption. To learn, read our article on how to use SFTP to transfer files.