FTPS vs SFTP: What is the Difference?


What is the difference between FTPS and SFTP? Let us first look at the technology behind each protocol, and then look at its advantages and limitations.


What is FTPS?

So what does FTPS stand for? The file transfer protocol is secure. FTP first appeared-but it was not initially secured. FTPS uses Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols to provide connection security through encryption. This is provided by the public key certificate of the FTPS server in x.509 formats. The certificate can be trusted (provided by a trusted certification authority) or self-signed. Using a self-signed certificate does not mean that the encryption level will be lower, but you must ensure that the host is who they say it is. Implicitly or explicitly make FTPS connections secure. FTPS servers usually listen for implicit connections on port 990 and explicit connections on port 21-although the server administrator can of course choose to use other ports as needed.

How Does FTPS Work?

The implicit connection starts when the client sends a TLS "client hello" message. This message indicates that the connection should be secure. If the server does not receive the connection, the connection will be disconnected immediately. However, if the server does receive a "client hello" message, it sends the server certificate to the client, and the client will authenticate it and use it to encrypt the session key, and then send it back to the server for the conversation encryption.

For explicit FTPS, the client explicitly requests security by sending the "AUTH TLS" (or AUTH SSL) command immediately after establishing the connection. If the AUTH command is not sent, the FTPS server will treat the client connection as a "regular" non-secure FTP session.

Interestingly, implicit connections are not listed in RFC 2228 (FTPS document), only explicit connections.

In either case, once the session starts, the client will need to authenticate to the FTPS server-usually, this will be authenticated by a user ID and password, but can also include a client certificate if needed. All FTP commands are naturally passed along the control channel (usually 21 for explicit and 990 for implicit), but FTPS then requires a separate channel for data communication (actually sending file or directory listings). By default, the data channel is port 20 for explicit FTPS and port 989 for implicit FTPS. The data channel is opened as needed and then immediately closed again (the control channel remains open during the session).

What is the Difference Between FTPS and SFTP?

First of all, SFTP is not a form of FTP. In fact, FTPS and SFTP are completely unrelated and only have similarities in the structure of many commands. SFTP is not an FTP connected via SSH, but an independent protocol in itself, which uses the basic SSH protocol to provide connection security and identity verification. Because it uses the underlying SSH protocol, it is normal to use the SSH port (usually port 22).

With SFTP, we no longer use certificates for encryption but instead use public/private key pairs that are not signed by a trusted authority. Just like the FTPS self-signed certificate, the only thing that can be doubted is who the SFTP server should be—once you are sure that you are connected to the correct server, you just need to accept the server key and continue the encrypted session.

Previous:5 Opinions for Big Data Transfer Security Technology

Next:How to Transfer Large Files Quickly?

Key Words

transmission system|network disk|transmit data|Transnational transmission|Cross border file transfer|File transfer solution|raysync cloud|Large file transfer solution|raysync|raysync Software|Large file transfer|File management system|Large file transfer|file transfer|raysync cloud|raysync transmission|data transmission|LDAP|AD|HTTP|tcp|High speed transmission|Remote large file transfer|Transnational file transfer|Accelerated transmission|File share transfer|file data|Transfer large files|Cross border transmission|Data transmission software|Large file transfer software|Enterprise file transfer software|High speed data transmission|File synchronous transfer|FTP transmission|Transnational transmission|High Availability|Transmission encryption|High speed transmission protocol|aspera|Breakpoint renewal|socks5|Cache|network|Secure transmission|Cloud storage|saas|Enterprise Network Disk|Operational tools|cloud computing|File management| Foreign trade|Data exchange|Telecommuting|High-speed transmission|SD-WAN|transfer software|High speed transmission|High-speed file transfer|File synchronization|ftp|file transfer protocol|Transfer tool|Big data transfer|File synchronization software|file sync|File transfer software|Oversized file transfer|Transfer solution|Transfer file via email|File transfer server|File transfer services|Managed File Transfer|Fast File Transfer|point to point transfer|Data Management|aes|File sharing|ftps|sftp|mft|shared file|Send Large Files|Secure file transfer|small file transfer|synchronous transmission|data sync|file transfer|video transmission|long distance transmission|file transfer|cross-border data transmission|transfer files|media industry|TLS|teletransmission|File sharing


Raysync offers free file transfer solutions and technical support for enterprise users!