Filter by Category

Are SFTP and FTP the Same?

Files transferring between laptops

The Key Differences Between SFTP and FTP

Are SFTP and FTP the same? While they originate from the same ballpark, the answer to this question is ultimately NO.

Secure File Transfer Protocol or SSH File Transfer Protocol (SFTP) and File Transfer Protocol (FTP) are NOT the same thing. SFTP, not to be confused with FTP Secure (FTPS), is a network which allows file access, transfer, and management over a secure data stream. It is an extension of the 2.0 version of the Secure Shell (SSH) protocol, whose sole purpose is to provide secure transfer capabilities and work functionally with other protocols. FTP is a network protocol which is implemented in order to exchange files over a Transmission Control Protocol (TCP) and Internet Protocol (IP) network.

FTP Basics

FTP is a popular file transfer method that has been around longer than the world wide web – and it hasn’t changed much since its invention. When FTP was created, it wasn’t automatically assumed that internet activity could be malicious, so FTP wasn’t constructed to deal with the kind of cybersecurity threats we now face today.

FTP exchanges data using two separate channels known as the command channel and data channel. With FTP, both channels are unencrypted, leaving any data sent over these channels vulnerable to being intercepted and read.

SFTP Basics

SFTP works over the Secure Shell (SSH) data stream to establish one secure connection and provide organizations with a higher level of file transfer protection. SFTP uses encryption algorithms to securely move data to your server and keep files unreadable during the process, while authentication prevents unauthorized file access during the operation.

While SFTP doesn’t require two-factor authentication, you do have the choice to require both a user ID and password, as well as SSH keys, for a more secure connection. Creating SSH keys helps prevent imposters from connecting to the server. SSH key pairs must be generated beforehand.

SFTP also gives you the option to perform a wide variety of tasks for sensitive files, from removing files to resuming dropped transfers.

Related Reading: What else can SFTP do? Explore our SFTP client for managed file transfer.

How does SFTP Authenticate?

SFTP provides two main methods for authenticating connections. Similar to FTP, you can simply use a user ID and password. However, with SFTP these credentials are encrypted and gives SFTP a major security advantage over FTP.

The other authentication method you can use with SFTP is SSH keys. This involves first generating both an SSH private key and a public key, where you can then send your SSH public key to your trading partner and they load it onto their server and associate it with your account. When they connect to your SFTP server, their client software will transmit your public key to the server for authentication. If the public key matches your private key, along with any user or password supplied, then the authentication will succeed.

User ID authentication can be used with any combination of key and/or password authentication.

The Main Differences

  • Encryption – The biggest, and one of the most crucial differences, between FTP and SFTP is the fact that one is encrypted (SFTP) while the other is not (FTP). SFTP is a much more secure protocol compared to FTP, considering that when files are being sent and received using “standard” FTP, they are done so in an unencrypted manner. This means that even if the connection itself is secure, the transmission may not be and any data that is currently in transit can potentially be intercepted by a person with malicious intentions.
  • Firewalls – The design of the FTP protocol uses just one channel (port 21) for sending commands and receiving acknowledgements. However, it has to open other channels dynamically in order to send files. Although the client and server software negotiate these channels immediately, this poses an issue for client-side firewalls because a large number of ports need to be open to the server’s IP address in order for the protocol to operate through the firewall unabated. SFTP is more friendly to today’s client-side firewalls since it only requires a single port (22) to be open for sending controls and for sending or receiving data files.


Learn more about securing your FTP or SFTP server by watching our on-demand webinar here.


Related Posts


10 Essential Tips for Securing FTP and SFTP Servers

Most organizations use FTP or SFTP servers to exchange files and other critical business documents with their trading partners. Unfortunately, these servers have become a primary target for hackers,…


Are SSH Keys or Passwords Better for SFTP Authentication?

SSH keys or passwords? That’s the question often asked by IT professionals when setting up authentication on an SFTP server. There’s some debate on whether SSH keys or passwords are better at…


Are Your FTP Credentials Secure?

Do you know where your FTP credentials are? A security researcher named Chris Larson happened onto a curious website last September that had been serving some malicious-looking exe files. While…


Everything You Need to Know about FTP Automation Software

So, you want to automate your FTP file transfers. Whether you send a dozen file transfers a week, hundreds a day, or even more, automation is a smart step for most businesses. The benefits are…


Five Secure File Transfer Alternatives to FTP

The Need for Secure File Transfer ProtocolsBack in the day, File Transfer Protocol (FTP) was the go-to protocol for sending files. It was a simpler time, and security was far less of an issue than it…