Last updated on: 2020-04-29
Authored by: Rackspace Community
This article discusses the advantages and disadvantages of using File Transfer Protocol (FTP) and SSH File Transfer Protocol (SFTP).
FTP and SFTP are separate protocols that work in a similar way. Both offer file transfer and management on remote machines. The primary difference is in the level of security that they offer.
FTP traffic is unencrypted. All FTP transmissions are sent as regular text, including usernames, passwords, commands, and the files themselves. As a result, anyone with access to the network can potentially read them.
SFTP is an extension of the Secure Shell Protocol (SSH). It is a more secure option that provides end-to-end encryption through the SSH tunnel.
By default, SFTP is already available on all Linux® images for Rackspace managed cloud servers. The only port that is open on a new image is port 22. Opening this port enables administrators to access the server by using either SSH or SFTP. Any user with SSH access can also access the server by using SFTP. The groups and permissions that are associated with your users also determine their ability to manage files.
FTP requires you to install an FTP server (such as very secure File Transfer Protocol (FTP) daemon (vsftpd)), open port 21, and create and maintain separate users and permissions for accessing files and directories.
However, FTP has the following advantages over SFTP:
If you plan to use FTP, we recommend that you review the following resources that show you how to install and configure vsftpd on a cloud server. Vsftpd is an open source FTP server that you can use to transfer files.
We recommend that you use SFTP instead of FTP to ensure that file transmissions are secure. SFTP encrypts the data that it transfers to the FTP server and prevents unauthorized access during the transmission.
©2020 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License