Transferring Files Securely Using SFTP By David Muck At Isnare.com Ezine Articles

SFTP is a protocol for transferring files using SSH to secure the commands and data that are being transferred between the client and the server. When using FTP, the data that is being transferred is not encrypted, exposing this data to eavesdropping, tampering, or message forgery. With SFTP, the data that is transferred between the client and the server is encrypted, preventing unauthorized users from accessing your data.

Components Needed

To transfer files using the SFTP protocol, you will need a server that is configured for SFTP and a client that supports it. Popular SFTP servers include FileZilla, WinSCP, and DataFreeway. The most commonly used SFTP client is PuTTY, which is available free of charge. Users who desire a more intuitive interface may opt for a more user-friendly client, such as Zephyr’s PASSPORT.

How SFTP Works

There are two basic components to file transfer with SFTP; server validation and client authentication. These two components use public and private keys for authenticating communication between the client and the server. The server is validated by comparing the server’s public key with the public keys stored on the client machine. The server’s public key is usually contained in a file called “known_hosts” located on the server, and the client’s public key is stored in an encrypted file on the local machine.

Clients can be authenticated in three different ways:

- Username and password
- Private key and passphrase
- Keyboard-interactive authentication

With username and password authentication, a user account is set up on the SFTP server. When using private key and passphrase authentication, the client’s public key is added to the “authorized_keys” file on the server. Once the server validation has occurred, the client must enter their passphrase in order to load their private key and complete the authentication process.

Keyboard-interactive authentication uses the method of asking the client a series of questions, and the client must answer these questions correctly in order to be authenticated. This allows for the implementation of assorted authentication methods. For example, username and password authentication can be disabled on the server, but keyboard-interactive authentication could be used to ask the client for their username and password.

File Compression

Most SFTP Clients provide an option to enable file compression. With this option enabled, data sent by the server is compressed before sending, and decompressed at the client end. Likewise, data sent to the server is compressed first and the server decompresses it at the other end. This can help to speed up file transfers, especially with low-bandwidth connections.

SFTP Versions

There are currently two versions of the SFTP protocol: SSH-1 and SSH-2. SSH-2 is a newer, more secure implementation. SSH-1 contains a known security vulnerability, and SSH-2 is recommended for optimum security.

SFTP vs FTPS

SFTP and FTPS are two entirely different protocols.

- SFTP uses SSH to secure transmissions whereas FTPS uses SSL security
- The standard port setting for FTP is 21. The default port for SFTP is 22

Summary

SFTP should be used when you need to transfer sensitive or confidential data between a client and a server that is configured to use SSH for secure transactions.

Published At: Isnare Free Articles Directory http://www.isnare.com
Permanent Link: http://www.isnare.com/?aid=322718&ca=Computers+and+Technology

Important Notice DISCLAIMER: All information, content, and data in this article are sole opinions and/or findings of the individual user or organization that registered and submitted this article at Isnare.com without any fee. The article is strictly for educational or entertainment purposes only and should not be used in any way, implemented or applied without consultation from a professional. We at Isnare.com do not, in anyway, contribute or include our own findings, facts and opinions in any articles presented in this site. Publishing this article does not constitute Isnare.com's support or sponsorship for this article. Isnare.com is an article publishing service. Please read our Terms of Service for more information.