The Secure File Transfer Protocol (SFTP) is a popular choice for file access, transfers and management on a remote server. It resembles the same core functionality as FTP in many regards, but the underlying architecture is an entirely different means of transport, reliant on a secure shell (SSH) to operate.
The most notable drawback of FTP is the inherent lack of security it provides. Transmitting data in plain text over an insecure connection, malicious parties can easily sniff the packets and obtain a user’s credentials. Released back in 1985, this flawed design was more than sufficient for the early days of the internet, but presents a massive risk for networks in the modern digital age.
This void in security is the very problem that spawned other protocols such as SFTP out of sheer necessity.
Comparing Secure Protocols
Although it’s one of the most robust options available, SFTP isn’t the only secure protocol on the block. We also have FTPS (FTP over SSL) and SCP (Secure Copy Protocol) as viable alternatives. Since these naming conventions can be redundant and cause confusion, what are the primary differences between these 3?
An extension of the same old FTP protocol, it encapsulates data within a secure SSL layer between the client and server. Rather than change the method of authentication and file transfer, it’s enclosed FTP within a safe pathway that protects the internal data being transmitted.
Strictly designed for file transfers within a secure shell, it is a safe, albeit limited protocol. It has the distinct advantage of being faster than other options, but lacks the ability to list directories, remove files or make any changes to the remote directory structure.
As a complete overhaul of the FTP protocol, it supports the same powerful set of features while utilizing SSH to handle secure authentication and data encryption.
In a nutshell, each protocol is quite different from the next, but seeks to achieve the same goals of secure authentication and encryption. Individual use cases may call for one before the rest, but in most situations, SFTP will be the best of the bunch.
It’s features are comparable to that of FTP and provides the same security of SCP, creating a perfect balance with the best of both worlds.
As the file transfer protocols are quite similar from a usage standpoint, client software often supports most, if not all of these from a single user interface. Interactions with the remote server use different underlying transport methods, but still share many of the same commands and functionality.
Since the application does the hard work behind the scenes, we are spared the hassle of using a different program for each protocol.
Depending on the operating system, there is a wide range of tools available. From graphical clients on Windows to command line (CLI) packages for Linux, and all manner of both free and paid variations in between.
Since SFTP is an extension of SSH, and Linux/MacOS already have SSH support integrated, these users will more often than not stick to the default system tools. We will however look at a few of the best 3rd party SFTP applications on the market, with a range of compatibility types, guaranteeing at least one on the list will work for your preferred OS.
As the most popular file transfer software in the world, Filezilla is a completely free, multi-platform package that works on Windows, Linux and MacOS. It also supports FTP, FTPS and of course, SFTP as well.
It’s interface is simplistic, yet powerful, with a tabbed design that can manage multiple server connections at one time. It supports transfer pause and resume, drag/drop windows and even directory comparisons, displaying the differences in file names, sizes and timestamps between a local and remote server.
For the professional user, they also offer Filezilla Pro as a paid solution with additional support for cloud infrastructure. This features integrations with WebDAV, Amazon S3, Microsoft Azure, Openstack and much more. These aren’t necessary for those just looking to for SFTP, but can prove useful for those in need of a multi-purpose client.
When it comes to an SFTP client, Filezilla checks all of the important boxes. It’s feature rich, runs on nearly every operating system and best of all, is completely free to use. The only real complaint pertains to bloatware that is loaded in the bundled installer, but the portable and unbundled downloads make this a mute point. For the average user, you won’t find a better option on the market at any price.
Filezilla is open source software distributed free of charge under the terms of the GNU General Public License.
A diamond in the rough, WinSCP isn’t quite as popular or refined as Filezilla, but remains the #1 choice for networking professionals. It’s a powerful, no-frills client with support for every file transfer protocol imaginable. In fact, it even brings SCP transfers to Windows and offers WebDAV and Amazon S3 integrations, features only found in the paid version of Filezilla Pro.
The interface is both customizable and quite easy to use, where some even consider it to be more user friendly than Filezilla. It has two themes, Explorer takes inspiration from the Windows Explorer navigation and Commander, which is based on the Norton Commander front-end (pictured below).
It addition to the core functionality, it packs quite a few unique tools as well. The CLI scripting engine is incredibly well documented and extremely powerful, making task automation a breeze. It also includes a .NET assembly that can be embedded in to other applications, or interface with external engines such as Windows Powershell. Our favorite however is the Workspaces, which allow you to save your connections to multiple sites and reconnect immediately when the program is launched.
For those on Windows that are looking to step away from another solution, WinSCP is comparable or better than most in many ways. It lacks the cross platform compatibility that makes Filezilla stand out from the rest, but holds it own in terms of features and functionality.
Relatively new to the scene, CyberDuck is a self proclaimed server and cloud storage browser. It is free of charge and open source, with support for a variety of protocols (including SFTP) and most cloud solutions.
It’s cross platform as well, available for download on both Windows and Mac. As an extra incentive to help users make the switch, they offer automated import tools to bring your existing bookmarks from 18 other clients including Filezilla and WinSCP.
For those coming from another program, the user interface can be a bit quirky at first. Deviating from the norm of 2 panes side by side, this stems from heavy emphasis on the cloud first approach. That aside, it has an attractive design and is easy to navigate, with large buttons at the top for common actions and additional options within the menus.
While CyberDuck lacks the feel of a traditional SFTP client, we can certainly appreciate what they bring to the table. There are surprisingly few cross platform options available, and even less that are both free and open source.
In contrast to the client side software that maintains support for many different protocols, SFTP servers are often more specialized. Considering it relies on a secure shell for authentication and encryption, we often find SFTP and SCP are coupled together in full scale SSH server suites.
In fact on Linux and Mac, you can simply install or enable the OpenSSH package. Since SFTP and SCP are considered extensions, both are integrated utilities that have full support built-in.
This isn’t necessarily always the case though. There are plenty of compact, lightweight solutions on the market that are SFTP exclusive. These are almost strictly found on Windows where SSH isn’t a native option, but they introduce the necessary functionality with a small footprint.
If you would like to compare and contrast various SFTP servers that will best suit your needs, you can check out our article on the 10 Best SFTP Servers for SSH Transfers. Otherwise, our favorite pick is the award winning SolarWinds SFTP Server without question.
SolarWinds SFTP Server
Part of their all inclusive server software suite, the SolarWinds SFTP server is a feature rich hosting solution for Windows. It is one of several tools offered completely free of charge, which provides added value considering they can seamlessly integrate.
As discussed above, it also maintains support for SCP transfers and even has TFTP as well. While relatively meaningless for our needs, additional protocols can create a broad range of accessibility for different device types to reach the network securely.
While most SFTP client and server packages offer a GUI interface for convenience, these buttons and menus are just executing commands behind the scenes. In reality, when you drag a file from the remote host to your machine, it sends a “get file” message that tells the server what we want.
For most users, it won’t ever be necessary to understand the logistics. However, for more advanced practices like scripting and automation, it is essential to have knowledge of the syntax which is used from a command line interface.
If you have ever used the operating system’s command line before, some of these are likely familiar or at least obvious enough in name. With a few exceptions, the naming conventions are mostly universal. We have outlined a table below with a breakdown of the command, description and syntax for usage, although these are also available by using the help or ? commands as well.
|Escape to the local shell prompt (type exit to return to SFTP)|
|Show a list of SFTP commands|
|Change the current working directory on the remote host||cd <path>|
|Change the file permissions on the remote host||chmod <mode> <path>|
|Change the owner of files on the remote host||chown <owner> <path>|
|Abort the SFTP connection to the remote host|
|Copy a file from the remote host to the local client||get <remotepath> <localpath>|
|Show a list of SFTP commands|
|Change the current directory on the local client||lcd <path>|
|List the contents of the current directory on the local client|
|Create a directory on the local client||lmkdir <path>|
|Create a symbolic link for a file on the remote host||ln <oldpath> <newpath>|
|Print the current working directory on the local client|
|List the contents of the current directory on the remote host|
|Change the local umask||lumask <mask>|
|Create a directory on the remote host||mkdir <path>|
|Copy a file from the local client to the remote host||put <localpath> <remotepath>|
|Print the current working directory on the remote host|
|Rename a file on the remote host||rename <oldpath> <newpath>|
|Remove a file on the remote host||rm <path>|
|Remove a directory on the remote host||rmdir <path>|
|Display the current version of SFTP|
Contrary to what the acronym may suggest, SFTP is not just Secure FTP but rather a complete overhaul of the entire transfer protocol. When compared to other secure protocols such as FTPS and SCP, it stands out as the best choice in most situations, thanks to the advanced security measures and extended functionality. The lack of speed is often the only point of real concern, where it must ack each packet during transfers.
In most cases, it’s a small price to pay for what is otherwise a completely modernized solution to secure file transport. There is no one size fits all, but SFTP is easily the closest thing to it.
Having looked at what SFTP is, the best client and server side applications for it, and the commands it needs to operate, this should provide considerable insight in to the important aspects of this protocol. If you still have questions or want to provide feedback, we welcome you to leave a comment below!