SSH File transfer (SFTP) is a type of protocol that is employed to transfer files using SSH. They are very useful in securing data and commands that are transferred between the client and the server. In the traditional FTP method, the data which is transferred between the client and the server is not encrypted.
This makes the data to be susceptible to any external changes. Data transferred through FTP can be tampered, forged and eavesdropped before it reaches the intended destination. By using SFTP, this can problem can be evaded. This is because, it encrypts the data and commands during their flow between the client and the server and thus preventing an unauthorized access to them.
So, now we arrive at a question of what are the components required to enable a smooth transfer of files through SFTP protocol. For this, you need a server which is configured for SFTP and the client which supports it.
SFTP Working Mechanism
The working mechanism of SFTP can be broken down into two aspects: server validation and client authentication. These two procedures make use of public keys and private keys for authenticating the communication taking place between the server and the client. As a first step, the server from where the communication is initiated is validated by comparing the public keys with the ones stored in the client side. A file by the name ‘known_hosts’ contains the public keys for the server and the client’s public keys are present on the local machine and are stored in an encrypted file.
3 different ways to intimate the client are Username and password, Keyboard interactive authentication and Private Key and passphrase. On authenticating the username and password, the user account is set up on the SFTP server .While authenticating using private key and passphrase, client’s public key is added to the concerned file on the server.
After server validation, the client has to enter the passphrase to have their private key loaded and there by completing the entire authentication process. The keyboard interactive process involves asking a series of questions to the client. Only when the client answers all these questions, it will be authenticated. The entire authentication process is very flexible and can also be performed in an assorted a manner. For instance, username and password of the client can be asked by keyboard-interactive authentication and so on.
As of now, there are 2 versions of SFTP protocol. They are SSH-1 and SSH-2.The latter version is the latest and more secured one. To secure your process, it is recommended to use SSH-2, as SSH-1 is known for its vulnerability in security purposes. File compression feature can also be enabled by most SFTP clients. With this option, the data can be compressed to a desirable level while sending and can be decompressed on receiving at the client’s side. This mechanism is useful for sending data very quickly and with low speed bandwidth connections.
In general, SFTP can be used if you want your sensitive and confidential data to be transferred between a server and its client. It has better operating features as compared to FTPS, which is comparatively less secured.
experts in seo and web design