HOME

TheInfoList



Click Here for Items Related To - SSH File Transfer Protocol
OR:
SSH File Transfer Protocol on:   [Wikipedia]   [Google]   [Amazon]

In
computing Computing is any goal-oriented activity requiring, benefiting from, or creating computing machinery. It includes the study and experimentation of algorithmic processes, and development of both hardware and software. Computing has scientific, ...
, the SSH File Transfer Protocol (also known as Secure File Transfer Protocol or SFTP) is a
network protocol A communication protocol is a system of rules that allows two or more entities of a communications system to transmit information via any kind of variation of a physical quantity. The protocol defines the rules, syntax, semantics and synchroniza ...
that provides
file access In computing, file system or filesystem (often abbreviated to fs) is a method and data structure that the operating system uses to control how data is stored and retrieved. Without a file system, data placed in a storage medium would be one larg ...
,
file transfer File transfer is the transmission of a computer file through a communication channel from one computer system to another. Typically, file transfer is mediated by a communications protocol. In the history of computing, numerous file transfer protocol ...
, and
file management A file manager or file browser is a computer program that provides a user interface to manage files and folders. The most common operations performed on files or groups of files include creating, opening (e.g. viewing, playing, editing or p ...
over any reliable
data stream In connection-oriented communication, a data stream is the transmission of a sequence of digitally encoded coherent signals to convey information. Typically, the transmitted symbols are grouped into a series of packets. Data streaming has b ...
. It was designed by the
Internet Engineering Task Force The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and a ...
(IETF) as an extension of the
Secure Shell The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on ...
protocol (SSH) version 2.0 to provide secure file transfer capabilities. The IETF Internet Draft states that, even though this protocol is described in the context of the SSH-2 protocol, it could be used in a number of different applications, such as secure file transfer over
Transport Layer Security Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securi ...
(TLS) and transfer of management information in
VPN A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. The be ...
applications. This protocol assumes that it is run over a
secure channel In cryptography, a secure channel is a means of data transmission that is resistant to overhearing and tampering. A confidential channel is a means of data transmission that is resistant to overhearing, or eavesdropping (e.g., reading the conten ...
, such as SSH, that the server has already authenticated the client, and that the identity of the client user is available to the protocol.


Capabilities

Compared to the
SCP SCP may refer to: Organizations Political parties * Soviet Communist Party, the leading political party in the former Soviet Union * Syrian Communist Party * Sudanese Communist Party * Scottish Christian Party Companies * Seattle Computer Produ ...
protocol, which only allows file transfers, the SFTP protocol allows for a range of operations on remote files which make it more like a remote file system protocol. An SFTP
client Client(s) or The Client may refer to: * Client (business) * Client (computing), hardware or software that accesses a remote service on another computer * Customer or client, a recipient of goods or services in return for monetary or other valuabl ...
's extra capabilities include resuming interrupted transfers, directory listings, and remote file removal. SFTP attempts to be more platform-independent than SCP; with SCP, for instance, the expansion of
wildcard Wild card most commonly refers to: * Wild card (cards), a playing card that substitutes for any other card in card games * Wild card (sports), a tournament or playoff place awarded to an individual or team that has not qualified through normal pla ...
s specified by the client is up to the server, whereas SFTP's design avoids this problem. While SCP is most frequently implemented on
Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, an ...
platforms, SFTP servers are commonly available on most platforms. The file transfer is fast in SCP when compared to the SFTP protocol due to the back and forth nature of the SFTP protocol. In SFTP, the file transfer can be easily terminated without terminating a session like other mechanisms do. SFTP is not
FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data ...
run over
SSH The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on ...
, but rather a new protocol designed from the ground up by the
IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and a ...
SECSH
working group A working group, or working party, is a group of experts working together to achieve specified goals. The groups are domain-specific and focus on discussion or activity around a specific subject area. The term can sometimes refer to an interdis ...
. It is sometimes confused with
Simple File Transfer Protocol The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data ...
. The protocol itself does not provide authentication and security; it expects the underlying protocol to secure this. SFTP is most often used as subsystem of
SSH The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on ...
protocol version 2 implementations, having been designed by the same working group. It is possible, however, to run it over SSH-1 (and some implementations support this) or other data streams. Running an SFTP server over SSH-1 is not platform-independent as SSH-1 does not support the concept of subsystems. An SFTP client willing to connect to an SSH-1 server needs to know the path to the SFTP server binary on the server side. Uploaded files may be associated with their basic attributes, such as time stamps. This is an advantage over the common
FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data ...
protocol.


History and development

The Internet Engineering Task Force (IETF) working group "Secsh" that was responsible for the development of the
Secure Shell The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on ...
version 2 protocol (RFC 4251) also attempted to draft an extension of that standard for secure file transfer functionality.
Internet Draft An Internet Draft (I-D) is a document published by the Internet Engineering Task Force (IETF) containing preliminary technical specifications, results of networking-related research, or other technical information. Often, Internet Drafts are int ...
s were created that successively revised the protocol into new versions. The software industry began to implement various versions of the protocol before the drafts were standardized. As development work progressed, the scope of the Secsh File Transfer project expanded to include
file access In computing, file system or filesystem (often abbreviated to fs) is a method and data structure that the operating system uses to control how data is stored and retrieved. Without a file system, data placed in a storage medium would be one larg ...
and
file management A file manager or file browser is a computer program that provides a user interface to manage files and folders. The most common operations performed on files or groups of files include creating, opening (e.g. viewing, playing, editing or p ...
. Eventually, development stalled as some committee members began to view SFTP as a file system protocol, not just a
file access In computing, file system or filesystem (often abbreviated to fs) is a method and data structure that the operating system uses to control how data is stored and retrieved. Without a file system, data placed in a storage medium would be one larg ...
or
file transfer File transfer is the transmission of a computer file through a communication channel from one computer system to another. Typically, file transfer is mediated by a communications protocol. In the history of computing, numerous file transfer protocol ...
protocol, which places it beyond the purview of the working group. After a seven-year hiatus, in 2013 an attempt was made to restart work on SFTP using the version 3 draft as the baseline.


Versions 0–2

Prior to the IETF's involvement, SFTP was a proprietary protocol of
SSH Communications Security The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on a ...
, designed by Tatu Ylönen with assistance from Sami Lehtinen in 1997. Differences between versions 0–2 and version 3 are enumerated upon i
section 10 of draft-ietf-secsh-filexfer-02


Version 3

At the outset of the IETF Secure Shell File Transfer project, the Secsh group stated that its objective of SSH File Transfer Protocol was to provide a secure file transfer functionality over any reliable data stream, and to be the standard file transfer protocol for use with the SSH-2 protocol. Drafts 00–02 of the IETF Internet Draft define successive revisions of version 3 of the SFTP protocol.
SSH File Transfer Protocol, Draft 00, January 2001

SSH File Transfer Protocol, Draft 01, March 2001

SSH File Transfer Protocol, Draft 02, October 2001


Version 4

Drafts 03–04 of the IETF Internet Draft define version 4 of the protocol.
SSH File Transfer Protocol, Draft 03, October 2002

SSH File Transfer Protocol, Draft 04, December 2002


Version 5

Draft 05 of the IETF Internet Draft defines version 5 of the protocol.
SSH File Transfer Protocol, Draft 05, January 2004


Version 6

Drafts 06–13 of the IETF Internet Draft define successive revisions of version 6 of the protocol.
SSH File Transfer Protocol, Draft 06, October 2004

SSH File Transfer Protocol, Draft 07, March 2005

SSH File Transfer Protocol, Draft 08, April 2005

SSH File Transfer Protocol, Draft 09, June 2005

SSH File Transfer Protocol, Draft 10, June 2005

SSH File Transfer Protocol, Draft 11, January 2006

SSH File Transfer Protocol, Draft 12, January 2006

SSH File Transfer Protocol, Draft 13, July 2006


Software


SFTP client

The term SFTP can also refer to
Secure file transfer program is a command-line interface client program to transfer files using the SSH File Transfer Protocol (SFTP), which runs inside the encrypted Secure Shell connection. It provides an interactive interface similar to that of traditional command-line ...
, a
command-line A command-line interpreter or command-line processor uses a command-line interface (CLI) to receive commands from a user in the form of lines of text. This provides a means of setting parameters for the environment, invoking executables and pro ...
program that implements the
client Client(s) or The Client may refer to: * Client (business) * Client (computing), hardware or software that accesses a remote service on another computer * Customer or client, a recipient of goods or services in return for monetary or other valuabl ...
part of this protocol. As an example, the sftp program supplied with
OpenSSH OpenSSH (also known as OpenBSD Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture. Network Working Gro ...
implements this. Some implementations of the
scp SCP may refer to: Organizations Political parties * Soviet Communist Party, the leading political party in the former Soviet Union * Syrian Communist Party * Sudanese Communist Party * Scottish Christian Party Companies * Seattle Computer Produ ...
 ''program'' support both the SFTP and SCP protocols to perform file transfers, depending on what the server supports.


SFTP server

Some FTP server implementations implement the SFTP protocol; however, outside of dedicated file servers, SFTP protocol support is usually provided by an SSH server implementation, as it shares the default port of 22 with other SSH services. SFTP implementations may include an SSH protocol implementation to leverage integration of SSH connection details with preexisting FTP server access controls, where an alternative SSH server is tolerable or where alternative ports may be used. An SSH-2 server which supports subsystems may be leveraged to keep a uniform SSH implementation while enhancing access controls with third party software, at the cost of fine-grained integration with connection details, and SSH-1 compatibility.


SFTP proxy

It is difficult to control SFTP transfers on security devices at the network perimeter. There are standard tools for logging
FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data ...
transactions, like TIS gdev or SUSE FTP proxy, but SFTP is encrypted, rendering traditional proxies ineffective for controlling SFTP traffic. There are some tools that implement man-in-the-middle for SSH which also feature SFTP control. Examples of such a tool are Shell Control Box from
Balabit Balabit was a Hungarian security firm specializing in the development of IT security systems and related services that help businesses reduce the risk of data breaches associated with privileged accounts. Balabit claims to have more than 1,000, ...
and CryptoAuditor from
SSH Communications Security The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on a ...
(the original developer of the Secure Shell protocol) which provides functions such as SFTP transaction logging and logging of the actual data transmitted on the wire.


See also

*
Comparison of SSH clients An SSH client is a software program which uses the secure shell protocol to connect to a remote computer. This article compares a selection of notable clients. General Platform The operating systems or virtual machines the SSH clients a ...
* Comparison of SSH servers *
Comparison of file transfer protocols This article lists communication protocols that are designed for file transfer over a telecommunications network. Protocols for shared file systems—such as 9P and the Network File System—are beyond the scope of this article, as are file s ...
*
FISH Fish are aquatic, craniate, gill-bearing animals that lack limbs with digits. Included in this definition are the living hagfish, lampreys, and cartilaginous and bony fish as well as various extinct related groups. Approximately 95% of ...
*
FTPS FTPS (also known as FTP-SSL and FTP Secure) is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and, formerly, the Secure Sockets Layer (SSL, which is now prohibited by RFC75 ...
* Lsh—a
GNU GNU () is an extensive collection of free software (383 packages as of January 2022), which can be used as an operating system or can be used in parts with other operating systems. The use of the completed GNU tools led to the family of operat ...
SSH-2 and SFTP server for
Unix-like A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...
OSes *
SSHFS In computing, SSHFS (SSH Filesystem) is a filesystem client to mount and interact with directories and files located on a remote server or workstation over a normal ssh connection. The client interacts with the remote file system via the SSH ...
—Mounting remote filesystem using SFTP and SSH * :FTP clients * :SSH File Transfer Protocol clients


References

{{DEFAULTSORT:Ssh File Transfer Protocol Cryptographic protocols Network file transfer protocols Secure Shell