What is the difference between FTPS and SFTP? [duplicate]
Trying to set up a system for my 4 remote employees to transfer files. It has to be secure. Is SFTP better than FTPS? What is the difference?
Solution 1:
Two completely different protocols.
FTPS is FTP with SSL for security. It uses a control channel and opens new connections for the data transfer. As it uses SSL , it requires a certificate.
SFTP (SSH File Transfer Protocol / Secure File Transfer Protocol) was designed as an extension of SSH to provide file transfer capability, so it usually uses only the SSH port for both data and control.
In most SSH server installations you will have SFTP support, but FTPS would need an aditional configuration of a supported FTP server.
Solution 2:
sftp is a FTP like protocol that operates over SSH.
- If you are running a linux/bsd/OSX based server, then you almost always already have a perfectly functional sftp server already.
- On the Windows side you basically are looking at Filezilla, WinSCP, or Putty as a client.
ftps is the original ftp protocol with TLS enhancements.
- ftps works very badly through a NAT firewall
Solution 3:
FTPS = FTP over SSL. It come in two flavours:
- Explicit FTPS - Uses TCP port 21 as per FTP - some clients, like Filezilla, require you to specify the proctocol as FTPES (e.g. ftpes://ftp.xxxxx.com)
- Implicit FTP - The connection will be encrypted if both sides can handle it (port 990), but if not, it will fall back to unecrypted FTP (TCP port 21)
SFTP = FTP over SSH - Uses TCP port 22.
In reality, you'll find most clients will handle all protocols... providing you know what you are supposed to be using, which is usually where my clients fall down.
Further information.