SFTP vs FTPS, and is an FTP server even required for SFTP?

sftp winscp ftps

I have an Ubuntu 16.04 instance that seems to not have FTP installed, but I can use WinSCP to connect from my local pc to the instance using protocol SFTP on port 22, and then I can download files from the instance to my local pc.

The instance doesn't seem to have any kind of FTP server installed, and all incoming ports are blocked other than 22 and 443. Does this mean that an FTP server is not required for SFTP? Is this the same for FTPS?

I can download files, but I can't upload. I get the error message "Cannot create remote file '...'. Permission denied. Error code: 3 Error message from server: Permission denied" - without any FTP server (or FTP server config files) installed, what is allowing me to download but preventing me from uploading?

I understand FTPS uses an SSL certificate, so I assume FTPS is the preferred choice over SFTP, is this right?


Solution 1:

The instance doesn't seem to have any kind of FTP server installed, and all incoming ports are blocked other than 22 and 443. Does this mean that an FTP server is not required for SFTP?

SFTP; the SSH File Transfer Protocol uses the SSH port and is a subsystem of your SSH server.

No separate FTP server needed. (Well not quite, there is indeed an sftp-server program that speaks the server side of SFTP protocol to but it is not intended to be called directly. It is called by your SSH server using the Subsystem option.)

the error message "Cannot create remote file '...'. Permission denied.
Error code: 3 Error message from server: Permission denied"

Permission denied errors are typically exactly that, file-system permissions preventing your user from writing in places you are not allowed to...

I understand FTPS uses an SSL certificate, so I assume FTPS is the preferred choice over SFTP, is this right?

Arguably the SFTP protocol is as cryptographically secure as FTPS so no preference there.

FTP over SSL still suffers from the classical FTP problem of needing two ports/connections and the SSL version of FTP is even more likely to break than regular FTP when you need to do NAT or set up firewall rules.

The advantage of FTPS is that TLS certificates have a much wider supported trust infrastructure to validate the identity of a remote server using its TLS certificate than SSH keys.

Related

SCP Changing text file contents
Apache 2.4 authenticate anonymous users but allow others by IP
Can not unmount an S3 directory mounted with s3fs-fuse
xfs_growfs: is not a mounted xfs filesystem when trying to grow ol-root
Is it possible to have a Single Anti-virus program for many VMs?
A nice tool to look up make/model via MAC address?
Command line: Map network drive
Find the bottleneck: disk I/O on Windows XP
Install 2.5" SSD drives into PowerEdge 2950
bad interpreter: Text file busy
How to change user credentials of windows service from command line?
Can Oracle and SQL Server exist on the same server?