SFTP vs FTPS, and is an FTP server even required for SFTP?
I have an Ubuntu 16.04 instance that seems to not have FTP installed, but I can use WinSCP to connect from my local pc to the instance using protocol SFTP on port 22, and then I can download files from the instance to my local pc.
The instance doesn't seem to have any kind of FTP server installed, and all incoming ports are blocked other than 22 and 443. Does this mean that an FTP server is not required for SFTP? Is this the same for FTPS?
I can download files, but I can't upload. I get the error message "Cannot create remote file '...'. Permission denied. Error code: 3 Error message from server: Permission denied" - without any FTP server (or FTP server config files) installed, what is allowing me to download but preventing me from uploading?
I understand FTPS uses an SSL certificate, so I assume FTPS is the preferred choice over SFTP, is this right?
Solution 1:
The instance doesn't seem to have any kind of FTP server installed, and all incoming ports are blocked other than 22 and 443. Does this mean that an FTP server is not required for SFTP?
SFTP; the SSH File Transfer Protocol uses the SSH port and is a subsystem of your SSH server.
No separate FTP server needed. (Well not quite, there is indeed an sftp-server
program that speaks the server side of SFTP protocol to but it is not
intended to be called directly. It is called by your SSH server using the Subsystem
option.)
the error message "Cannot create remote file '...'. Permission denied.
Error code: 3 Error message from server: Permission denied"
Permission denied
errors are typically exactly that, file-system permissions preventing your user from writing in places you are not allowed to...
I understand FTPS uses an SSL certificate, so I assume FTPS is the preferred choice over SFTP, is this right?
Arguably the SFTP protocol is as cryptographically secure as FTPS so no preference there.
FTP over SSL still suffers from the classical FTP problem of needing two ports/connections and the SSL version of FTP is even more likely to break than regular FTP when you need to do NAT or set up firewall rules.
The advantage of FTPS is that TLS certificates have a much wider supported trust infrastructure to validate the identity of a remote server using its TLS certificate than SSH keys.