SSH vs SFTP: Are SSH and SFTP the Same?
SSH and SFTP are a classic pair. They intertwine when it comes to securing communication, and while they have similar capabilities, they are not the same thing. SFTP (SSH File Transfer Protocol) is a secure FTP protocol that sends files over secure shell (SSH), providing a high level protection for file transfers. So, what’s the difference between them? Read on to find out.
What is SSH?
Secure Shell (SSH) is a transport layer that is used to secure logins and information moving between two endpoints. SSH use a combination of asymmetric (public and private key) and symmetric cryptology to provide strong encryption and optimal performance. It allows for secure communication between an organization and remote servers.
What is SFTP?
SFTP (SSH File Transfer Protocol) is a secure FTP protocol that sends files over secure shell (SSH), providing a high level of protection for file transfers. SFTP implements AES, Triple DES, and other algorithms to encrypt data that flows between systems. It also offers several ways to authenticate a connection—with a user ID and password, SSH key, or a combination of a password and SSH key—for organizations that require stronger authentication.
More Terms to Know: GoAnywhere Glossary
SFTP Port Number 22
The SFTP default port is port 22, which is the port also used by SSH (Secure Shell).
In addition to using SFTP for encrypted, secure file sharing, the SFTP port can also be used for:
- Controlling access: If you need to secure interactions with an app0lication or service requiring an SFTP file server, you’ll need access to the SFTP port.
- Accessing a remote server: If you need to securely upload, download, or manage files with a remote server that supports SFTP, you’ll also need port 22, or the SFTP port.
- Configuring firewalls: You’ll need to enable SFTP connections for your firewalls or other network security. Port 22 is the default port, however, depending on your security or network policies, a different port for SFTP may be configured.
As SFTP requires only a single port to be open for sending controls, and sending or receiving data files, communications can be easier. This single-port ease is particularly noticeable when dealing with strict, client-side firewalls.
SFTP Authentication
Since SFTP is the protocol built on the SSH transport layer, SSH user authentication is used for SFTP communication exchanges.
How Does SFTP Authentication Work?
SFTP typically supports the following methods for user authentication:
- Password based authentication, where a username and password is supplied.
- Key based authentication where a username and an SSH key is supplied. Key based authentication has the benefit of being able to use the same key for multiple servers and eliminates password management.
- Two-factor authentication where a password and an SSH key are used. Two-factor authentication offers the highest level of security.
While SFTP doesn’t require two-factor authentication, you do have the choice to require both a password and SSH key for a more secure connection. Using SSH keys helps prevent imposters from connecting to the server.
Learn More: SFTP Connectivity
Before using SSH keys for authentication, you must first generate both a SSH private key and a public key. The SSH public key is sent to your trading partner, and they must load it onto their server and associate it with your account. When you connect to their server, the server will verify the key for authentication. If everything matches, then the authentication will succeed.
How Are SSH and SFTP Similar?
SFTP cannot exist without SSH — SFTP uses SSH as the binding agent to transfer files securely. In other words, the SSH protocol is used in the file transfer mechanism SFTP. In fact, most SSH servers include SFTP capabilities. However, not all SFTP servers support SSH commands and actions.
How Do SSH and SFTP Differ?
Although they are both used to transfer information securely, unlike SFTP, SSH is able to exist on its own. Typical applications for SSH are remote command-line, login, and remote command execution. SFTP is the file transfer protocol that provides secure file access, file transfer, and file management over a reliable data stream.
Implement GoAnywhere’s SFTP Client Today
Ready to give our SFTP client a try? Download our free trial of GoAnywhere Managed File Transfer. Our secure file transfer solution takes minutes to install, is quick to figure out, and is fully functional so you can determine if it's the right fit for your organization.
