About Secure FTP
FTP is a file transfer protocol based on the specification defined in RFC 959 from the Internet Engineering Task Force (IETF), which was most recently published in 1985. Since FTP was originally designed for use in private scientific and research networks, RFC 959 does not include specifications for encryption of authentication information (e.g., usernames and passwords) or encryption of data files in transit.
Secure FTP is a broad term that refers to two primary technologies that do encrypt authentication information and data files in transit.
- FTPS generally refers to secure FTP using SSL or TLS for encryption. FTPS refers to extensions of the FTP protocol that add support for the Transport Layer Security (TLS) and Secure Socket Layer (SSL) protocols. TLS support is specified in RFC 4217 and SSL is specified in RFC 2228.
- SFTP generally refers to the use of the Secure Shell or SSH network protocol that allows data to be exchanged using a secure channel. The original SSH-1 protocol has been replaced in most applications by the more secure SSH-2 protocol. In this type of secure FTP, the FTP protocol tunnels through an SSH connection. Unlike FTP and FTPS, the SFTP protocol is only a draft specification, which can cause small incompatibilities between SFTP client and server implementations.
|
