SSH file transfer protocol

The term SFTP can refer to several network protocols other than this one.

In the context of the secure shell (SSH) network protocol, SFTP can refer to one of two related things:

• SSH or secure file transfer protocol, a protocol run over SSH to transfer and manage files.

• Secure file transfer program, a command-line program that implements the client part of this protocol, such as that supplied with OpenSSH.

Compared to the earlier scp protocol, the SFTP protocol allows for many more operations on remote files — it is more like a remote file system protocol. It attempts to be more platform-independent; for instance, with scp, the expansion of wildcards specified by the client was up to the server, whereas SFTP's design avoids this problem.

The sftp program accordingly provides an interactive interface similar to that of traditional ftp clients. The SFTP protocol is however not simply FTP run over SSH (see secure FTP); it is a new protocol designed from the ground up by the IETF SECSH working group.

Some implementations of the scp program actually use the SFTP protocol to perform file transfers.

sftp is most often associated with SSH protocol version 2 implementations, having been designed by the same working group. However, it is possible to run it over SSH-1, and some implementations support this.

Standardization

The protocol is not standardized as RFC yet. The latest specification is Internet Draft draft-ietf-secsh-filexfer-08.txt, which defines version 6 of the protocol. Currently the mostly used version in 3, implemented by the popular OpenSSH SFTP server. Many Microsoft Windows-based SFTP implementations use version 4 of the protocol that removed some bindings to Unix platform.

References

• Internet draft draft-ietf-secsh-filexfer-08.txt
• Comparison with SCP

Implementations

Servers

• OpenSSH [1]

Clients

• PSFTP [2]
• OpenSSH [3]
• WinSCP [4]