Cloud SFTP
   HOME

TheInfoList



Click Here for Items Related To - Cloud SFTP
OR:
Cloud SFTP on:   [Wikipedia]   [Google]   [Amazon]

In
computing Computing is any goal-oriented activity requiring, benefiting from, or creating computer, computing machinery. It includes the study and experimentation of algorithmic processes, and the development of both computer hardware, hardware and softw ...
, the SSH File Transfer Protocol, also known as Secure File Transfer Protocol (SFTP), is a
network protocol A communication protocol is a system of rules that allows two or more entities of a communications system to transmit information via any variation of a physical quantity. The protocol defines the rules, syntax, semantics, and synchronization of ...
that provides
file access File or filing may refer to: Mechanical tools and processes * File (tool), a tool used to remove fine amounts of material from a workpiece. ** Filing (metalworking), a material removal process in manufacturing ** Nail file, a tool used to gen ...
,
file transfer File transfer is the transmission of a computer file through a communication channel from one computer system to another. Typically, file transfer is mediated by a communications protocol. In the history of computing, numerous file transfer protoc ...
, and
file management A file manager or file browser is a computer program that provides a user interface to manage files and folders. The most common operations performed on files or groups of files include creating, opening (e.g. viewing, playing, editing or p ...
over any reliable
data stream In connection-oriented communication, a data stream is the transmission of a sequence of digitally encoded signals to convey information. Typically, the transmitted symbols are grouped into a series of packets. Data streaming has become u ...
. It was designed by the
Internet Engineering Task Force The Internet Engineering Task Force (IETF) is a standards organization for the Internet standard, Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster ...
(IETF) as an extension of the
Secure Shell The Secure Shell Protocol (SSH Protocol) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH was designed for ...
protocol (SSH) version 2.0 to provide secure file transfer capabilities, and is seen as a replacement of
File Transfer Protocol The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and d ...
(FTP) due to superior security. The IETF Internet Draft states that, even though this protocol is described in the context of the SSH-2 protocol, it could be used in a number of different applications, such as secure file transfer over
Transport Layer Security Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network, such as the Internet. The protocol is widely used in applications such as email, instant messaging, and voice over ...
(TLS) and transfer of management information in
VPN Virtual private network (VPN) is a network architecture for virtually extending a private network (i.e. any computer network which is not the public Internet) across one or multiple other networks which are either untrusted (as they are not c ...
applications. This protocol assumes that it is run over a
secure channel In cryptography, a secure channel is a means of data transmission that is resistant to overhearing and tampering. A confidential channel is a means of data transmission that is resistant to overhearing, or eavesdropping (e.g., reading the conten ...
, such as SSH, that the server has already authenticated the client, and that the identity of the client user is available to the protocol.


Capabilities

Compared to the SCP protocol, which only allows file transfers, the SFTP protocol allows for a range of operations on remote files which make it more like a remote file system protocol. An SFTP
client Client(s) or The Client may refer to: * Client (business) * Client (computing), hardware or software that accesses a remote service on another computer * Customer or client, a recipient of goods or services in return for monetary or other valuable ...
's extra capabilities include resuming interrupted transfers, directory listings, and remote file removal. There is also support for all UNIX file types, including symbolic links. SFTP attempts to be more platform-independent than SCP; with SCP, for instance, the expansion of wildcards specified by the client is up to the server, whereas SFTP's design avoids this problem. While SCP is most frequently implemented on
Unix Unix (, ; trademarked as UNIX) is a family of multitasking, multi-user computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, a ...
platforms, SFTP servers are commonly available on most platforms. In SFTP, the file transfer can be easily terminated without terminating a session like other mechanisms do. SFTP is not
FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and dat ...
run over
SSH The Secure Shell Protocol (SSH Protocol) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH was designed for Un ...
, but rather a new protocol designed from the ground up by the
IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet standard, Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster ...
SECSH
working group A working group is a group of experts working together to achieve specified goals. Such groups are domain-specific and focus on discussion or activity around a specific subject area. The term can sometimes refer to an interdisciplinary collab ...
. It is sometimes confused with
Simple File Transfer Protocol The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and dat ...
. The protocol itself does not provide authentication and security; it expects the underlying protocol to secure this. SFTP is most often used as subsystem of
SSH The Secure Shell Protocol (SSH Protocol) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH was designed for Un ...
protocol version 2 implementations, having been designed by the same working group. It is possible, however, to run it over SSH-1 (and some implementations support this), or other data streams. However, running an SFTP server over SSH-1 is not platform-independent, as SSH-1 does not support the concept of subsystems. An SFTP client connecting to an SSH-1 server must be aware of the path to the SFTP server binary on the server side. Uploaded files may be associated with their basic attributes, such as time stamps. This is an advantage over the common
FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and dat ...
protocol.


History and development

The Internet Engineering Task Force (IETF) working group "Secsh" that was responsible for the development of the
Secure Shell The Secure Shell Protocol (SSH Protocol) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH was designed for ...
version 2 protocol (RFC 4251) also attempted to draft an extension of that standard for secure file transfer functionality.
Internet Draft An Internet Draft (I-D) is a document published by the Internet Engineering Task Force (IETF) containing preliminary technical specifications, results of networking-related research, or other technical information. Often, Internet Drafts are int ...
s were created that successively revised the protocol into new versions. The software industry began to implement various versions of the protocol before the drafts were standardized. As development work progressed, the scope of the Secsh File Transfer project expanded to include
file access File or filing may refer to: Mechanical tools and processes * File (tool), a tool used to remove fine amounts of material from a workpiece. ** Filing (metalworking), a material removal process in manufacturing ** Nail file, a tool used to gen ...
and
file management A file manager or file browser is a computer program that provides a user interface to manage files and folders. The most common operations performed on files or groups of files include creating, opening (e.g. viewing, playing, editing or p ...
. Eventually, development stalled as some committee members began to view SFTP as a file system protocol, not just a
file access File or filing may refer to: Mechanical tools and processes * File (tool), a tool used to remove fine amounts of material from a workpiece. ** Filing (metalworking), a material removal process in manufacturing ** Nail file, a tool used to gen ...
or
file transfer File transfer is the transmission of a computer file through a communication channel from one computer system to another. Typically, file transfer is mediated by a communications protocol. In the history of computing, numerous file transfer protoc ...
protocol, which places it beyond the purview of the working group. After a seven-year hiatus, in 2013 an attempt was made to restart work on SFTP using the version 3 draft as the baseline.


Versions 0–2

Prior to the IETF's involvement, SFTP was a proprietary protocol of
SSH Communications Security The Secure Shell Protocol (SSH Protocol) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH was designed for Un ...
, designed by Tatu Ylönen with assistance from Sami Lehtinen in 1997. Differences between versions 0–2 and version 3 are enumerated upon i
section 10 of draft-ietf-secsh-filexfer-02


Version 3

At the outset of the IETF Secure Shell File Transfer project, the Secsh group stated that its objective of SSH File Transfer Protocol was to provide a secure file transfer functionality over any reliable data stream, and to be the standard file transfer protocol for use with the SSH-2 protocol. Drafts 00–02 of the IETF Internet Draft define successive revisions of version 3 of the SFTP protocol.
SSH File Transfer Protocol, Draft 00, January 2001

SSH File Transfer Protocol, Draft 01, March 2001

SSH File Transfer Protocol, Draft 02, October 2001


Version 4

Drafts 03–04 of the IETF Internet Draft define version 4 of the protocol.
SSH File Transfer Protocol, Draft 03, October 2002

SSH File Transfer Protocol, Draft 04, December 2002


Version 5

Draft 05 of the IETF Internet Draft defines version 5 of the protocol.
SSH File Transfer Protocol, Draft 05, January 2004


Version 6

Drafts 06–13 of the IETF Internet Draft define successive revisions of version 6 of the protocol.
SSH File Transfer Protocol, Draft 06, October 2004

SSH File Transfer Protocol, Draft 07, March 2005

SSH File Transfer Protocol, Draft 08, April 2005

SSH File Transfer Protocol, Draft 09, June 2005
– Added byte-range locks. ACL changes. Rearranged SSH_FXP_REALPATH request parameters.
SSH File Transfer Protocol, Draft 10, June 2005
– Extensions "vendor-id", "md5-hash", "space-available", "home-directory" removed. ACL changes.
SSH File Transfer Protocol, Draft 11, January 2006
– ACL transfer fully specified. Editorial changes.
SSH File Transfer Protocol, Draft 12, January 2006
– Added "IANA considerations". A size parameter is now allowed for file creation as an advisory signal.
SSH File Transfer Protocol, Draft 13, July 2006
– editorial changes


Extensions

The SFTP protocol supports a generic way of indicating extended commands, along with a method of including them in version negotiation. An IANA registry is requested, but since the protocol never became an official standard, no such registry has been created. * Draft 13 specifies , , , , , , , . * OpenSSH, the most widespread implementation, defines constants to convert and values across the protocol, using the version identifier. It only implements version 3 from draft 1.


Software


SFTP client

The term SFTP can also refer to
Secure file transfer program is a command-line interface client program to transfer files using the SSH File Transfer Protocol (SFTP), which runs inside the encrypted Secure Shell connection. It provides an interactive interface similar to that of traditional command-lin ...
, a
command-line program A console application or command-line program is a computer program (applications or utilities) designed to be used via a text-only user interface. A console application can be used with a computer terminal, a system console, or a terminal emu ...
that implements the
client Client(s) or The Client may refer to: * Client (business) * Client (computing), hardware or software that accesses a remote service on another computer * Customer or client, a recipient of goods or services in return for monetary or other valuable ...
part of this protocol. As an example, the sftp program supplied with OpenSSH implements this. Some implementations of the scp ''program'' support both the SFTP and SCP protocols to perform file transfers, depending on what the server supports. The scp program supplied with OpenSSH 9.0 and higher defaults to using SFTP.


SFTP server

Some FTP server implementations implement the SFTP protocol; however, outside of dedicated file servers, SFTP protocol support is usually provided by an SSH server implementation, as it shares the default port of 22 with other SSH services. SFTP implementations may include an SSH protocol implementation to leverage integration of SSH connection details with preexisting FTP server access controls, where an alternative SSH server is tolerable or where alternative ports may be used. An SSH-2 server which supports subsystems may be leveraged to keep a uniform SSH implementation while enhancing access controls with third party software, at the cost of fine-grained integration with connection details, and SSH-1 compatibility.


SFTP proxy

It is difficult to control SFTP transfers on security devices at the network perimeter. There are standard tools for logging
FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and dat ...
transactions, like TIS
gdev GDEV Inc. is a gaming and entertainment holding company. It is a publicly traded company listed on the Nasdaq stock exchange, headquartered in Limassol, Cyprus. The holding was evolved in June 2023 from a video game company Nexters, founded in 20 ...
or SUSE FTP proxy, but SFTP is encrypted, rendering traditional proxies ineffective for controlling SFTP traffic. There are some tools that implement man-in-the-middle for SSH which also feature SFTP control. Examples of such a tool are Shell Control Box from Balabit and CryptoAuditor from
SSH Communications Security The Secure Shell Protocol (SSH Protocol) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH was designed for Un ...
(the original developer of the Secure Shell protocol) which provides functions such as SFTP transaction logging and logging of the actual data transmitted on the wire.


See also

*
Comparison of SSH clients An SSH client is a software program which uses the secure shell protocol to connect to a Server (computing), remote computer. This article compares a selection of notable clients. General Platform The operating systems or virtual machin ...
*
Comparison of SSH servers An SSH server is a software program which uses the Secure Shell protocol to accept connections from remote computers. SFTP/ SCP file transfers and remote terminal connections are popular use cases for an SSH server. General Platform The op ...
* Cloud SFTP *
Comparison of file transfer protocols This article lists communication protocols that are designed for file transfer over a telecommunications network. Protocols for shared file systems—such as 9P and the Network File System—are beyond the scope of this article, as are file ...
*
FISH A fish (: fish or fishes) is an aquatic animal, aquatic, Anamniotes, anamniotic, gill-bearing vertebrate animal with swimming fish fin, fins and craniate, a hard skull, but lacking limb (anatomy), limbs with digit (anatomy), digits. Fish can ...
*
FTPS FTPS (also known as FTP-SSL and FTP Secure) is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and, formerly, the Secure Sockets Layer (SSL, which is now prohibited by RFC756 ...
* Lsh—a
GNU GNU ( ) is an extensive collection of free software (394 packages ), which can be used as an operating system or can be used in parts with other operating systems. The use of the completed GNU tools led to the family of operating systems popu ...
SSH-2 and SFTP server for
Unix-like A Unix-like (sometimes referred to as UN*X, *nix or *NIX) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Uni ...
operating systems *
SSHFS SSHFS (SSH Filesystem) is a filesystem client to mount and interact with directories and files located on a remote server or workstation over a normal ssh connection. The client interacts with the remote file system via the SSH File Transf ...
and
Rclone Rclone is an open source, Multithreading (software), multi threaded, Command-line interface, command line computer program to manage or migrate content on cloud storage, cloud and other high Latency (engineering)#Packet-switched networks, laten ...
—Mounting remote filesystem using SFTP and SSH * :FTP clients * :SSH File Transfer Protocol clients


References

{{DEFAULTSORT:Ssh File Transfer Protocol Network file transfer protocols Secure Shell