SFTP (SSH File Transfer Protocol) is a secure file transfer protocol. It runs over the SSH protocol. It supports the full security and authentication functionality of SSH.
SFTP has pretty much replaced legacy FTP as a file transfer protocol, and is quickly replacing FTP/S. It provides all the functionality offered by these protocols, but more securely and more reliably, with easier configuration. There is basically no reason to use the legacy protocols any more.
SFTP also protects against password sniffing and man-in-the-middle attacks. It protects the integrity of the data using encryption and cryptographic hash functions, and autenticates both the server and the user.
SFTP Port Number
- How to Use the Mac Terminal as an FTP or SFTP Client File Transfer Protocol (FTP), and Secure File Transfer Protocol (SFTP) are two of the most widely used protocols for transferring files between a local device and a remote server.
- Cyberduck is a file transfer client for Apple Mac and Microsoft Windows. Cyberduck is a fairly popular file transfer client for Apple Mac and Microsoft Windows. It supports FTP, SFTP, WebDAV, Amazon S3, OpenStack Swift, Backblaze B2, Microsoft Azure & OneDrive, Google Drive and Dropbox.
When you connect to your InMotion Hosting server account, you can use the normal FTP connection or a secure connection (SFTP). Note that these instructions for connecting to a Shared Server.
SFTP port number is the SSH port 22 (follow the link to see how it got that number). It is basically just an SSH server. Only once the user has logged in to the server using SSH can the SFTP protocol be initiated. There is no separate SFTP port exposed on servers. No need to configure another hole into firewalls.
SFTP Client for Windows and Mac
Many SFTP client implementations are available. Many SSH clients support SFTP.
SFTP Server for Linux, Windows, and Mac
SFTP server usually comes as part of an SSH implementation. Most organizations use either Tectia SSH or OpenSSH as the server; both come with SFTP server implementations out-of-the-box.
- OpenSSH - open source server for Linux & Unix
- FileZilla - a free sftp server for Windows
SCP Command on Linux
The scp
command is a file transfer program for SFTP in Linux. The scp
command line interface was designed after the old rcp command in BSD Unix. The scp
also usually comes with the OpenSSH package.
Its typical use is:
Basically, this copies one or more files to the given host. If user
is given, then they are copied to that account on the host. If no user
is supplied, then the same user name as on the client side is assumed. If path
is given, then the files are copied to that directory (relative to the given user's home directory). If no path
is given, the files are copied to the user's home directory. If the -r
option is supplied, then files may be directories, and the given directory and all its subdirectories and files in them (recursively) are copied.
One can also copy in the reverse direction:
Commonly, the path
would be .
, i.e., the current directory.
SFTP Command on Linux
The sftp
command in Linux is a client program for SFTP. The sftp
command line interface was designed to be similar to the ftp command. The sftp
command is typically part of the OpenSSH package.
SSHFS & Using SFTP for File Sharing
SFTP can furthermore be used for file sharing, similar to Windows file sharing and Linux NFS. The main difference is that SFTP is secure, and can be used reliably over Network Address Translation (NAT) and the public Internet.
Sshfs is a network file system for Linux that runs over the SFTP protocol. It can use any SSH server as a server, and use remote files over the network as if they were local files. The remote file system can be mounted and unmounted as desired. It is the most convenient way to mount remote files ad hoc, without the need for any configuration by the server administrator. SSH keys can even fully automate establishing the connection to the server. Basically, anyone who is able to log into the server can mount its file system, with access to those files the user has access to.
Other file sharing implementations using SFTP include:
Interactive and Automated Secure File Transfers
Like SSH itself, SFTP is a client-server protocol. SFTP clients are included in quality SSH clients and complete enterprise grade SSH implementations provide both SFTP client and server functionality. Some SSH clients, such as Tectia SSH, also provide graphical file manager views into remote filesystems.
On Linux, SFTP is often used as a command-line utility that supports both interactive and automated file transfers. Public key authentication can be used to fully automate logins for automated file transfers. However, proper lifecycle management of SSH keys is important to keep access under control.
Common use cases for automated file transfers include nightly system backups, copying data to disaster recovery systems, distributing configuration data, and moving transaction logs to archival systems. Many organizations have thousands of daily SSH transfers. In come cases, we have seen over 5 million daily automated SSH logins.
Commercial File Transfer Solutions using SFTP
Some commercial file transfer products supporting SFTP include the following. Nothing on this page should be taken as an endorsement of any product or solution.
SFTP Libraries for Developers
There are many open source SSH libraries available for various programming languages.
- pysftp is a Python implementation
- Paramiko is another Python implementation
- pkg/sftp is a Go language implementation
- libssh is a C implementation of the protocol
- libssh2 is another C implementation of the protocol
- Rebex SFTP is a .NET (C#) implementation
- codeignioter-sftp is a PHP implementation
- phpseclib is another PHP implementation
- SmartFTP is an ActiveX component
- JCraft JSch is a Java implementation
- SSHJ is another Java implementation
SFTP Protocol
The SFTP protocol runs over the SSH protocol as a subsystem. It was originally designed by Tatu Ylonen for SSH 2.0 in 1997-1998. There is no separate SFTP port; it uses the normal SSH port.
The full documentation of the SFTP protocol can be found in the Internet-Draft draft-ietf-secsh-filexfer-02.
The protocol supports multiple concurrent operations. Each operation is identified by a unique number assigned by the client, and servers response contains the same identifying number. Server may process requests asynchronously and may return responses out-of-order. For performance reasons, file transfer clients often send multiple requests before stopping to wait for responses.
Operations or packet types supported by the protocol include:
INIT: sends client version numbers and extensions to the server
VERSION: returns server version number and extensions to the client
OPEN: opens or creates a file, returning a file handle
CLOSE: closes a file handle
READ: reads data from a file
WRITE: writes data to a file
OPENDIR: opens a directory for reading, returning a directory handle
READDIR: reads file names and attributes from a directory handle
MKDIR: creates a directory
RMDIR: removes a directory
REMOVE: removes a file
RENAME: renames a file
STAT: returns file attributes given a path, following symlinks
LSTAT: returns file attributes given a path, without following symlinks
FSTAT: returns file attributes given a file handle
SETSTAT: modifies file attributes given a path
FSETSTAT: modifies file attributes given a file handle
READLINK: reads the value of a symbolic link
SYMLINK: creates a symbolic link
REALPATH: canonicalizes server-size relative path to an absolute path
The following response packets are returned by the server:
STATUS: indicates success or failure of an operation
HANDLE: returns a file handle upon success
DATA: returns data upon success
ATTRS: returns file attributes upon success
There is also an extension mechanism for arbitrary vendor-specific extensions. The extensions that are supported are negotiated using the INIT and VERSION packets.
EXTENDED: sends a vendor-specific request from client to server
EXTENDED_REPLY: sends a vendor-specific response from server to client.
SFTP vs. FTPS
People often want to compare SFTP vs. FTPS. FTPS is basically the old ftp protocol run over SSL (Secure Sockets Layer) or TLS (Transport Layer Security).
Benefits of SFTP over SFTP include:
- SFTP runs over SSH in the standard SSH port. Thus, no additional ports need to be opened on the server and no additional authentication needs to be maintained. This simplifies configuration and reduces the likelihood of configuration errors.
- FTPS needs complicated firewall configuration and may not work over NAT. Ports 989 and 990 need to be open. Furthermore, FTPS supports both active and passive modes (see FTP), which further complicates firewall configurations and is prone to problems.
- FTPS requires an X.509 certificate for the server, typically from a public certificate authority. SSH works without any centralized infrastructure. SFTP can utilize whatever host key distribution or certification method is in use for SSH, without needing additional work and ongoing maintenance.
- FTPS is basically FTP, which means it has ASCII mode, which can corrupt files if the mode is not properly set. Some implementations default to ASCII mode.
- FTPS cannot be used as a file system. (This does not improve security, as it can still read the same files.)
- FTPS requires an extra server software package to be installed and patched, whereas SFTP usually comes with SSH with the system.
SFTP screenshot
What would you do if you needed to directly access the files on your site’s server?
WordPress is a robust content management system used by millions of people all over the world. However, this widely popular CMS doesn’t have a built-in FTP client to enable users to transfer files between their computer and their site’s web hosting server.
Top 8 Best WordPress Hosting Options Compared
Finding decent WordPress hosting can be a painful process. You need a solution that will do justice to…Read More
Sftp Application For Mac
In this article, we’ll share the best FTP clients for both Mac and Windows and highlight both the pros and cons of each
What Is an FTP Client and Why Do You Need One?
FTP (File Transfer Protocol) is a standard network protocol used to transfer computer files from one host to another over a TCP-based network, such as the internet. For example, FTP allows you to upload files from your computer and transfer them to your WordPress site.
If you want to use FTP to transfer files from one host to another, you’re going to need an FTP client. An FTP client is software that allows you to manage files located somewhere else on the internet through your personal computer. For instance, you can use an FTP client to connect your computer to your WordPress hosting account.
WordPress is an effective CMS that doesn’t require the use of an FTP client. In fact, users can do pretty much everything from the WordPress dashboard, eliminating the need for an FTP client.
That said, an FTP client can help you resolve common WordPress errors that you can’t access and fix in the WordPress admin area. For example, incompatible plugins, poorly coded themes, or WordPress core updates can initiate the dreaded white screen of death and render your WordPress dashboard useless. That’s why having an FTP client on hand just in case is so helpful.
What to Look For in an FTP Client
Whether you need an FTP client for Windows or Mac (or possibly Linux), the key is to find a software that is easy to use no matter your skill level.
Here are some other features to look for in your FTP client software:
- Simple interface even beginners can understand and use
- One common access point
- Ability to preconfigure settings such as protocols, IPs, and ports and push them to users
- Support for SFTP
- Password encryption for added security
- Backup and syncing options
- Cross platform support (if needed)
- Drag and drop support
- Multiple languages available
- Remote file editing
- Directory comparisons
In order for you to use an FTP client, you’ll need an FTP username and password so you can connect to your WordPress website. You should have received this information when you first set up your website and your web hosting account.
If you aren’t sure what your username and password are, you can always check your hosting cPanel (or similar) or ask support.
Once you have the information needed to log into your favorite FTP client, you’re ready to go.
Now let’s take a look at the best FTP clients in the market to date so you can decide which one is best for you.
01. WinSCP (for Windows)
WinSCP is one of the most sought-out FTP client solutions for the Windows operating system. It’s a simple, open-source solution that makes downloading, uploading, and editing files easy. With the files on your computer on one side, and your server’s files on the other, the graphical user interface is easy enough for beginners to use.
Pros
- Advanced user support for FTP, SFTP, and SSH
- Language switcher (default English)
- Integrated text editor with drag and drop support
- Master password for enhanced security
- Foreground transfer can move to background transfer queue
- WebDAV support
- Scripting and task automation
- No default installation of adware
Cons
- Cannot toggle between 2 great interfaces (must change preferences)
- No way to edit keyboard shortcuts
WinSCP is one of the most powerful and affordable FTP client solutions for Windows users.
Platform: Windows
Price: FREE
Best Sftp For Mac
02.Cyberduck (for Windows, Mac)
Cyberduck is a free FTP client designed for both Windows and Mac. In fact, unlike most cross platform FTP client solutions, Cyberduck integrates seamlessly with your native Mac environment, making it one of the best Mac FTP clients available. It even supports Mac features such as storing login credentials in keychain and locating files in the Finder.
Pros
- Simple interface for beginners
- Allows for remote file editing
- Works with several external code editors
- Open files and edit both text and binary files with a click of a button
- Wide range of protocols including FTP, SFTP, and WebDAV
- Advanced SSH functionality and bookmarking capability
- Client side encryption
- Supports API connections with cloud drives like Google Drive and Dropbox
- Multiple languages
Cons
- Tends to run slower than other FTP clients
- No portable version
- Download from anywhere other than official website can come with adware
Although Cyberduck works for both Windows and Mac users, this option is touted as one of the best for Mac users, as there are better Windows options available. That said, Cyberduck is an inexpensive solution that will get the job done whether you use Windows or Mac.
Platform: Windows, Mac
Price: FREE
03.CuteFTP (for Windows, Mac)
CuteFTP strays away from being a free and open source FTP client solution and instead offers users advanced functionality and premium support. It comes fully loaded with the power and security users expect in an FTP client and is great on both Windows and Mac.
Sftp For Mac
Pros
- Superior support
- Supports OpenPGP encryption and file compression
- FTP, SFTP, and WebDAV support
- One Time Password authentication
- Scheduling and automation features like backups and syncing
- Built-in wizard to help novice users
- Integrated, color-coded HTML editor
- Segmented downloading
Cons
- Steep learning curve for beginners
- No connection support for cloud IaaS provider
- No file comparison feature
Overall CuteFTP is a powerful FTP client solution for those needing added features such as accessing and sharing files from a computer a mobile device. It’s also a good option for those who need to transfer large files.
Platform: Windows, Mac
Price: Starting at $59.99
04. Transmit (for Mac)
Transmit, developed by Panic, Inc., is an FTP client designed exclusively for Mac users. As such, it is the most popular FTP client solution for Mac users, especially among web developers. It is super reliable and has blazing fast speeds, and of course comes packed with great features.
Pros
- Folder syncing between local and remote servers
- Add transmit shortcuts to Finder as favorites for easy access
- Supports SSH, FTP, FTPS, SFTP, Amazon S3, and WebDAV protocols
- Cloud connections like Amazon Drive, Microsoft Azure, Dropbox, and Google Drive
- Built-in code editor
- Dashboard widget
- Drag and drop uploading
- Bandwidth limiting
- Advanced file skipping options
- Multiple languages
- 2-factor login
Cons
- Despite popularity, no Windows or Linux version
- Installs adware by default
Transmit is the perfect solution for Mac users looking for a highly-reliable FTP client.
Platform: Mac
Price: $45
05.Filezilla (for Windows, Mac, Linux)
Filezilla is the most popular open-source FTP client available for all three major operating systems – Windows, Mac, and Linux. This FTP client is easy to use, features a friendly user interface and comes with comprehensive documentation that answers every question a novice would have regarding the usage of FTP clients.
Pros
- Support for FTP, FTP over SSL/TLS, and SSH FTP
- Remote file searching
- Bookmarking
- Support for IPv6
- Secure transfers
- Remote file editing
- Portable version available
Cons
- Dated drag and drop interface
- Will install adware upon installation and display ads upon running
Filezilla is one of those FTP clients that can be used by everyone regardless of platform or skill level.
That said, there have been many complaints that bundled adware is installed when downloaded and ads display every time the software is opened. Though there is an option to opt out of this when installing the software, many beginners are unaware of this and may miss clicking the checkbox. Despite these concerns however, Filezilla is an affordable option and should remain on this list.
Platform: Windows, Mac, Linux
Price: FREE
06.Free FTP (for Windows)
Free FTP was designed to be both powerful and user friendly. You can connect to your server with a click of a button and upload or download files by dragging and dropping them to your server or computer. The organized interface ensures you always know the status of your work and you can always pause or cancel your file transfers.
Pros
- FTP, SFTP, FTPS, and more
- Convenient history feature for finding files
- File and folder permissions
- Statusbar for quick status view
- Make Zip Archive feature for site backups
Cons
- Must upgrade to paid version to access additional features like a built-in code editor, preview function, Snippet Library, and customizable syntax highlighting for HTML, CSS, PHP, JavaScript, ASP, and Python
Free FTP is a great choice for those looking for a basic FTP client solution. It’s secure, easy to use, and can be used by people of all levels. That said, for those that need advanced features, investing in the premium version is the only option.
Platform: Windows
Price: FREE (premium version $39)
07.WS_FTP Professional (for Windows)
WS_FTP Professional offers users a safe and easy way to upload and download files. It transfers with encryption so data is always secure, is easily customizable, and makes drag and drop transferring a cinch.
Sftp For Mac Free
Pros
- Transfer with 256-bit AES, FIPS 140-2 validated cryptography and OpenPGP file encryption
- Drag and drop functionality
- Locate and transfer files using integrated Google, Copernic, or Windows desktop search engines
- Schedules post-transfer actions like deleting, moving, or renaming files
- File archives
- Enable email notifications, backups, syncing, and compression
- Support for IIS and Apache web servers
Cons
- No data transfer graphs or visual displays
- Higher price than other popular solutions
WS_FTP Professional is an excellent premium solution that has everything you could need in an FTP client. It is faster than many of the competitors, includes enterprise-grade security measures, and can be worth the high price tag for some.
Platform: Windows
Price: $49.95
Wrapping It Up
When it comes to choosing an FTP client solution, the first thing you need to establish is what platform you’re using. After all, it won’t matter how much you like a solution if it’s not compatible with your platform.
From there, you’ll need to look at your overall budget. Free solutions such as WinSCP and Cyberduck offer plenty of built-in solutions, especially if you’re a beginner. However, with free solutions like Filezilla, you’re likely to get bundled adware with a download and have to deal with display ads, which can be annoying.
On the other hand, premium FTP clients like CuteFTP, Transmit, or WS_FTP Professional have powerful security, editing, and speed features that are worth investing in.
Luckily, for those that need an in-between solution, there’s also FTP clients like Free FTP that give users a chance to use the free features and upgrade to a more powerful solution if need be.
Sftp For Mac Os X Free
Which FTP client do you use? Are there certain features that are most important to you? We’d love to hear all about it in the comments below!