SFTP is a secure protocole used to perform file transfers between local and remote servers. Much more secure than FTP, this protocol uses an SSH tunnel to establish a connection and uses encryption to transfer files in an interactive session.
In the context of Secure Shell (SSH), SFTP describes two things:
- a communication protocol operating over SSH to remotely transfer and manage files;
- a command line program that implements the client portion of this communication protocol, such as that provided by OpenSSH.
Compared to the previous scp protocol, the SFTP protocol supports many more operations on remote files. It behaves more like a file system protocol. It is supposed to be more independent of the platform of use; for example, with scp, the extension of wildcards (*) specified by the client are the responsibility of the server, which does what it wants, while the architecture of SFTP avoids such problems.
The sftp program provides a similar interface to the ftp program. The SFTP protocol is not FTP over SSL (visit File Transfer Protocol over SSL), it is a new protocol designed entirely by the IETF SECSH working group. There is no RFC describing the SFTP protocol, but only a draft (ref. desired].
Some implementations of the scp program actually use the SFTP protocol instead of the scp protocol.
sftp is often associated with the SSH-2 protocol (and program) because they were designed at the same time by the same group. However, it can be run on SSH-1, and some implementations do.