MLADU
supports both FTPS and SFTP data transfers; however, we
get asked a lot about whether the difference between the
two protocols matter so we decided to write down the
difference here.
FTPS and SFTP both secure file transfers, but they are
very
different protocols in how they operate. In simple terms,
SFTP is newer, simpler, and fully integrated with SSH
while FTPS is older FTP "patched" with SSL/TLS encryption.
For more information on differences, please see the
following detail:
-
Built on: SSH (Secure
Shell)
-
Encryption: Entire connection
(both commands and data) is encrypted automatically
through SSH
-
Ports: Only
one port (typically port 22)
is used, making it firewall-friendly
-
Authentication: SSH keys or
username/password (through the SSH layer)
-
Common Usage: Unix/Linux
servers, automation scripts, secure enterprise file
transfers
-
Nature: It is a
file transfer protocol
designed specifically for secure file access and
management
-
Built on: Traditional FTP,
but enhanced with
SSL/TLS (the same technology
that HTTPS websites use)
-
Encryption: Adds encryption
to FTP using SSL/TLS. You can have
explicit (secure connection
after a request) or
implicit (secure connection
immediately) encryption
-
Ports: Requires multiple
ports:
- TCP port 21 for commands
- Random high ports for data transfers
-
This makes FTPS more difficult to use behind
firewalls
-
Authentication:
Username/password plus optional SSL/TLS certificates
-
Common Usage: Often in
Windows server environments, financial services, or
companies with legacy FTP systems that needed to add
security
-
Nature: It is
FTP with an added security
layer — the basic structure and behavior of FTP (like
needing multiple ports) remains
Topics