2

This is a two part question.

  • How does the implementation of SFTP differ over FTP? (Account Creation, Setup of connection)
  • Is it more expensive (in terms of time/cost) to do so?

In this scenario I am using user credentials for authentication.

Callum McCormick
  • 49
  • 5
  • What kind of cost? Administrator hours to set it up? CPU time/power used? License costs of software? Overcoming organizational inertia? – ilkkachu Jul 28 '16 at 10:54
  • I was looking at what might cause an increase in the Total Cost of Ownership/Financial. Of course, not exact figures but examples where additional costs would typically be. – Callum McCormick Jul 28 '16 at 11:56

1 Answers1

5

SFTP is a completely different setup than FTP. SFTP is a FTP over a SSH tunnel, usually using the sftp-server thats part of openSSH.

You set this sftp-server up like any other SSH connection:

  • you create a (system) user
  • add a clients public key to the [user]/.ssh/authorized_keys file
  • have the client connect to your ssh server using a SFTP application (sftp, scp, winscp, etc.)

Now if you mean FTPS instead of SFTP, than you have a FTP connection with TLS security. This is (i.m.h.o) a pain to setup and use. you have to get a certificate, setup a FTPS server (I know of no secure one I would run myself) Setup users, setup permissions, setup storage location. Just like with plain FTP.

LvB
  • 8,217
  • 1
  • 26
  • 43
  • Thanks - that has helped a lot. Can you use the username/password instead of a public key? If that's the case then it would make the process of setting up SFTP connections much quicker than organisating the client to set up a public key. – Callum McCormick Jul 28 '16 at 09:02
  • Can, yes. but more secure is to use a username / Certificate. much harder to bruteforce and can have a much easier workflow on the client (it is possible to use password less keys for example stored on a Smart-card) see SSH and ssh certificate login on what options are there and how to implement them. – LvB Jul 28 '16 at 10:15
  • 6
    SFTP isn't just FTP over SSH, it's a whole different protocol. (Luckily, since the use multiple TCP streams design of FTP is often a bit annoying.) – ilkkachu Jul 28 '16 at 10:51
  • @ilkkachu yes you are right, that is an over simplification on my part. But in essence it is a File Transfer Protocol, that is tunneled over an SSH connection. – LvB Jul 28 '16 at 12:18
  • SFTP is designed to have FTP-like syntax, but lacks many of FTPs features. It was designed to move files easily, but can't do the filesystem management functions of FTP. – ztk Jul 28 '16 at 18:27