I have seen this answer and it just tells the difference between SFTP and VPN ftp.
But I am asking for How exactly SFTP works? The first SSH make a secure tunnel but then how do I use FTP?
Asked
Active
Viewed 388 times
-1
-
1Does https://security.stackexchange.com/questions/858/sftp-ftps-and-secureftp-differences-and-security-implications?noredirect=1&lq=1 cover what you want to know? – Matthew Jun 21 '18 at 12:04
1 Answers
2
Before I answer, I believe you have a misunderstanding of the difference between SFTP & FTPS, because FTP doesn't just become SFTP.
The link Matthew provided SFTP, FTPS and SecureFTP differences and security implications will be helpful in clearing up your misunderstandings. Alternatively, you can view Securing FTP with TLS and SSH File Transfer Protocol
As you've stated SFTP first creates a secure channel between the two parties. Then they must both authenticate to this channel. Upon authenticating, from a users perspective it acts the same way as FTP. The difference being the data is instead passed across the secure channel rather than an insecure channel. The data is encrypted in transit and SFTP provides integrity checks (due to SSH) to make sure the data has not been tampered with.
-
You correctly say "FTP doesn't just become SFTP" but then you say after establishing the SSH channel "[SFTP] acts the same way as FTP does". No it doesn't; as correctly explained at the dupe, the SFTP protocol (in clear, before SSH) is different from FTP, although it is used for similar _purposes_. Also, _SSH_ provides integrity check but SFTP on its own doesn't add any, and 'transverse' is not a verb. – dave_thompson_085 May 12 '21 at 03:12
-
I think "transverse" _is_ a verb: https://en.wiktionary.org/wiki/transverse#Verb – forest May 12 '21 at 07:35