4

I'm struggling to find out whether or not I should set up SFTP since I already connect to the internet using a secure VPN.

Is the security using FTP through a VPN (using OpenVPN, more specifically https://mullvad.net) as secure as SFTP?

John Deters
  • 33,650
  • 3
  • 57
  • 110
user2026991
  • 111
  • 1
  • 2
  • 5

1 Answers1

8

SFTP (as in, file transfer over an SSH tunnel) provides end-to-end encryption, plus verification of the server's identity. FTP over VPN provides encryption from your computer to the VPN endpoint, and no verification of the server's identity.

If the VPN endpoint is the same computer as the FTP server, then FTP over VPN is as secure as SFTP. In any other circumstance, SFTP is more secure.

Mark
  • 34,390
  • 9
  • 85
  • 134
  • So, the data is basically unencrypted at the end-point and then sent to the FTP server? – user2026991 Dec 19 '14 at 11:56
  • Correct. A VPN only provides encryption between your computer and the VPN endpoint. If you want encryption between there and your eventual destination, you need to use an encrypted protocol such as SSH or HTTPS. – Mark Dec 19 '14 at 12:07
  • You can always use FTPS/FTPES inside a VPN to address the end-to-end issue... but one may argue that it's overkill and an unnecessary waste of computational power (you wouldn't even need the VPN anymore). And SFTP remains more firewall-friendly anyway. – FjodrSo Apr 28 '16 at 14:49