1. File Transfer Protocol Secure (FTPS) :
FTPS is known as FTP SSL which refers to File Transfer Protocol (FTP) over Secure Sockets Layer (SSL) which is more secure from FTP. FTPS also called as File Transfer Protocol Secure. It refers to basic FTP with security which protects data from any attack by encrypting it so that no one can be able to make use of any information in between transmission at both the ends. It implements AES algorithm, Triple DES algorithm, and many other algorithms to encrypt data.
Pros of FTPS :
- It is widely known and used
- Communication is readable and understandable by human
- It is encrypted
- Easy to implement
- Provides services for server to server file transfers based on SSL/TLS
- It has built in support in
.NET framework
Cons of FTPS :
- It does not have a consistent directory listing format
- Not all FTP servers support SSL/TLS
- It can not perform file system operations
- It requires a secondary data channel
- Older FTP servers do not support SSL
- It doesn’t have a standard way for getting & changing file or directory attributes
2. Secure File Transfer Protocol (SFTP) :
SFTP known is known as SSH FTP which refers to File Transfer Protocol (FTP) over Secure Shell (SSH) which encrypts both commands and data while in transmission. SFTP also called as Secure File Transfer Protocol. It works as an extension to SSH. It encrypts files and data then sends them over a secure shell data stream. This protocol allows to remotely connect to other systems and executing commands from the command line. Like FTPS it also implements AES algorithm, Triple DES algorithm, and many other algorithms to encrypt data.
Pros of SFTP :
- It has a good standard background which defines most aspects of operations
- It is easy to use behind
firewall as it uses one port - Connection is constantly protected/secured
- Directory listing is consistent/uniform
- It has only one connection and no need for a Data connection
Cons of SFTP :
- The interaction is binary and can not be logged as- is for human reading
- It is difficult to manage and validate SSH keys
- No server to server copy
- There is no built in SSH/SFTP support in
.NET frameworks - Probability of compatibility problems
Difference between FTPS and SFTP :
| S.No. | FTPS | SFTP |
|---|---|---|
| 01. | FTPS refers to File Transfer Protocol with SSL. | SFTP refers to SSH File Transfer Protocol. |
| 02. | It is also known as File Transfer Protocol (FTP) over Secure Sockets Layer (SSL). | It is also known as File Transfer Protocol (FTP) over Secure Shell (SSH). |
| 03. | File Transfer Protocol Secure in short known as FTPS. | Secure File Transfer Protocol in short known as SFTP. |
| 04. | Key based authentication is not supported. | SSH keys can be used to authenticate SFTP connections. |
| 05. | In this certificates are supported. | In this certificates are not supported. |
| 06. | It uses multiport numbers. Each time a file transfer request is made another port number needs to be opened for the data channel. | SFTP needs only a single port number for all SFTP communications and makes it easy to secure and provide greater protection. |
| 07. | It is most commonly used due to its ubiquitous legacy. | But now a days it is more common in recent devices and software. |
| 08. | Authentication is performed via x.509 certificates. | Authentication is performed via SSH keys. |
| 09. | It has separate connection for command and file data. | It has no separate connection for command and file data. |