Pages

Tuesday, January 28, 2025

How SFTP works?

 SFTP (Secure File Transfer Protocol) is a network protocol that provides secure file access, transfer, and management over a secure SSH (Secure Shell) connection. Unlike FTP, which sends data in plain text, SFTP encrypts the data, ensuring confidentiality and integrity.

Here's a step-by-step explanation of how SFTP works:

Step 1: Client Initiates Connection

  • The SFTP client initiates a connection to the SFTP server.
    • This is typically done using an SFTP client (like sftp command, FileZilla, or WinSCP).
    • The command looks like: 
      sftp username@hostname
      • username: The login username on the remote server.
      • hostname: The IP address or domain name of the remote server.
  • The client connects to the server over port 22 (the default port for SSH and SFTP), which is encrypted and secured by SSH.

Step 2: SSH Authentication

  • SFTP uses SSH for securing the connection, so the first step in the SFTP session is an SSH handshake:
    • The SFTP server sends its public key to the client.
    • The client checks the server’s identity by verifying the public key against its known_hosts file.
    • The client authenticates itself to the server using one of the following methods:
      1. Password-based Authentication: The client provides a password.
      2. Key-based Authentication: The client uses its private key to authenticate against the server’s public key.
    • If the authentication is successful, an encrypted SSH connection is established, and the client is authorized to access the server.

Step 3: Secure Channel Established

  • Once the SSH connection is authenticated:
    • The SFTP client and the SFTP server establish an encrypted communication channel.
    • This encryption ensures that any files transferred, commands issued, or data exchanged during the session is protected from interception by attackers.

Step 4: File Transfer Commands

  • After establishing the secure connection, the client can issue SFTP commands to interact with the SFTP server. Common commands include:

    • ls: List the files and directories on the remote server.
    • cd: Change the directory on the remote server.
    • get: Download a file from the server to the client.
    • put: Upload a file from the client to the server.
    • mget: Download multiple files from the server to the client.
    • mput: Upload multiple files from the client to the server.
    • rm: Remove a file from the server.
    • mkdir: Create a directory on the server.
    • exit: Close the SFTP session.

    For example:

    • Download a file: 
      get filename.txt
    • Upload a file: 
      put localfile.txt remotefile.txt

Step 5: Data Transfer

  • Once a transfer command is issued (e.g., get or put), the data is transmitted over the encrypted SSH channel:
    • Encryption: The files are encrypted during transfer using the session key established during the SSH handshake. This ensures that even if the data is intercepted, it cannot be read.
    • Integrity: SFTP uses checksums or hashes to verify that the files are not corrupted during transfer. If the integrity check fails, the transfer is aborted.

Step 6: Closing the Session

  • Once the required file operations are completed, the client can issue the exit command to close the SFTP session.

    exit

  • The SFTP client and server then cleanly close the encrypted connection, and the SSH session is terminated.

Key Features of SFTP

  1. Encryption: All data is encrypted, ensuring confidentiality and protecting against eavesdropping.
  2. Authentication: Uses SSH for server and client authentication.
  3. Integrity: Ensures that data is not tampered with during transfer through checksums or hash verification.
  4. File Management: Provides not just file transfers but also file management operations (e.g., delete, list, rename, and change directories).
  5. Firewall-friendly: Operates over a single port (usually port 22), making it easier to configure firewalls.

SFTP vs FTP

  • SFTP uses SSH to encrypt data, making it more secure compared to FTP, which transmits data in plaintext.
  • FTP typically uses two ports: one for the command/control channel and one for the data channel, whereas SFTP only uses one port (usually 22), making it firewall-friendly.
  • SFTP ensures integrity and authentication of both parties (client and server), while FTP does not provide this level of security by default.

Summary of SFTP Steps:

  1. Initiate Connection: Client connects to the SFTP server over port 22.
  2. SSH Authentication: The server authenticates the client and establishes a secure SSH session.
  3. Secure Channel: An encrypted channel is established for the transfer of data.
  4. File Operations: The client can perform file management operations like get, put, ls, etc., over the encrypted channel.
  5. Session Termination: The client exits, and the session is closed.

Example of SFTP Command Usage:

sftp user@remote_host
# After login, to download a file:
get /path/to/remote/file /path/to/local/directory
# To upload a file:
put /path/to/local/file /path/to/remote/directory


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)