Shulou(Shulou.com)06/01 Report--

This article is about how to talk about the difference between FTP and SFTP and FTPS. The editor thinks it is very practical, so I share it with you. I hope you can get something after reading this article.

1. FTP (File transfer Protocol)

FTP's full name is File Transfer Protocol. Used for two-way transfer of control files on Internet. It is also an application (Application). There are different FTP applications based on different operating systems, and all of these applications follow the same protocol to transfer files. In the use of FTP, users often encounter two concepts: "Download" and "Upload". To "download" a file is to copy a file from a remote host to your own computer, and to "upload" a file is to copy a file from your own computer to a remote host. In the Internet language, users can upload (download) files to (from) a remote host through a client program. In the TCP/IP protocol, the FTP standard commands that the TCP port number is 21 Magi Port mode and the data port is 20 FTP. The task is to transfer files from one computer to another without the restriction of the operating system.

There are two ways to transmit FTP: ASCII and binary.

1.ASCII transmission mode

Assuming that the file you are copying contains simple ASCII text, if you are not running UNIX on a remote machine, ftp usually automatically adjusts the contents of the file when the file is transferred to make it easier to interpret the file into the format in which the text file is stored on the other computer.

But it is often the case that the files the user is transferring do not contain text files, they may be programs, databases, word processing files, or compressed files. Before copying any non-text files, use the binary command to tell ftp to copy verbatim.

two。 Binary transmission mode

In a binary transfer, the bit order of the file is saved so that the original and copy correspond bit by bit. Even a file that contains a sequence of bits on the destination machine is meaningless. For example, macintosh sends an executable file to the Windows system in binary form, which cannot be executed on the other system.

If binary files are transferred in ASCII mode, they will be translated even if they are not needed. This can corrupt the data. The ASCII approach generally assumes that the first significant bit of each character is meaningless because it is not used in ASCII character combinations. If you transfer binaries, all bits are important. )

FTP supports two modes: Standard (PORT mode, active mode) and Passive (PASV mode).

1.Port mode

The FTP client first establishes a connection with the server's TCP 21 port to send commands, and the client sends PORT commands on this channel when it needs to receive data. The PORT command contains what port the client uses to receive data. When transmitting data, the server connects to the designated port of the client through its own TCP 20 port to send data. FTP server must establish a new connection with the client to transfer data.

2.Passive mode

Establishing a control channel is similar to Standard mode, but a Pasv command is sent after a connection is established. After the server receives the Pasv command, it opens a temporary port (the port number is greater than 1023 and less than 65535) and notifies the client of the request to send data on this port. The client connects to the FTP server on this port, and then the FTP server will send data through this port.

Many firewalls are not allowed to accept externally initiated connections when they are set up, so many FTP servers located behind firewalls or intranets do not support PASV mode because clients cannot open high-end ports of FTP servers through firewalls. However, many clients of the intranet can not log in to the PORT server because the TCP 20 of the server cannot establish a new connection with the client of the internal network, which makes it unable to work.

2. FTPS (a multi-transport protocol)

A multi-transport protocol that is equivalent to an encrypted version of FTP. The default port number is 21. When you send and receive files on a FTP server, you face two risks. The first risk is to encrypt the file when uploading it. The second risk is how to keep these files safe while you wait for the recipient to download them on the FTP server. Your second option (to create a FTP server that supports SSL) allows your host to upload these files using a FTPS connection. This includes using a SSL layer encryption control and data channel under the FTP protocol. One alternative to FTPS is secure File transfer Protocol (SFTP). This protocol uses the SSH file transfer protocol to encrypt FTP connections from the client to the server. SSL (Secure Sockets Layer secure Sockets layer) and its successor Transport layer Security (Transport Layer Security,TLS) are security protocols that provide security and data integrity for network communications. TLS and SSL encrypt the network connection at the transport layer.

FTPS is an enhanced FTP protocol that uses standard FTP protocols and instructions in the secure socket layer, adding SSL security functions to FTP protocols and data channels. FTPS is also known as "FTP-SSL" and "FTP-over-SSL". SSL is a protocol that encrypts and decrypts data in a secure connection between a client and a server with SSL capabilities.

And sftp connection method is similar, in windows, you can use FileZilla and other transmission software to connect FTPS to upload, download files, establish, delete directories and other operations, in FileZilla connection, there are explicit and implicit TLS/SSL connection, connection also has a fingerprint prompt.

The SSL/TLS protocol works above the transport layer (TCP/IP), but below the application layer. Therefore, it can be easily implemented on application layer protocols such as HTTP,Telnet,POP3,IMAP4,SMTP and FTP. There are at least two different initialization methods for SSL security extensions: explicit security and implicit security.

Display security: to establish a SSL connection, explicit security requires the FTP client to send a specific command to the FTP server after establishing a connection with the FTP server. The client uses the default port of the server.

Implicit security: when a FTP client connects to the FTP server, implicit security automatically starts running with the SSL connection. In implicit security, the server defines a specific port (TCP port 990) for the client to establish a secure connection with it.

3. SFTP (secure File transfer Protocol)

Sftp is the abbreviation of Secure File Transfer Protocol, secure file transfer protocol. It can provide a secure encryption method for transferring files. Sftp and ftp have almost the same syntax and function. SFTP is part of SSH and is a secure way to transfer files to a Blogger server. In fact, the SSH package already contains a secure file transfer subsystem called SFTP (Secure File Transfer Protocol). SFTP itself does not have a separate daemon, it must use the sshd daemon (the port number is 22 by default) to complete the corresponding connection operation, so in a sense, SFTP is not like a server program, but more like a client program. SFTP also uses encryption to transmit authentication information and transmitted data, so using SFTP is very secure. However, because this mode of transmission uses encryption / decryption technology, the transmission efficiency is much lower than ordinary FTP, if you have higher requirements for network security, you can use SFTP instead of FTP.

The above is how to talk about the difference between FTP and SFTP and FTPS. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.