Fix HTTP Error 505 Version not Supported
In the ever-changing world of the internet, running int...
With the world gradually becoming a “global village,” transfer of information is increasingly becoming easier. However, due to malicious parties lurking within the network, users of the internet and other networks prefer to use a file transfer procedure that will be effective and guarantee their file safety.
As a result, many protocols have been invented to fill the proposed file transfer gap. Several protocols have been invented to ensure the security of large file transfers.
An example of one among many is the SSH File Transfer Protocol, the acronym SFTP, which allows for accessing and managing files within a network.
In this article, we will discuss what SFTP is, its port number, how it works, what it can be used for, and how to change its default port number for safety purposes.
Secure File Transfer Protocol, or the popularly known SSH File Transfer Protocol, is a client-server file protocol used over a network to transfer large amounts of sensitive data. It’s an improvement of the File Transfer Protocol (FTP) and possesses Secure Shell (SSH) features.
SSH was first designed by the Internet Engineering Task Force (IETF) to improve security during file sharing. SFTP is most commonly used to transfer sensitive information, e.g., personal account details. Using this transfer protocol, technology has made major leaps for medical offices seeking compliance with the Health Insurance Portability and Accountability Act (HIPAA).
In 1997–1998, Tatu Ylonen first designed SFTP for SSH 2.0. As a result, the normal SSH port is utilized rather than the specific SFTP port.
He developed the first Secure Shell, or SSH, which was later updated into OpenSSH and other versions. As a result, it is currently included with every Unix, Linux, and Macbook computer and is accessible on all platforms. It, therefore, serves as the standard tool for network administration and computer network systems. Also, Tau Ylonen has done quite a lot on SSH key management, including host keys and user authentication, making SFTP a reliable file transfer protocol.
SFTP uses port number 22 by default, but it can be configured to listen on other ports. SFTP, compared to File Transfer Protocol (FTP), only needs one port to transfer data.
SSH servers typically listen on TCP Port 22. Users can configure SFTP servers to use various SSH ports without compromising security or functionality because the rationale for this is mainly arbitrary. SSH transports both data and commands across a single connection, unlike FTP or telnet, for instance, therefore, SFTP servers only require one port to connect.
As discussed previously, SFTP transfers data securely over a TCP/IP network. Its commands are based on the FTP and share similarities with the Linux shell commands. So, if you have knowledge of either of the two, you may need to tweak a thing or two to know how to use SFTP.
To establish a connection with SFTP, it needs to connect with the default port number 22.
An SFTP client and server are also required for SFTP. SFTP client is software that enables users to connect to a server and store files remotely. From the SFTP server, files can be saved and retrieved. The request is sent over the network when a user clicks on a file, eventually arriving at a server. The querying device then receives this data. Before being transferred, all files are encrypted by SFTP.
SSH keys as used by SFTP to automate access to servers. Half is stored on the client, while the other is stored on the server (Public key). The users require an SSH key pair match before being authenticated, allowing for the secure transfer of files. Users have the option of being recognized by their user ID, password, SSH keys, or both.
One frequently asked question about SFTP is its advantages over the File Transfer Protocol over SSH (also Secure Socket Layer). Here is an overview of the differences between the two protocols in a tabular form;
Features | FTPS | SFTP |
Ports | It uses multiple ports; command and data ports | It uses only port 22 |
Algorithm | Encrypts transferring data using AES and Triple DES. | |
Certificates | Connections are authenticated using the user ID, passwords, and certificates. | Does not support certificates. |
Authentication connections | Uses TLS/SSL certificates to encrypt connections and X.509 certificates to authenticate connections. | Uses the User ID and password or SSH keys to establish a connection with a server. |
Implementation | Due to its use of multiple ports, it can be hard to patch through a firewall. | It only requires one port (port 22) to be opened through a firewall. |
Speed | Very speed friendly with data and command ports running asynchronously | Since the data and synchronization packets run on the same port as one packet, it may be a little slower than the SFTP |
Data Directory Manipulation | Commands are limited and not standardized. Therefore, they need an administrative configuration. | Commands are not limited and are standardized for directory manipulation |
Compatibility | Not compatible with many devices, and commands can lead to various client-server issues | Compatible with many modern devices, including Linux and Unix. |
To use your SFTP server in a public network means exposing it to hackers with malevolent intents. Therefore, a safe transaction is needed. That’s why an extra layer of security should be added to your servers.
The default port number for SFTP is port 22, and as it is used by SSH already, it is highly vulnerable to attacks. So, changing the port to an unknown port number is the best course of action. It is advisable to change the default port to a port number greater than 1024. Here is a step-wise procedure to change your default port number to a different port;
sudo nano /etc/ssh/sshd_config
sudo service ssh restart
or
sudo systemctl restart sshd.service
Note that this command may vary based on the Linux distribution you’re using.
After you have completed these steps, the SFTP service will listen on the new port you specified.
You must also configure your SFTP client to use the new port number when connecting to the server. You can do this by invoking the stfp command with the -P flag to mention the port (say 1234) with the following command:
sftp -P 1234 hostname@public-ip
SFTP is a data transfer file protocol based on FTP with SSH components.
The default port number is 22, and as SSH also uses it to listen, it is a very vulnerable port number. The good news is that you can change it to your desired number to ensure a secure file transfer.