How to set up secure file transfer with SFTP

SFTP is a secure file transfer protocol based on the old, obsolete, unencrypted and well-known FTP protocol.

SFTP is packaged with the SSH (Secure Shell) protocol, which provides a secure communication channel between the client and the server, that is leveraged to support the transferring of files.

Over the past 20 years or so, with the help of its reliability and simplicity under its belt, SFTP has grown increasingly popular as a means of shipping files and sharing data in a secure fashion among organizations and all without needing to develop and maintain APIs.

The following guide shares the step by step process of how to achieve secure file transfer using SFTP.

Choosing your SFTP server

SFTP is a good example of client-server architecture, meaning that a user uses client software to connect to a server. The server is responsible for the authentication of the user and authorizing access to the appropriate resources (or files and directories). It also stores the actual files, allowing users to traverse, upload, download and delete them.

As mentioned above, SFTP is packaged with SSH, which means that any Linux server can also act as an SFTP server. There are also SFTP server services which can be installed and set up on Windows servers. However, before you go and set one up on your own, you should take into account that SFTP is also available as a service on the cloud. There are a few additional factors to take into consideration before deciding which way to go, such as who do you prefer to maintain the servers and service, scalability and flexibility, security (firewalls and encryption at rest, for example), high availability, and business continuity. When you opt to use SFTP as a service, you get the perks of SFTP without the hassle of setting up and regularly maintaining an SFTP server. All you need to do is sign up to the service and you're good to go! You can read more about the benefits of using a fully managed SFTP here.

SFTP To Go is a fully managed SFTP as a service, which offers end-to-end security, infinitely scalable and durable storage, simple user management and automation using APIs and file system changes webhook notifications all with a simple one-click setup.

Cloud FTP with maximum security and reliability

SFTP To Go offers managed cloud storage service - highly available, reliable and secure. Great for companies of any size, any scale.

Try SFTP To Go for free!

Choosing your SFTP client

Once you’ve obtained an SFTP server, it’s time to pick your client. There are a variety of graphical clients out there, in addition to command line tools and programming libraries. Throughout the rest of this guide, we’ll demonstrate how to use SFTP using the command line.

Transfering files using SFTP

Open a Connection

All modern operating systems come with the sftp command line. To open a connection to your SFTP server, type in the command line:

$ sftp [user@]host[:port][/path]

(Don’t forget to replace the placeholders with the actual username, server name and optionally the port and path to start in).

Depending on the set authentication mechanism used in the server, you will either have to enter a password or provide a private key with which you’ll authenticate yourself.

Upload files: the `put` command

Once connected, you can upload files from the local computer to the remote host by using the put command, with which there are two arguments:

local-file - the path to the local file(s) to upload. Use wildcards (*) to upload multiple files in a single command.
remote-path (optional) - The target directory to place the uploaded files on the remote server. If left empty, files will be automatically uploaded to the current remote directory.

For example:

sftp> put inv-jKv72b.json /outgoing-invoices/
Uploading inv-jKv72b.json to /outgoing-invoices/inv-jKv72b.json
inv-jKv72b.json                                                                                                           100% 34596     9.0KB/s   00:00

Make sure to inform the other party that files are readily available for download (it takes two to tango, you know) and they’ll be able to use the ls command to list the contents of the directory on the server:

sftp> ls -l /outgoing-invoices
-rwxr--r--   1        -        -    21451 Nov 24 08:28 inv-UIf2IS.json
-rwxr--r--   1        -        -    69070 Nov 22 09:12 inv-UPrGAT.json
-rwxr--r--   1        -        -    15714 Jul 14 15:18 inv-v5rg8c.json

Download files: the `get` command

To download files from the remote server to the local computer, use the get command.

Just like put, the get command has two arguments:

remote-file - the path to the remote file(s) to download. To download multiple files in a single command, add a wild card (*) to the remote-file argument. This argument is mandatory.
local-dir (optional) - The target directory to place the downloaded files on the local host. If left empty, files will be automatically downloaded to the current local directory. This argument is optional.

Example:

sftp> get inv-UIf2IS.json
Fetching /outgoing-invoices/inv-UIf2IS.json to inv-UIf2IS.json
/inv-UIf2IS.json                                                                                                                                          100% 21451     9.1KB/s   00:00

Pro Tip:

Use a wildcard to download multiple files. In this example, we’ll download any json file whose name starts with inv:

sftp> get inv*.json

More SFTP Commands

There are a number of other useful commands you can utilize with SFTP (to manage directories, for example). You can view them and download a cute little cheat sheet here.

Summing up

To conclude, SFTP is a simple yet powerful tool for transferring files between parties through secure communication channels and a server that helps manage and access files. There are a variety of clients you can use to successfully connect to an SFTP server, and you can get one up, running, and managed with just a single click.