SFTP (SSH File Transfer Protocol) and SCP (Secure Copy Protocol) are both used for transferring files between a local host and a remote host or between two remote hosts.
While both protocols run on port 22 and utilize the SSH (Secure Shell) protocol to establish an authenticated connection, they are not one and the same.
In this post, we’ll explain the differences between the two and prompt you in the right direction when choosing a protocol.
Let’s begin with a few words about each protocol:
What is SFTP?
SFTP is a secure file transfer protocol that emerged in the late 1990s and is a successor to the original file transfer protocol, FTP. It is based upon SSH (Secure Shell), which is the standard way to connect to UNIX/LINUX servers.
SFTP operates in a client-server architecture where a client connects to a server and downloads or uploads files to and from it and manages the files and directories on it.
What is SCP?
SCP is a secure file transfer protocol that is best described as the combination of the SSH (Secure Shell) and RCP (remote copy protocol) protocols. While the SSH protocol offers authentication and encryption, the RCP is used for transferring files to or from the server.
Now that we’ve covered the definition segment, it’s time to compare the two protocols with respect to security, speed, functionality and file size limitations.
1. Security
As the amount of data and information exchanged over the web constantly increases, the importance of data security is inevitable.
In order to prevent cyber assaults, both SCP and SFTP utilize TCP port 22 and SSH (secure shell), providing top level security features such as encryption for data-in-motion, public key authentication, password authentication, auditing of failed logins, limits on number of failed attempts, and more.
Unlike SCPSCP may have some vulnerabilities
2. Performance
When it comes to file transferring speed, you’ll find many resources on the internet claiming that SCP holds the upper hand over SFTP with upload and download speed.
However, in our preliminary tests, it wasn’t proven to be obvious whether one protocol is considerably faster than the other when uploading or downloading single large files or a multitude of small files over the internet or within a local network.
3. Functionality
SFTP offers a wide range of functionality: file listing, file access and deletion, resuming of upload/download processes, creating/viewing/searching and deleting directories, etc.
SCP doesn't allow you to manage the file system, but only to upload or download files to and from the server.
SCP does allow a simple method of downloading a directory recursively, including all child files and directories, which is more complex with the plain command line SFTP client, but simple to perform using GUI clients or using the lftp command line.
4. File size limitations or concurrency limitations
Neither SCP nor SFTP have file size restrictions or concurrency limitations.
In the case of a possible limit imposed on the number of concurrent connections to the server by the SSH daemon, the client should be able to control the number of connections used to transfer files concurrently.
Conclusion
Though similar when it comes to security features, performance and restrictions, SFTP and SCP are distinct in terms of functionality.
GUI clients only support the SFTP protocol (even WinSCP!) and in the near-future, OpenSSH will switch scp from using the legacy scp/rcp protocol to using SFTP by default.
Does SFTP To GO support SFTP or SCP?
SFTP To Go supports the SFTP protocol, which is the protocol that offers more functionality out of the two. It also supports FTPS, S3 and HTTPS as file access protocols.
Post photo by Scott Graham on Unsplash