All of these protocols are used for transferring files. However, they all provide file transfers in a different manner. Which one to use depends greatly on your requirements functionality, and even operating system used. In this article we will discuss how each of these protocols work, their limitations, strengths, and examples of their use. Let’s take a look at the differences between SFTP, SCP, and FTPS.

SCP – Secure Copy

SCP is a protocol based on SSH (Secure Shell). It provides an easy, although limited, way to securely copy files from one system to another. It is a more secure version of the older RCP (Remote Copy Protocol). SCP combines the copy functions of RCP, with the authentication, compression, and encryption functions of SSH.

SCP is limited to transferring files. It does not provide a method for deleting, listing, renaming or other such file operations. However, it provides a user friendly utility to quickly and securely copy a file from one system to another. The simple and easy to remember sytanx makes SCP a Linux Administrators go to utility for a quick file transfer.

The SCP utility comes pre-installed on almost all Linux, UNIX, and even MAC systems. This makes it widely accessible to anyone using an operating system other than Windows. Although, you can easily install programs like WinSCP or Putty to use SCP on your Windows system. These programs will allow you to transfer files to a Linux system. If you want to SCP files to a Windows machine, you will need to install and enable an SSH daemon.

SCP Examples

Copy a file from a local machine to a remote machine:

scp file.txt [email protected]:/path/to/save/file.txt

Copy a file from a remote host to your local machine:

scp [email protected]:/path/to/file.txt /path/to/save/file.txt

SFTP – Secure File Transfer Protocol

SFTP is another protocol that takes advantage of the security and authentication provided by SSH. You can think of SFTP as simply FTP (File Transfer Protocol) that uses an SSH tunnel to secure communications.

SFTP is an interactive file transfer utility which provides much greater functionality. Although SFTP and SCP both use SSH for transport, that is where the similarities end. With SFTP you can list directories, change permissions and owners, delete and rename files, and even create symlinks. This provides all the functionality of FTP with the security of SSH.

Since it is a subsystem of SSH, it is usually available on any system that has SSH. This mean almost any Linux, UNIX or Macintosh system will have SFTP available to it. If you are a Windows user there are many options for SFTP clients. My personal favorite is FileZilla. However, almost any FTP client these days will support SFTP.

SFTP Examples

Copy file from local machine to remote machine:

[[email protected] ~]$ sftp fenrir
Connected to fenrir.
sftp> put file.txt
Uploading file.txt to /home/savona/file.txt
file.txt  
sftp>

Copy file from remote machine to local machine:

[[email protected] ~]$ sftp fenrir
Connected to fenrir.
sftp> get file.txt
Fetching /home/savona/file.txt to file.txt
/home/savona/file.txt                                                                 100% 3601     1.4MB/s   00:00    
sftp> 

FTPS – File Transfer Protocol Secure (FTP-SSL)

FTPS does not use SSH and is not native to any operating system. It is an extension of the FTP protocol that uses TLS/SSL to secure communications between hosts. This is very similar to how TLS/SSL is used to secure basic web traffic.

Although there are command line utilities for FTPS, it is most commonly used by Windows users via a client. WinSCP and FileZilla are two of the most popular clients used for FTPS connections on Windows. In Linux, you can use FileZilla as well. In addition, there are command line tools, such as lftp, that provide FTPS from a Linux terminal. Since FTPS is an extension of FTP it provides all the same functionality. Copy, delete, change permission, etc are all available with FTPS.

FTPS Examples

Copy file from local machine to remote machine:

[[email protected] ~]$ lftp -u savona fenrir
Password: 
lftp [email protected]:~> put file.txt
3601 bytes transferred                
lftp [email protected]:/> 

Copy file from remote machine to local machine:

[[email protected] ~]$ lftp -u savona fenrir
Password: 
lftp [email protected]:/> get file.txt
3601 bytes transferred                     
lftp [email protected]:/>

Conclusion – SFTP, SCP, and FTPS

All of these protocols offer strong authentication and encryption options. The implementation of the protocol is important to securing a system. FTPS using multiple ports in a way that makes it hard to securely allow it through a firewall. SFTP and SCP only use a single port (22 by default). In addition FTPS requires more configuration, which can lead to mistakes. However, SFTP is only as secure as the SSH configuration. You can read our “Guide to Securing the SSH daemon” to see how involved it really is.