SSH vs SFTP Guide

SSH and SFTP are closely related. You could be using one or both of them without really realizing how they work and how they could be used to their maximum effect. In this guide, you will learn all about these two systems and, if you don’t use them already, where to get them.

About SSH

SSH stands for the Secure Shell. This protocol was first launched in 1995. It was created by Tatu Ylönen at the University of Helsinki. SSH was created to be a secure version of Telnet, a terminal emulator. That means you can log into a remote computer and use it as though it was the local computer. Like Telnet, an SSH terminal session gets access to the command line and not the desktop of the remote computer. The system can also be used as a secure carrier that is used by other applications to protect connections.

SSH is not widely used as a raw application but it is often at the heart of the remote access utilities that are commercially available. The original release of SSH is now known as SSH-1. This was a proprietary system owned by SSH Communications Security, a company formed by Ylönen. SSH-2 was developed by the Internet Engineering Taskforce as an open standard. This is much more widely used than SSH-1 and the two versions are incompatible.

The third version of SSH is called OpenSSH. This has more or less merged with the functionality of SSH-2. OpenSSH is the most widely used version of SSH.

SSH is available for most operating systems: Unix, Linux, macOS, and Windows.

About SFTP

SFTP has two names. It is officially called the SSH File Transfer Protocol but many people call it the Secure File Transfer Protocol. As its original name shows, SFTP is based on SSH.

SFP was developed to replace the File Transfer Protocol (FTP), which is one of the oldest protocols in networking. Although FTP was very widely used, it doesn’t include any encryption. A quick solution to this problem was proposed as the use of SSH to protect an FTP session. This time-saving idea soon ran into problems right at the design phase. The big problem with the concept is that FTP uses two connections simultaneously. One of the channels carries administration messages and the other carries the actual data. SSH only establishes one connection so the idea of just wrapping FTP in SSH security was quickly scrapped.

The final design of SFTP was created as an extension of SSH. SFTP is a protocol rather than a product. There are many implementations of SFTP. However, it is integrated into most operating systems. So, if you go to the command on a PC on a Mac or on a Linux or Unix-driven computer, you can use SFTP just by typing those letters at the prompt.

The SFTP utility that you enter on the command line, strictly speaking, is not the SSH File Transfer Protocol but the secure file transfer program, which was written by the developers of OpenSSH and is the version used by the producers of operating systems.

SSH vs SFTP: differences

SFTP is a file transfer system. However, it also has the ability to pass file handling and directory commands to the remote operating system. These are commands such as directory creation functions and the ability to delete, copy, or move a file.

SSH gives full access to the operating system of the remote computer to which it is connected. However, by itself, SHH can’t transfer files.

SSH vs SFTP: similarities

SFTP can’t operate independently without SSH. Think of SSH as an envelope around SFTP. SSH first establishes a connection and agrees to an encryption key for the transmission. Encryption with that key is then used to protect all of the FTP transactions that take place in that session. So, from a security aspect, SSH and SFTP are the same things.

SFTP only exists to provide a secure file transfer system. There is no alternative form of SFTP that operates without security and it isn’t possible to use any other protocol to secure SFTP.

Alternatives to SSH

When you look into secure alternatives to SSH, you will find that there aren’t many. While there are secure terminal emulators available, such as Mosh, Eternal Terminal, or tmux, all of them are based on SSH. There are other terminal emulators available. These include PuTTY, telnet, and rsh. However, these systems are not encrypted and are not direct rivals to SSH; PuTTY includes an SSH option.

Alternatives to SFTP

The main rival to SFTP is FTPS. This is the File Transfer Protocol Secure. It uses Transport Layer Security (TLS) for authentication procedures and encryption. This is the same security service used for HTTPS. HTTPS itself is an alternative to SFTP because it can partner with WebDAV to provide a secure envelope for file transfers – HTTPS provides security while WebDAV implements file transfers within the HTTPS envelope.

SCP is another alternative to SFTP. This is remarkably similar to SFTP because it is an extension to SSH. SCP has less functionality than SFTP because it only implements the transfer of files and doesn’t include the ability to implement commands on the remote device.

The SCP command is based on the Unix copy command (cp) and has a straightforward format of requiring the from and to file locations and names as two parameters. The user indicates which is the remote system by adding the remote hostname onto it. Thus, in a very similar format, the command can be used to send or fetch files.

Here is our list of the five best SSH and SFTP tools:

  1. Solar-PuTTY EDITOR’S CHOICE A free SSH client from SolarWinds that can manage multiple simultaneous connections and includes an SFTP file transfer utility. It runs on Windows and Windows Server.
  2. Files.com (FREE TRIAL) A file management system that is based in the cloud and offers SFTP for secure file transfers to the account’s cloud file space and a secure link system for file distribution.
  3. PuTTY A classic, free SSH terminal emulator that includes SCP and SFTP for file transfers. It is available for Windows, macOS, and Unix.
  4. WinSCP A free tool with an easy-to-use graphical interface that includes SFTP and SCP but doesn’t have a full SSH terminal emulator. It runs on Windows.
  5. Bitvise SSH An SSH terminal emulator that includes SFTP and SCP for file transfers and is offered as a client module and a server module. It runs on Windows.

SSH and SFTP tools

When looking into “alternatives” to SSH and SFTP, it is better to look for different implementations of the two systems. As SFTP is dependent on SSH, most tools that implement one also include the other. There are a number of very sophisticated utilities that have nice, easy-to-use GUI interfaces that really are just interpreters down to the command line execution of SSH or SFTP.

The available tools that are based on SSH and SFTP range from simple little lightweight tools to full file management systems.

Our methodology for selecting an SSH and SFTP client

We reviewed the market for SSH and SFTP clients and analyzed the options based on the following criteria:

  • An easy-to-use GUI interface
  • An SSH terminal an SFTP file transfer service in one tool
  • Availability for multiple operating systems
  • The ability to connect to remote computers of different operating systems
  • A tabbed interface that allows for multiple session to be open simultaneously
  • A free tool or a free trial period for assessment
  • A good list of services that are worth paying for or a free tool that is worth the time to install and use

The Best SSH and SFTP tools

1. Solar-PuTTY (FREE TOOL)

SolarWinds Solar-PuTTY

Solar-PuTTY hits all of the targets we were looking for in the perfect SSH and SFTP package. Better still, this utility is completely free to use.

Key Features:

  • SSH, SFTP, and SCP
  • Tabbed interface
  • Automation with scripts
  • Windows Search
  • Drag-and-drop file transfer

Why do we recommend it?

Solar-PuTTY stands out for its enriched features and user-friendly approach to secure remote connections. It goes beyond the traditional PuTTY by offering a tabbed interface, which significantly simplifies managing multiple sessions. Additionally, its capacity for secure credential storage and automatic reconnection in case of interruption ensures a seamless and efficient workflow. The drag-and-drop functionality for file transfers, along with integration with SCP and SFTP, further enhances its utility. Being a free tool, it offers remarkable value, making it an attractive choice for professionals looking for a robust SSH and SFTP client.

The Solar-PuTTY service is a free gift from SolarWinds, the maker of system monitoring and management tools. This implementation of SSH has a very easy-to-use interface that allows multiple sessions to be open at the same time. The system also saves the credentials for each connection.

Once you have set up a connection, it appears as a large box-style button on the Overview screen of Solar-PuTTY. To use that connection again, you just need to click that button. It is possible to open many of these windows at once. The system also includes SFTP for file transfers.

Who is it recommended for?

Solar-PuTTY is ideally suited for IT professionals, system administrators, and developers who regularly manage remote servers and require a reliable, secure method for SSH, SCP, and SFTP connections. Its user-friendly interface, coupled with the ability to color-code and organize multiple connections, makes it a valuable tool for those needing to maintain multiple simultaneous remote sessions. The requirement for basic networking knowledge means it’s best for those already familiar with the principles of network management and secure file transfers.

Pros:

  • Completely free
  • Integrates with SCP and SFTP giving it more functionality than PuTTY
  • Offers secure credential storage for fast repeat access
  • Can color-code multiple sessions to help organize multiple simultaneous connections
  • Can automatically reconnect if the connection is interrupted

Cons:

  • Like PuTTY, this tool is designed for technical professionals and requires basic networking knowledge before use

Solar-PuTTY installs on Windows and Windows Server.

EDITOR’S CHOICE

SolarPuTTY is our top pick for an SSH and SFTP tool because it provides all of the indicators that we were looking for in the perfect system. It allows multiple connections to be opened simultaneously and includes a terminal emulator that is protected by SSH plus SFTP for file transfers. This is an easy-to-use utility that costs nothing to use.

Get 100% free tool: solarwinds.com/free-tools/solar-putty/registration

Operating system: Windows

2. Files.com (FREE TRIAL)

Files.com dashboard

Files.com doesn’t meet all of our selection criteria because it doesn’t offer a terminal emulator. However, it is a little better because it gives each customer a cloud storage space to connect to. This system uses SFTP and FTPS to upload files to its related cloud file server. Users then distribute files from that location by sending recipients a link for secure access to the file on the files.com server instead of sending the file itself.

Key Features:

  • SFTP and FTPS
  • Mail access links
  • User controls file access
  • Secure viewer

Why do we recommend it?

Files.com is recommended for its comprehensive approach to file management and sharing, providing a secure and scalable cloud storage solution. Its support for SFTP and FTPS ensures safe file uploads to the cloud, while the ability to share access through mail links simplifies file distribution without compromising security. The platform’s user controls and secure viewer add an extra layer of protection and convenience, making it an excellent choice for businesses looking to streamline their file-sharing processes securely.

The Files.com system enables users to share access to files on the cloud server and also send out invitations to outsiders so that they can view the file in situ.

Who is it recommended for?

This platform is perfectly suited for businesses of all sizes that require a robust and secure file-sharing and storage solution. Files.com’s scalable infrastructure can accommodate the growing needs of small businesses expanding into larger enterprises. Additionally, its advanced user management and permissions system makes it an ideal choice for organizations that need to maintain strict control over file access and distribution. The platform’s ability to integrate with other cloud-based storage options further enhances its versatility, making it a valuable tool for businesses leveraging multiple cloud services.

Pros:

  • Scalable solution, making it ideal for both small businesses and enterprises alike
  • Features robots user management, permissions, and access control to support long-term use
  • Allows users to create links to files that have special rules, such as expiration dates or click tracking
  • Can compress large files for faster transfer
  • Supports integrations into other cloud-based storage options such as Dropbox, Google Drive, and OneDrive

Cons:

  • While the platform is easy to use, some of the more advanced features can take time to learn and implement

Files.com is charged for by subscription with a rate per user per month. The service is available in three editions, called Starter, Power, and Premier. These include 1, 5, and 10 TB of data usage per month respectively. You can access Files.com on a 7-day free trial.

Files.com Access 7-day FREE Trial

3. PuTTY

PuTTYTray

PuTTY is a very well-known SSH terminal emulator. Solar-PuTTY is actually an improved frontend for this tool. However, if you don’t want anything to do with the products of large corporations, you might prefer this original version.

Key Features:

  • SSH
  • Stable and long-established
  • OpenSSH certificates

Why do we recommend it?

PuTTY is highly recommended due to its status as one of the most reliable and widely-used SSH clients available. Its enduring popularity stems from its simplicity, stability, and open-source nature, ensuring that it remains completely free to use. Offering comprehensive support for both IPv4 and IPv6, PuTTY facilitates secure and efficient connections to Unix/Linux-based systems, embodying the essential functionalities expected from a terminal emulator without unnecessary complexity.

Who is it recommended for?

PuTTY is ideal for developers, system administrators, and IT professionals who require a straightforward, dependable tool for SSH connections to Linux or Unix-based servers. Its user-friendly interface and robust support for various protocols make it particularly suitable for those who value simplicity and effectiveness in their workflow. While it may not offer advanced file transfer capabilities within its core functionality, its extensive use and support within the tech community make it a valuable asset for anyone working within Unix/Linux environments.

Pros:

  • One of the most popular SSH clients
  • Completely free and open source
  • Supports both IPv4 and IPv6

Cons:

  • Better for connecting to Linux/Unix-based systems
  • Lacks additional functionality like file transfer

This tool is very simple and lightweight. It operates as a settings screen for SSH and an interface to SFTP and also has an option of using SCP for file transfers. The system is available for Windows, macOS, and Unix and it is free to install.

4. WinSCP

WinSCP Dashboard

WinSCP is a popular utility for Windows that acts as an SSH terminal emulator as well as a client or SCP and SFTP. It has been downloaded more than 153 million times and it is free to use.

Key Features:

  • SSH, SFTP, and SCP
  • 189 million users
  • Drag-and-drop transfers

Why do we recommend it?

WinSCP is endorsed for its dual functionality as both an SSH terminal emulator and a file transfer client, combining the capabilities of SCP and SFTP into a single, user-friendly application. Its immense popularity, evidenced by its significant download count, underscores its reliability and effectiveness for secure file transfers and remote server management. The drag-and-drop interface simplifies the process of transferring files, while customizable appearances cater to user preferences, enhancing the overall user experience.

The user gets to choose the appearance of the utility from a list of options. There is a “system to system” layout that shows the local file directory structure on the left and the remote file directory structure on the right. You just drag and drop files from one side to the other in order to start a file transfer.

Who is it recommended for?

WinSCP is an excellent choice for Windows users who require a robust and intuitive solution for managing files on remote servers. It’s particularly suitable for those who prefer a graphical user interface (GUI) over command-line interactions, offering an easy-to-navigate layout for file transfers and remote commands. While it may not suit users looking for a lightweight, command-line-based tool, its comprehensive feature set makes it ideal for developers, system administrators, and IT professionals seeking a versatile file management tool.

Pros:

  • Has many more features than PuTTY, as it is technically a file transfer utility
  • Easy to navigate user interface for those who don’t like a CLI as much
  • Features a remote command option for SSH

Cons:

  • Runs only on Windows
  • Not as lightweight as a command line-based tool
  • Fans of traditional PuTTY may find the GUI to be slower than typing commands

This utility is very easy to use and you can get it for free.

5. Bitvise SSH

bitvise ssh client

Bitvise SSH is offered as a client and a server. The client module is free to use and it includes a Remote Desktop service as well as a remote terminal, which operates at the command prompt. The file transfer utilities built into this tool are SFTP and SCP.

Key Features:

  • SSH, SFTP, and SCP
  • Can be client or server
  • Remote desktop

Why do we recommend it?

Bitvise SSH Client stands out for its comprehensive suite of features that cater to a wide range of secure remote access needs. It not only facilitates secure shell (SSH) communications but also includes SFTP and SCP for file transfers, enhancing its utility for managing files securely over the network. The addition of Remote Desktop functionality further broadens its applicability, allowing users to access and control remote systems with ease. Its support for various public key authentication types and customizable SSH obfuscation options ensures that connections are not only secure but also tailored to specific security requirements. The powerful scripting capabilities it offers through sexec/stermc make it an adaptable tool for automation and advanced remote management tasks.

Who is it recommended for?

Bitvise SSH Client is ideally suited for IT professionals, system administrators, and developers who need versatile and secure remote access solutions. Its ability to serve as both a client and a server makes it a valuable tool for anyone requiring secure command-line access, file transfers, or remote desktop capabilities in their daily operations. While the interface might present a learning curve with its multiple tabs, users who require advanced features and customization options will find Bitvise SSH Client to be a highly capable tool. Its powerful scripting and customization options make it particularly appealing to those who need to automate tasks or operate in environments with specific security protocols.

Pros:

  • Supports numerous public key authentication types
  • Offers customizable SSH obfuscation
  • Powerful scripting options through sexec/stermc

Cons:

  • The interface could be easier to use by consolidating the multiple tabs
  • The help section is outdated, could use more visual examples

The server module also runs on Windows and it is a paid product. The server also collects and displays statistics on SSH and SFTP activity per user or per group. The Bitvise SSH server can be bought on a 1, 2, 3, or 5-year license. There is a Personal edition, which is free of charge but this is not available for use by businesses. The paid version of the Bitvise SSH server is offered on a 30-day free trial.

SSH vs SFTP FAQs

Which is more secure SFTP or SSH?

SSH and SFTP are equally secure. This is because SSH provides the security mechanisms for SFTP.

Is port 22 a SSH or SFTP?

TCP port 22 is reserved for use by SSH. As SFTP is tunneled through SSH, the outer package of the system is pure SSH and so SFTP also uses SFTP.

Is SFTP faster and run over SSH?

SFTP is a more secure system than FTP. The security is achieved by establishing an SSH session and then running a file transfer through it. Security requires authentication and that slows down the establishment of a connection. Another feature of SFTP that makes it slower than FTP is that all packet contents are encrypted. Encrypting and decrypting packet data takes a little time.

SFTP is generally slower than FTP due to the security built into the protocol. The data is encrypted, which takes time, but perhaps more importantly the protocol itself functions differently; it’s not “streamed” like FTP. One limitation of SFTP is that, being reliant on SSH, it requires authentication.