This year is certainly the year for birthdays. The File Transfer Protocol, otherwise known as FTP is 40 years old today. Originally put forth as the RFC 114 Specification on April 16, 1971, FTP (and the various iterations inspired from it) is as heavily used today as it was back then by people and companies all over the world.
Originally put forth as RFC 114 and used as such from 1971 to 1980, it changed when in 1980 it was put forth again as RFC 765 by Jon Postel of ITI. This standard retired RFC 114 and introduced more concepts and conventions that survive to this day, including: A formal architecture for separate client/server functions and two separate channels, Site-to-site transfers, Passive (a.k.a. “firewall friendly”) transfer mode among other improvements. RFC 765 was replaced by RFC 959, which formalized directory navigation in 1985.
The third and current generation of FTP was a reaction to two technologies that RFC 959 did not address: SSL/TLS and IPv6. It was essentially a security upgrade to FTP.
While FTP matured into FTPS, it is not to be confused with SFTP.
FTPS is essentially a secured or hardened FTP protocol that uses two channels, one for the data transfer and one for directory listings and other data not associated with the actual transfer. It’s FTP + SSL.
SFTP is a complete departure from FTP and is part of the Secure Shell File Transfer Project and was built from the ground up as an extension of SSH. It is a secured file transfer protocol built as an extension of SSH itself. While many confuse SFTP with “an FTP session through SSH”, it isn’t. While FTPS is FTP with security extensions (namely SSL), SFTP is an extension of SSH that adds easy file transfer capabilities to the already secure SSH session. Also not to be confused with SCP, SFTP allows for many more dynamic commands than that of simple SCP.
It is interesting to note that many companies still use classic FTP over VPN connections as well.
Anyone lost yet? Just checking . . .