Featured:
Allergies
Tech Know
Grilling Guide
eHow Now Blog

The Similarities & Differences Between SCP & FTP

The Similarities & Differences Between SCP & FTP thumbnail
SCP and FTP are file transfer utilities that rely on other protocols for security features.

SCP and FTP are two applications for copying files from one computer to another. Both were originally based on their own protocols, but both now use different protocols. SCP stands for Secure Copy Protocol, and FTP is an acronym for the File Transfer Protocol, which was the original file transfer protocol.

  1. Security

    • A key factor in file transfers is that they require a login to the remote computer. FTP dates back to 1971. At that time, networks were still under development in academic institutions and security was not a priority. Because FTP sends the user name and password for login in plain text, it is unacceptable for commercial applications where networks hold valuable information and are more likely to be broken into. Clearly, FTP needed to be replaced by a more secure facility so it could meet the security demands of enterprises, and several were developed. One of those secure versions was SCP, or Secure Copy Protocol.

    Underlying Protocols

    • The FTP utility is no longer based on the FTP protocol because of that protocol's security weaknesses. The most common basis for FTP today is the FTP Secure Protocol, FTPS, which uses Transport Layer Security to provide encryption. SCP was developed with its own protocol as part of the Secure Shell utility, which is a remote terminal program based on the SSH protocol. Secure Shell was completely rewritten by the Internet Engineering Task Force to produce SSH2 in 2006, and the SCP protocol was scrapped at that point. SCP is now based on SFTP, which stands for Secure FTP or SSH FTP.

    Format

    • SCP has only one format: It is a command in Secure Shell. It follows the format of the Unix copy command, cp. SCP has two mandatory parameters: the "from" and "to" address for the file. One of these includes a user name and host name indicating which is on the remote computer. FTP has three formats: as a command environment, as a range of Windows-based utilities and as a library of functions for integration with other programs. The command line environment has its own prompt and a range of commands that enable users to not only send and receive files, but to move around the remote system and manipulate files.

    Connections

    • SCP is a SSH command and so operates within that environment that encrypts all data exchanges. As an added security feature, SCP copies files as binary data, which makes them harder to read through wiretapping. FTP establishes two connections. The first connection carries commands and responses and is encrypted by TLS, and the second is for data transfers. In the original FTP specification, this connection always terminated at a well-known port. In the FTPS version, the second connection uses a random port, which makes getting connections through firewalls difficult. The data connection of FTPS is not encrypted. The philosophy behind that is that the managers of sensitive data should make sure that files are already encrypted, so transfer encryption would be a duplication of effort.

Related Searches:

References

  • Photo Credit Hemera Technologies/AbleStock.com/Getty Images

Comments

Related Ads

thumbnail
Featured