SFTP is secure version of the FTP . SFTP provides encrypted channel with the remote server. This makes authentication and data transfer more secure than FTP. SFTP protocol is generally provided by SSH servers by default. In this tutorial we will learn the default SFTP port and how to change it to different one.
SFTP Default Port TCP 22
SFTP is a subsystem of the SSH service or daemon. So this makes SFTP to listen TCP 22 port. We can use following
sftp command to connect remote system sftp service.
$ sftp 172.16.110.135
Change Default SFTP Port
If we want to change default SFTP port we need to change SSH configuration which will also change default SSH port. We need to open SSH config file
/etc/ssh/sshd_config and change
To whatever we want. In this example we change to the
2222 . This configuration will be more secure because it is harder to find by attackers.
After we changed the configuration file we need to make active the new configuration. We should restart the SSH services which will reread the configuration file and use new SFTP port number. We will use
systemctl command but other service management commands are welcomed.
$ sudo systemctl restart sshd
SFTP vs FTPS/SSL
As stated previous SFTP is a function of the
SSH protocol. So it is different than FTP mechanism. As FTP is not a secure or encrypted protocol it provides some security mechanism like SSL tunnelling. FTPS or FTP SSL is secured version of FTP and shouldn’t be confused with SFTP. FTPS listen for regular FTP port
21 or whatever it is configured.