Your browser does not allow storing cookies. We recommend enabling them.

FTP Client - Using SFTP Instead Is Recommended

This page presents an overview of an FTP client and explains how SFTP provides the same functionality but securely and more robustly, and is easier to use and configure.

FTP Client Overview

An FTP client is a software application that allows logging in to a computer that runs FTP server software. Once a user has connected to a server and authenticated using a password, the user can then transfer files and folders to and from the server computer. The client functionality is embedded in most common web browsers, but is also available as a separate, dedicated software application for most common operating systems.

FTP Is Vulnerable to Identity and Data Theft

The FTP protocol is unencrypted and transmits passwords and data in the clear. Tools are widely available for capturing user names and passwords from the network. This is called password sniffing, and was a common attack already in the mid-1990s.

SFTP Is a Secure Alternative to FTP

The SFTP protocol and SSH have replaced FTP in practically all new applications. FTP should only be used with legacy systems that do not support SFTP. It is generally impossible to achieve compliance in regulated industries when using FTP.

With the SFTP alternative, it is also easy to automate file transfers. SFTP supports the use of cryptographic keys, SSH keys, for authentication. This makes automation very easy.

The SFTP protocol also works across firewalls and Network Address Translation (NAT) automatically and without any special configuration.

Tectia SSH Clients and Servers

See the separate SSH client page for alternatives for a file transfer client.

As a replacement for an FTP server, we recommend Tectia SSH Server. It is available for Windows, Unix, Linux, and z/OS.

An FTP client in the Chrome browser


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more