What is SFTP?
SFTP (SSH File Transfer Protocol) is a secure file protocol for accessing, managing and transferring files over an encrypted SSH transfer. For this, port 22 is used. SFTP is similar to FTP but more secure and easier to configure. Like SCP, it not only transfers files, but also allows you to process and resume file transfers on remote files.
Often times the SFTP version is confused with the ssh packet version. First, let's explain how to find out the sftp version. Then, let's give a information about the connection of sftp to the ssh version.
How to get SFTP version of remote server?
First of all, let's learn the sftp version in our system with 3 methods.
Method - 1: Using sftp command
To show the sftp version on the remote server, first connect to the server;
foc@fedora:~$ sftp user@192.168.122.15
foc@192.168.122.15's password:
Connected to 192.168.122.15.
sftp>
Then the version is shown with the following command:
sftp> version
SFTP protocol version 3
Method - 2: Using sshpass command
Let's learn the version with a one-line command. We will use echo and sshpass commands as helpers.
foc@fedora:~$ echo 'version' | sshpass -p password1 sftp user@192.168.122.15
Connected to 192.168.122.15.
sftp> version
SFTP protocol version 3
We reached the result with a single line script.
Method - 3: From Log Messages
This method requires you to be connected to the remote Linux server. Update the following line in the sshd_config
file:
root@pardus:/home/foc# cat /etc/ssh/sshd_config | grep Subsystem
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp /usr/lib/openssh/sftp-server -l VERBOSE
Then restart the sshd service:
root@pardus:/home/foc# systemctl restart sshd
When you access with sftp later, the following log is created on the connected server:
root@pardus:/home/foc# tail -f /var/log/auth.log
Sep 5 15:10:00 pardus sshd[2008]: Accepted password for foc from 192.168.122.1 port 36246 ssh2
Sep 5 15:10:00 pardus sshd[2008]: pam_unix(sshd:session): session opened for user foc by (uid=0)
Sep 5 15:10:00 pardus systemd-logind[430]: New session 13 of user foc.
Sep 5 15:10:00 pardus sftp-server[2015]: session opened for local user foc from [192.168.122.1]
Sep 5 15:10:00 pardus sftp-server[2015]: received client version 3
Sep 5 15:10:00 pardus sftp-server[2015]: realpath "."
"received client version 3" shares the version information with us.
SSH and SFTP Version Differences
SFTP comes with the ssh package installed on the system. SSH package has 2 versions. These:
- SSH 1.xx (SSH1)
- SSH 2.00 (SSH2)
If SSH 1 is available, your system does not support SFTP. To find out your SSH version, run the following command in terminal:
foc@fedora:~$ telnet 192.168.122.15 22
Trying 192.168.122.15...
Connected to 192.168.122.15.
Escape character is '^]'.
SSH-2.0-OpenSSH_8.7
As seen in the terminal output, SSH-2.0 version is installed on our system.
SFTP versions affect functional features but not the security of the connection. Here is a list of SFTP (always SSH2) versions and uses:
- 1 (nonexistent)
- 2 (rare)
- 3 (common)
- 4 (common)
- 5 (nonexistent)
- 6 (not yet common but increasingly supported)
Systems using SSH2 version use and support SFTP v3.
Summary
The outgoing client negotiates the SFTP version with the receiving server during session creation. If the receiving server only supports version 2, the server negotiates and runs on version 2. But as we mentioned above, most linux distributions support and use SFTP v3. Therefore, v2 is rarely used on the system.
References
www.unix.com - Sftp Version
stackoverflow.com - How to get sftp version of remote server?