Monday, 3 October 2011


Today , we are all connected through the technology … Every moment , we are sharing some or the other sort of information . This information we share is often meant to be restricted to a select group of individuals . Even in computers , we tend to share various files , we log into our e-mail accounts through passwords which are sent over the internet and we use online banking for various money transactions . What if such sensitive information ended up getting into the wrong hands ? What if this information is misused to our loss ? … This blog attempts to cover certain aspects of secure file transferring which helps us prevent sensitive data from getting into wrong hands through a secure file transferring protocol.
Let us start by defining what we mean by protocol .
PROTOCOL basically means a set of instructions to be followed when communicating .
As we have an algorithm for mathematics or for a computer program, or a recipe for a dish , the same way , we have a protocol for communication .
There are a number of softwares for actually setting up , initiating and for working in case of a protocol . These are :
1) Network protocol
3) Computer-compute protocol
So we now come to the question … what is a file transfer protocol ?
File transfer protocol is a standard network protocol used to transfer files from one host to another over a TCP ( transmission control protocol ) based network such as “ internet “ . It is considered a safe kind of communication for transfer . During its initial days , it was used in command line mode , using standard commands and syntax , but now due to the advent of technology , even GUI( graphical user interface) based FTP are possible .
So … let us now see what SFTP is … SFTP , or Service File Transfer Protocol (or may be called as Secure FTP or SSH-FTP ) , is an interactive mode of file transfer protocol similar to FTP . The difference between FTP and SFTP is that the SFTP is latest and is more secure than the normal FTP . It’s just like a younger and stronger security guard making sure that what needs to be secure remains secure .
We also have SSH , a short form for Secure Shell , which is basically a way you can share data safely over an unsafe network .
SSH is like an air conditioner , keeping the temperature warm even in the presence of the immense heat of the wrong-doers willing to pounce onto your data to put it to some wrong use J .
Now you may ask … what is the difference between SCP and SFTP ?
The answer would be simple . SCP only allows transfer of files but SFTP is latest thing available and allows multiple operations on a file . SCP is basically used on linux platform whereas SFTP is used in a wide range of platform , when you want to upload a less number of file (something around 2 or 3) SCP is better as there is no use of setting up an SFTP connection for just a few files as for what I have discovered is that the SFTP is not easy to setup…
So … the question that you must be asking is … how do u set up an SSH server to put it to use ?
In LINUX SSH is basically a linux command only so there is no problem setting up an SSH server on linux , its just a matter of installing a package called SSH secured package or SSHD . You can get this from Ubuntu Software centre or typing a command ‘apt-get install sshd’ or “apt-get install ssh server”.
After this in the terminal…type the following command to execute a connection between the two pc’s:
>>>ssh username @ipaddress (here username refers to the name of the user in whose profile you want to log in and ip address refers to the ipaddress of the remote machine you can get this by doing ifconfig in the terminal of that machine)
On WINDOWS, one way is that you can install CYGWIN on your windows machine . The cygwin control is a kind of UNIX based terminal in which everyone can use the linux based commands like man , ls , grep , etc . on the cygwin console (though some commands are different) . There-on , it works like a terminal and allows you to set-up your SSH server using the same set of instructions as used above in windows.
Once the server is set up , you can use the scp command to transfer files . But before we go any further , let us understand about SCP . SCP is basically a short form for Secure Copy . As the name suggests , it is a way in which you can securely copy files across networks over SSH servers so that many people can access it on other networks .
Doing SCP in linux is extremely easy thing, this was also done as a part of our mid-sem examination so for the beginners here’s a walkthrough…:
1. Open terminal on your machine .
2. Then type in the following easy command :
scp (full path of the file starting from the root directory) username @ipaddress and you will be prompted for a password …enter the password and the transfer status will appear on your screen)
You can do this by a simple and easy to use sotware called winSCP and is very easily available online.
Here’s a tutorial for winSCP
***this can be used both for ssh and scp so do not get confused with what is written on another blog…
1. Run the winSCP application…following window would appear…this is to basically create a session through which we can run scp
(if the following window doesn’t appear then you must have installed PuTTy which has stored sessions for transmission)

 1.       Enter the required stuff in the above window and hit enter

 Don’t mess  up with the above settings …these are kind-of default settings
1    2.      After all this click on stored sessions and … you are done …:

Just hit login and you will access into the other pc

I am not going to discuss PuTTY  here…as already , a  few of my classmates have written and explained about it…and I don’t want to indulge myself in PLAGIARISM 
Here’s another software called copSSH    which is like doing  open SSH in windows
Its extremely easy to use
 (WARNING: while installing you would be prompted for a username and a password  …enter the administrator’s password and  username else in all other cases it’ll create a new user directory)
Rest all is easy … go on entering the required passwords and usernames and your connection will be setup…
After that start PuTTy and do all the required steps explained in  other blogs…
Our blog doesn’t give a full technical explanation of all the stuff this is because we are the last one’s to explain SFTP and after seeing all those blogs, we made our blog based on what softwares are not covered and what mistakes have been committed in those blogs
Also, the blog is devoid of any visuals… I am extremely sorry for that, this is because my PICASA got screwed up and I couldn’t take any screenshots (and I don’t  know any other software)
And the visuals online were very confusing so…
if there’s any mistake , error or confusion  in our blog , we are happy to accept and sort the problem…
thanks a lot  for reading this…

Links referred:

Posted by:
Avi Kathpalia(2011034)
Siddharth Kundal( 2011111)

1 comment:

  1. File security is especially important for enterprises and large organizations. To see a comparison of ftp and some different options available, visit here: