I’m dealing with an iPaaS vendor that offers an SFTP connector in the standard contract. FTPS, however, for some mysterious reason, deserves a premium charge. I’m dealing with a separate storage vendor in which it’s essentially the opposite… they don’t allow SFTP connections. What could explain this difference?
One way to transfer files is with FTP. This is how they did it in say the 90s. It works well but it's not encrypted.<p>At some point we put SSL on there and started calling it FTPS. The problem is SSL was sort of bolted on and it's a hassle to configure / works weird with different clients.<p>Around this same time ssh came into use. FTP ports are 20 and 21. SSH is 22. Usually terminal connections are sent over 22, encrypted. But you can also do a few other things. One is transfer files. The protocol is called SFTP (Secure File Transfer Protocol) and is unrelated to FTP or FTPS. It requires no configuration and works with your ssh credentials.<p>Into the 2000s it became less common to use FTPS because it was less secure and more difficult to configure than SSH/SFTP. Not terrible, lets say like 60% more difficult.<p>As we progressed further into recent years transferring files over ports like 22 or even 20 or 21 is less common. Usually apps have an api endpoint where you upload files on a webpage. That web page would be encrypted and in some ways might look like FTPS. In other cases it very well could be FTPS, or SFTP.<p>There are also various other similar file transfer protocols. This was from memory so some details / dates may be wrong.
My guess: The latter started with FTP in the past - FTPS is just wrapping that in TLS. The former doesn't, and for them an FTP servers is an "extra thing" that deserves premium charge they only added because some enterprise customer bugged them enough.