Why SSH instead of FTP?

secure-filesWhen working on customer sites, we often get access to FTP, while most customers give a strange look when hearing about SSH: Isn't that something for the real nerds? What use has SSH for an average user? And why be so picky about SSH while FTP should do just fine, right? Here's the difference between SSH and FTP, and why you should care about it.

SSH is secure, FTP is not

To state the first (and obvious) difference between FTP and SSH: SSH stands for Secure Shell - meaning that it is secure. It uses encryption when building up a connection between the server and the client (you). FTP stands for File Transfer Protocol, and it doesn't contain an indication about security because it was designed in an age where security was not really important (about 30 or 40 years ago).

Security is an issue, because your username and password will be very easy to capture when sent unencrypted over the network (like with FTP). This not only makes it easy to compromise your FTP-account (and therefor your entire site), but these FTP-credentials might also corelate with other credentials you might use (email, other accounts, etcetera). Sending unencrypted data over any network is unwise to say the least.

So be smart: Don't use FTP, but use SFTP instead.

More control, thanks to a UNIX shell

SSH and FTP are not the same kind of tools. There's a subtool of SSH called SFTP that adds SSH-encryption to an FTP-like tool. But SSH (standing for Secure Shell) also offers a shell - a DOS-like command-screen which allows for entering strange characters.

Knowing what to type within a shell requires more knowledge, it requires UNIX (or Linux) experience. But when that knowledge is there, SSH gives much more abilities than FTP. For instance, let's say you want to move a Magento site from one webserver to another. With FTP, you will need to download each file to your computer, and then upload it to the other webserver. True, there's a more advanced version of FTP - called FXP - which allows you to transfer files directly from the first webserver to the second (without your computer being involved). But this still leaves you with the transfer of thousands of files. FTP-timeouts are bound to occur.

What you actually want is create a ZIP-file on the first webserver, transfer that ZIP-file to the new location and unpack it there. It's not part of the abilities of FTP, so with FTP you will also need some kind of hosting control panel (CPanel, DirectAdmin) to create ZIP-files in the first place. With SSH, the only thing you need is SSH - the zip-command is already part of that environment.

For a real Linux guru, SSH is a timesaver

While we help out customers with easy tasks using FTP, when doing more complex tasks, SSH is a must. For instance, when troubleshooting a server remotely, we might want to add debugging information to PHP-files, read logfiles, check file-permissions, transfer files easily from one location to another. A task that would take about 4 hours with FTP, might only take 1 hour with SSH.

If you have SSH in your hosting environment, learn to use it. Or if your developer asks for it, try to give it to him. It might save him a lot of time, and it might save you money because of that.