How SFTP protocol works — explained in details step by step

3 min readMar 12

Save this post in case you want to understand SFTP protocol quickly


SFTP (SSH File Transfer Protocol) is a secure file transfer protocol. It runs over the SSH protocol. you could also consider it a “file transfer feature” added over ssh, or “SFTP commands support” on top of ssh.


To understand SFTP quickly. you can download FileZilla and enable the trace to see what is happening.

Here choose 4-debug.

The next thing you can do is open this page and pick one of the servers to test.

Once you are ready, let’s start!

#1 Tcp Handshake

Before ssh starts, it needs a TCP handshake as well. to archive a reliable data stream.

#2 Identification string exchange

The first thing that happens after tcp handshake is identification string exchange. client and server need to know each other’s software and protocol versions are good to talk. the process looks like this below

To clearly see what’s happening, I put the Filezilla log at left side of the flow.

#3 Key Exchange

In this step, the client and server negotiate many algorithms: key exchange, data encryption, mac, and data compression.

The client sends a list of supported algorithms to the server to find the most secure possible standard algorithms to use during the session. here Filezilla only logged part of the process.

#4 Authentication


A channel which focusing on developer growth and self improvement