File Transfer Ports: FTP (21), SFTP (22), SCP, rsync (873), NFS (2049)

File Transfer Protocol Ports

Multiple protocols exist for transferring files across networks, each with different security and feature tradeoffs.

FTP (Ports 20/21)

Port	Purpose
21	FTP control channel (commands)
20	FTP data channel (active mode)

FTP sends credentials and data in plain text. Avoid FTP in production. If FTP is required, use FTPS (FTP over TLS) on the same ports.

Active vs. Passive mode:

• Active mode: Server connects back to client on port 20 (problematic with firewalls/NAT)
• Passive mode: Client initiates both connections; server opens a random high port

SFTP / SCP (Port 22)

SFTP and SCP both use SSH (port 22) for encrypted file transfer:

• SFTP: Full-featured file transfer protocol with directory listing, resume support
• SCP: Simple copy command, being deprecated in favor of SFTP

# SFTP
sftp user@server:/remote/path/file.tar.gz ./local/

# SCP
scp user@server:/remote/file.txt ./local/

rsync (Port 873)

rsync efficiently synchronizes files by only transferring differences:

• Port 873: rsync daemon mode (unencrypted)
• Via SSH (port 22): Encrypted rsync (recommended)

# rsync over SSH (recommended)
rsync -avz -e ssh ./local/ user@server:/remote/

# rsync daemon mode (less secure)
rsync -avz rsync://server/module/ ./local/

NFS (Port 2049)

NFS (Network File System) shares directories across Unix/Linux systems:

• Port 2049: NFS server
• Port 111: RPCbind (portmapper for NFS)

NFSv4 uses only port 2049, simplifying firewall configuration compared to NFSv3.

TFTP (Port 69)

TFTP is a simple file transfer protocol with no authentication. Used primarily for:

• Network device firmware updates
• PXE boot (network booting)
• Diskless workstation configuration