>But just setting up a VPN doesn't mean you're using SFTP does it?
>
Definitely not! What it does do is allow you to limit the scope of FTP sites you will permit at your data to those that fall within your manged subnet, making it more difficult for an outside attack to take place, and assures that the stream is encrypted end-to-end, including the FTP negotiation, at the strength of the VPN encryption being used by the organization rather than the level as implemented in SFTP. You could further strengthen the security of the VPN FTP link by running SFTP within the VPN environment.
VPN has the advantage of hiding the actual protocol of the stream exchanged and adding a layer of security to the stream data, whether or not that stream is in and of itself a secured stream.
Given the successful crack of the 64 bit RSA public key mechanism last month by a distributed brute-force attack, I'm all in favor of limiting where the attack can originate as well as encrypt the stream I'm moving. Our organization uses a hardware IK implementation that's difficult to get around, and in addition, some of our VPN connectivity is further limited to a set of know MAC addresses associated with certain users with enhanced privileges.
>
>
http://www.tiem.utk.edu/cgi-bin/man.cgi?section=1&topic=sftp>sftp is an interactive file transfer program, similar to ftp(1), which performs all operations over an encrypted ssh(1) transport. It may also use many features of ssh, such as public key authentication and compression. sftp connects and logs into the specified host, then enters an interactive command mode.
>
>
>
http://kb.indiana.edu/data/akqg.html>What is SFTP, and how do I use it?
>SFTP, or secure FTP, is a program that uses SSH to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing passwords and sensitive information from being transmitted in the clear over the network. It is functionally similar to FTP, but because it uses a different protocol, you can't use a standard FTP client to talk to an SFTP server, nor can you connect to an FTP server with a client that supports only SFTP.
>
>
>
http://www.weonlydo.com/index.asp?showform=SFTP>wodSFTPdll is tested and works great with all OpenSSH versions, as well as SSH (from SSH Communications Security Corp.) which are most common on today's servers, but has been also tested on others too. Different server implementations handle some sftp features differently (for example, some add / to the end of each directory name) but wodSFTPdll has no problems with those. If there is a problem - we will fix it or add certain feature on your request.
>
>
>
http://tucows.rmplc.co.uk/preview/217252.html>This supports secure terminal emulation and encrypted file transfers with SSH1 and SSH2 servers. When this connects to a server, it will automatically determine whether that server is compatible with either the SFTP (Secure FTP) or the SCP (Secure Copy Program) protocol. SecEx also has built-in safeguards to protect against IP and DNS spoofing, which provides added security when you are connecting to a server.
>This has a clean, multi-paned graphical interface that makes it easy to navigate through the files and folders on a server. If you want to access the server using a terminal, this can also open a secure command prompt or a secure X-11 terminal for you.
>
>Downloads for: Windows 95/98, Windows NT, Windows 2k, Windows ME
