Python FTP & SFTP Transfers — Core Concepts

Learn to automate file transfers in Python using ftplib and paramiko, with patterns for retries, integrity checks, and secure credential handling.

Why this matters in production

Automated file transfer is one of the oldest integration patterns in computing, and it is still everywhere. Banks exchange settlement files, logistics companies sync inventory feeds, and healthcare systems transfer records — often on fixed schedules via FTP or SFTP. When these transfers fail silently, downstream systems break. Understanding how Python handles these protocols lets you build reliable, auditable pipelines.

FTP vs SFTP vs FTPS

  • FTP (File Transfer Protocol) — Transfers files in plaintext. Built into Python’s standard library via ftplib. Still used in legacy systems but insecure for anything sensitive.
  • FTPS — FTP wrapped in TLS encryption. Supported via ftplib.FTP_TLS. Encrypts the connection but uses the same underlying protocol.
  • SFTP (SSH File Transfer Protocol) — A completely different protocol that runs over SSH. Encrypted by default. Python uses the paramiko library for this.

The naming is confusing: FTPS and SFTP sound similar but are fundamentally different protocols. SFTP is generally preferred for new projects because SSH infrastructure is already in place on most servers.

How FTP works in Python

Python’s ftplib is included in the standard library:

from ftplib import FTP

with FTP("ftp.example.com") as ftp:
    ftp.login("user", "password")
    ftp.cwd("/reports")

    # Download a file
    with open("report.csv", "wb") as f:
        ftp.retrbinary("RETR report.csv", f.write)

    # Upload a file
    with open("update.csv", "rb") as f:
        ftp.storbinary("STOR update.csv", f)

For encrypted FTP, switch to FTP_TLS and call prot_p() to protect the data channel.

How SFTP works in Python

SFTP requires paramiko, the most widely used SSH library for Python:

import paramiko

transport = paramiko.Transport(("sftp.example.com", 22))
transport.connect(username="user", password="password")
sftp = paramiko.SFTPClient.from_transport(transport)

# Download
sftp.get("/remote/report.csv", "local_report.csv")

# Upload
sftp.put("local_update.csv", "/remote/update.csv")

sftp.close()
transport.close()

For key-based authentication (which is more secure), load a private key instead of using a password.

Essential patterns

  • Retry logic — Network transfers fail. Wrap operations in retry loops with exponential backoff. Check file size after transfer to detect partial uploads.
  • Integrity verification — Compare checksums (MD5/SHA256) before and after transfer when the remote server supports it.
  • Atomic uploads — Upload to a temporary filename, then rename. This prevents downstream systems from reading partial files.
  • Directory listing — Use ftp.nlst() or sftp.listdir() to discover new files, then track what you have already processed.

Common misconception

Many developers assume SFTP is just “secure FTP” — the same protocol with encryption bolted on. It is not. SFTP runs over SSH and uses a completely different wire format. You cannot use ftplib for SFTP or paramiko for FTP. Choosing the wrong library for the protocol is a common source of connection errors.

When things go wrong

  • Connection refused — Check the port (FTP uses 21, SFTP uses 22) and firewall rules.
  • Passive mode errors — FTP passive mode (the default) requires the server to open data ports. Corporate firewalls often block these. Switch to active mode or use SFTP instead.
  • Encoding issues — Filenames with non-ASCII characters can cause problems, especially on older FTP servers. Specify encoding explicitly.
  • Timeouts on large files — Set socket timeouts and consider chunked transfer with progress callbacks.

One thing to remember: FTP and SFTP are plumbing — they move bytes between machines. Python gives you full control over that plumbing, but reliability comes from the patterns around the transfer (retries, checksums, atomic operations), not from the protocol itself.

pythonnetworkingfile-transfer

See Also

  • Python Dns Resolver Understand how Python translates website names into addresses, like a phone book for the entire internet.
  • Python Dpkt Packet Parsing Understand how Python reads and decodes captured network traffic, like opening envelopes to see what is inside each message.
  • Python Impacket Security Tools Understand how Python speaks the secret languages of Windows networks, helping security teams find weaknesses before attackers do.
  • Python Netconf Yang Understand how Python configures network devices automatically, like a remote control for every router and switch in your building.
  • Python Pcap Analysis Understand how Python reads recordings of network traffic, like playing back security camera footage to see what happened on your network.

Related Topics

ab-testing How tech companies run thousands of experiments at once to improve their products — the scientific method applied to everything from button colors to recommendation algorithms. 3 levels → activation-functions Why neural networks need these tiny mathematical functions — and how ReLU's simplicity accidentally made deep learning possible. 3 levels → ai-agents-architecture How AI systems go from answering questions to actually doing things — the design patterns that turn language models into autonomous agents that browse, code, and plan. 3 levels →