What is the difference between SFTP port 22 or port 990?

Solution 1:

SFTP (SSH File Transfer Protocol) is not the same as FTPS (FTP-SSL).

SFTP is intimately related to SSH, and has no relation, except in purpose and name, with FTP.

Contrast with FTPS, which is simply the FTP protocol with SSL.

The main difference is that SFTP only uses one stream, whereas FTPS, like FTP, uses at least two: a control stream, where the commands are issued, and another one for each data transfer.

Solution 2:

I think there's a glitch in the question itself:

• SFTP is a subsystem of SSH, and SSH by default listens on port 22
• FTPS by default runs on port 990, but that's not related to SFTP: in fact it is FTP over SSL

These are two distinct and completely different protocols.

SFTP (SSH File Transfer Protocol) only needs port 22 and no other port, therefore is very firewall friendly, and highly secure thanks to the encryption layer provided by the SSH connection.

FTPS is highly secure thanks to the encapsulation within a SSL channel, but it requires quite a few open ports to operate (990 for the control channel, 989 for the data channel, and a whole bunch of other ports if you need passive connections) and is therefore much less firewall friendly. But - in general - it tends to be a bit faster than SFTP.