Home » FTP » What is the difference between active and passive ftp

What is the difference between active and passive ftp

Active and passive ftp are the two modes which are generally used by any FTP server. FTP uses two channels between client and server, the command channel and the data channel, which are separate TCP connections. The command channel is for commands and responses, the data channel is for transferring files.

1. Active mode provide the more security, But in passive mode it does not have.
2. Active FTP may cause problems because of firewall, But passive does not have connection issues from firealls.
3. In active mode client established the command channel from client random port to server 21 port and the server established the data channel from server port 20 to client random port, But in passive FTP both the connections are established by the client.

The following diagrams may useful to understand the main difference.
Command chanell and Data chanell

Active mode FTP with Firewall
server will establish connection to client-side a random port. So may be possible, that port wouldn’t be one of those predefined ports. As a result, the connection will be blocked by the firewall and no connection will be established.

Passive FTP with firewall
In this particular scenario, a passive configuration will not pose a problem. That’s because the client will be the one initiating the connection, due to this a client-side firewall won’t have any issue with passive connection.


In other word In active FTP mode, the FTP client application establish the connection from a random unprivileged (port that are higher than 1023 called unprivileged port) port. it say X is the FTP server’s command port, port 21. After that, the ftp client starts listening to port X+1 and submit the FTP command PORT X+1 to the FTP server. The server will then establish connection back to the client’s updated data port from its local data port, which is port 20.

In passive mode FTP, the FTP client establish both connections to the server. When opening an FTP connection, the client opens 2 (two) random unprivileged ports.


I am founder and webmaster of www.linuxpcfix.com and working as a Sr. Linux Administrator (Expertise on Linux/Unix & Cloud Server) and have been in the industry from last 7 years.

Leave a Reply

Your email address will not be published. Required fields are marked *


Time limit is exhausted. Please reload the CAPTCHA.

Categorized Tag Cloud