Although SFTP can be used as a replacement for FTP, it is not based on it. SFTP makes it possible to interactively transfer file between computers over a secure and encrypted channel. It is designed to be a replacement of tunneling FTP over and SSH connection, which can be a complicated thing.
A normal user can copy all files he likes to his computer, where permissions allow. This means he can also cd to the filestem root (/) and go trough the complete system. If you would like to setup a SFTP server, where specified users only can enter a specified directory and his sub-directory’s. You will have to setup a SFTP server with Chroot.
If you have an SSHD listening, you can already access your computer through SFTP. By default the openSSH package comes with a SFTP client, which is will open a SFTP shell when invoked. eg:
In the default setup you will go to the home directory of this user on the remote host. If you type “help” you will get a list of commands which you can use. Some very basic bash commands are supported. (Like “ls” and “cd”).
More and more file manager support the SFTP protocol.
Doplhin supports SFTP