On Thu, Sep 03, 2009 at 11:26:57AM -0500, Derek Martin wrote: > The logging of individual file transfers arguably buys you very little > though, because the users are legitimate users who are authenticated. > This is generally quite a different situation from FTP installations, > where often the users are anonymous If I understand correctly, many people run an sftp service which is essentially an encrypted, NAT-capable version of anonymous FTP. They offer files (or file hosting space) to a large group of barely-trusted people, and want to limit or track abuse of the service. The encryption may be used to prevent spying upon the traffic by people outside the group. The ability of sftp to sit behind a NAT firewall (which FTP cannot do -- not with a straight NAT without special hacks) may be essential to many sites.