today I had to setup a secure FTP server on Windows Server 2003, and after researching for awhile on what software to use, I went for OpenSSH. I had in mind to go with FileZilla but after reviewing OpenSSH for windows I was drawn to it’s simplicity. so here is what you need to do to setup a SFTP server using OpenSSH for windows if you want to do it.
Stage 1
first, download the software from this link http://sshwindows.sourceforge.net/download/ you should download the binary installer. after you download the software, click on the executable file to launch the program:
the installation wizard should come up:
click on Next.
accept the license agreement:
install the Client and Server on the following screen:
click on Next.
select the destination path:
click on Next and then Install.
at this stage now the software should be installed on your server. so far, so good.
stage 2
from your server computer Management Console create a user, and a group. add the user to the group.
this is my setup:
user:
Group:
and remember to add the user to this group, so it should look like this:
Stage 3
now create a directory you want your sftp users to access. I created my on the following path:
C:\sftp\sftp
make sure the OpenSSH service is not running under services. if it is, stop it, otherwise leave it stopped.
go to RUN and type Regedit and click OK.
navigate to the following registry folder: HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin expand the Mounts v2 folder, and click on /home right click the native file, and click on modify, and add the path of the directory you want your users to have access to. mine is C:\sftp\sftp:
get out of the registry.
are you still following the tutorial? good, we are almost there!
stage 4
make sure a file named group and passwrd are located at the following location:
C:\Program Files\OpenSSH\etc:
if they are not, create them. don’t put any extension on them.
it should look like this:
now, click on RUN and type CMD and then OK.
type the following command on the command prompt:
cd C:\Program Files\OpenSSH\bin
once you switch to the BIN directory type the following commands:
mkgroup -l >> ..\etc\group
and then:
mkpasswd -l -u username >> ..\etc\passwd
on the username option, add the username we created above.
this is how my screen look like:
now is time to turn on the server.
still from the command prompt, execute the following command:
net start opensshd
as I told you, I like OpenSSH simplicity, don’t you? after you go through the steps you realize it is very simple to setup.
well,now the server should be running, and ready to connect to. on the next post I will configure the client to connect to this server. till then now.
Pingback: How to Connect to a SFTP site Using WinSCP
OpenSSH is no good. I followed exactly these procedures. I also followed the QuickStart.txt. Throws unexpected errors when started. Crap.
Hi there, open SSH works fine for me, in fact this is what we use in production for our secure FTP site… we use windows server 2003…. at what point does openssh give you error? what OS are you using?
I receive the following error “SFTP connection error – Invalid username or password reported by server”. Can you help??
have you made sure the username and password you’re using is correct? sometimes is easy to overlook things.
I am unable to see the sftp folder. I am able to see all other folders as shown in the snapshot. Plz help me out.
here i followed the same stepsmentioned above but i am getting error while starting the opensshd service in cmd in windows server 2008.The error is system error 5 access denied .and i also started the service in the services window but here the error is windows can’t start openssh server service in local computer…
So please help me …
I have not tested openSSH with Win2008 yet, so I don’t think I can be much of a help with your issue… are you trying to start the service with elevated permissions? is that Win2008 R2?
this is an excellent tutorial, and openssh works great. If you are not careful with the syntax creating the group and passwd files, the service will puke on startup.
Also make sure folder security is MODIFY specifying the group that was created in stage 2. He doesn’t say why he created it, but it should be for folder security. You can have multiple users access the server by specifying the root folder (C:\sftp) but create a folder per user beneath it. Remove inherited perms, remove USERS, leave Admins and System, and add the user.
Thank you for sharing, but when i am open the OPENSSH for windows web site some error is showing that is “the target”"of this Internet Shortcut is not valid.Go to the Internet Shortcut property sheet and make sure the target is correct”. Please help me in this error….
When i am trying to connect sftp server from client Winscp, it saying access denied. I have followed the same steps and just works fine all the steps, with out any error. any suggestion.
Hi guyz,
Do we have some means to automate the SFTP process using this tool.I would like to run a batch/shell script to do so. could you plz throw some light on this
Thanks
Harry