How to setup an SFTP server in Windows using OpenSSH - gHacks Tech News

How to set up an SFTP server in Windows using OpenSSH

Transferring data wireless over local network isn't something new, people have been doing that for a long time. You may be aware of what I'm talking about: an FTP connection. With an FTP client you can connect one device to another to transfer your data over a network.

But since the FTP protocol isn't safe in the first place you should consider ditching it in favor of something better.

For those unaware, a much better wireless transfer protocol exists and it's called SFTP. The S in SFTP, literally means secure. It encrypts the connection's login information and the data that is transferred. So nobody can tap in and tamper with the data transfer. FTP on the other hand is secure as anyone who gets to listen to the network traffic gets the information unprotected.

How to set up an SFTP server in Windows using OpenSSH

The good thing about SFTP is that you can use it for everything you used FTP for. So you get better security for free. What do you have to lose, right?

Now there's just one problem. Windows versions prior to Windows 10 don't come with SSH so you'll need to install OpenSSH (or something similar). This is an open source SSH implementation, and guess who recommends it? Microsoft. OpenSSH is included in Windows 10 and Windows Server 2019.

This tutorial is based on the original OpenSSH documentation. The official guide may look intimidating which is why we made one as user-friendly as possible. You can follow this method in any version of Windows, I tested in on Windows 7.

How to set up an SFTP server in Windows using OpenSSH

How to start openssh Windows services

This process consists of two parts: installing OpenSSH and opening an SSH port for SFTP to work.

Installing OpenSSH (and activating the required services)

  1. Download OpenSSH from GitHub.
  2. Extract the archive to the Program Files folder.
  3. Open PowerShell as an administrator, and paste the following command in the window, to navigate to the folder: cd "C:\Program Files\OpenSSH-Win64". 
  4. SSH requires two services to run, sshd and ssh-agent. To install these, paste the following command in the PowerShell window: powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1. You should see a message which says "sshd and ssh-agent services successfully installed".
  5. Close the PowerShell window.
  6. You can start the services manually or set them to open automatically, by using Services.msc. This will create the folder "C:\ProgramData\ssh" with your host key which is crucial for the service to work.

Note: The services are named OpenSSH Authentication Agent and OpenSSH SSH Server.

Opening the SSH port in the Windows Firewall manually

How to set up an SFTP port Windows firewall

  1.  SSH uses Port 22 for transfer/authentication, which is closed in Windows because SSH isn't included by default. To open it, open the Windows Firewall from the Control Panel.
  2. Click on Inbound Rules (in the left pane).
  3. In the right pane, click new rule, select Port and click on Next.
  4. Type the number 22, in the Specific local ports option, and click Next.
  5. Choose "Allow the Connection", click Next, and select "Private" for the network option.
  6. Give the rule a name. For e.g. SSH or OpenSSH.
  7. Click on Finish.

That's it, you're good to go.

Testing the SFTP server

Let's test if it works. You need an SFTP client to do this.. WinSCP is the one I use on Windows but you may use any other that supports SFTP, e.g. FileZilla, FTP Rush, or a file manager with SFTP support such as Altap Salamander.

For Android, you have many options; Total Commander and Ghost Commander have SFTP plugins, while some apps like Amaze File Manager or X-plore File Manager have the feature built-in.

Windows

Run WinSCP and select "SFTP" as the protocol. In the host name field, enter "localhost" (if you're testing the PC you installed OpenSSH on). You will need to enter your Windows username and password to allow the program to connect to the server. Hit save, and select login.

You'll see a pop-up window like the one below, which asks you if you trust the server you're trying to connect to. Since the server is your own computer, you can allow it. Basically this is the host key which authenticates the connection made by the device. You can use this to transfer content from one computer to another too.

Note: If your Windows user account does not have a password, you will need to use a public key to authenticate the SFTP server, which involves a separate process. You can create a different account on the system for SFTP access but may need to make files available outside of the user directory.

Android

Let's use Amaze File Manager which is open source. Tap the + button, and select "Cloud connection". Choose SCP/SFTP connection and a pop-up should appear. Find your computer's IP address using command prompt, and the command IP config. For e.g. my PC has the address 192.168.1.9

Enter it in the server field, leave the port number as 22, and enter your Windows username and password in the respective fields. It should connect to your computer, and you will be able to access all the content that can be accessed by the Windows account.

Closing Words

One of the main advantages of the operation is that you may access or transfer files over a network easily; this is not something that all users need and there are certainly other options to achieve the same goal depending on individual needs.

Now You: Have you set up SSH in the past or use it actively?

Summary
How to setup an SFTP server in Windows using OpenSSH
Article Name
How to setup an SFTP server in Windows using OpenSSH
Description
Let's show you how to set up an SFTP server in Windows using OpenSSH. It's free, secure and very convenient.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. Sunny said on July 29, 2019 at 5:33 pm
    Reply

    In the sentence “FTP on the other hand is secure as anyone who gets to listen to the network traffic gets the information unprotected.” the word “secure” should be “insecure”.

    I prefer to use a public key than entering my Windows account password in a Android app.

    I think some a explanation about keys and how to use them would be welcome.

    1. Tu said on July 29, 2019 at 6:33 pm
      Reply

      FTP with TLS/SSL ?
      Last time I tried SFTP my speed went from 50+MBs to 3

  2. alina said on July 29, 2019 at 9:33 pm
    Reply

    is it faster than SMB ?
    i use smb it basically takes 2 minute to setup

    1. Taomyn said on July 30, 2019 at 1:18 pm
      Reply

      Regardless of speed, you should never expose SMB outside of your network as it’s not very secure – that’s why SMBv1 was removed from any new Windows machines by default, and why SMBv2 is not far behind.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.