Set up and verify SFTP using password authentication on clients and servers

Page updated :

Environment

Windows
  • Windows 10 Pro
  • Windows Server 2019
  • Windows 7
  • Windows Server 2012 R2
Openssh
  • 7.7p1
  • 8.1p1 - Beta

※ Works in other versions, but is unconfirmed

At first

This section provides step-by-step instructions for sftp communication between the client and the server. The easiest authentication method is to set up the password authentication.

Pre-preparation

  • The client has an OpenSSH client installed.
  • The server has an OpenSSH server installed

Prepare the SFTP server on the server side

Log in to the server with an account with administrative rights (administrators).

Start PowerShell.

image

Enter the following command: (Can be the ssh command)

sftp localhost

You can see that you can't connect because you haven't set up anything yet.

image

Create an SFTP account

Create an account to log in to with SFTP. The Windows account is treated as an SFTP login account.

Right-click the Start menu and select Computer Management.

image

Expand Local Users and Groups, right-click Users, and select New Users.

image

Enter your user name and password. The user name is the user name to log in to with SFTP. Case-insensitive.

image

You will sign in with public key authentication settings, but you do not need Admonistrators permissions. For remote environments, you should add Remote Desktop Users permissions.

SSH Port Open

Open port 22. You can do it with a command, but you can set it here using the GUI. From the Start menu, select the Windows Administration Tools folder ⇒ Windows Defender Firewall with Enhanced Security.

image

Right-click Inbound Rules and select New Rule.

image

Select Port and Next.

image

Select TCP and enter 22.

image

Select Allow connections.

image

Check Domain and Private. For servers on the Internet, check "Public" Set it according to your environment.

image

The name is fine, but make sure that you open the port for SSH (SFTP) and make it clear.

image

Added to the list.

image

Ssh service startup settings

You can also set it with a command, but you'll use the GUI to do it here. Right-click the Start menu and select Computer Management.

image

Select "Services and Applications" ⇒ "Services" and "OpenSSH SSH Server" from the central list. On the left side, you'll see the "Start Service" link, so click the link to start the SSH server.

image

Ssh is now available, but you have to start it manually again when you restart Windows. Make sure that the SSH server starts automatically. Double-click OpenSSH SSH Server.

image

Set the startup type to Automatic and click the OK button.

image

SSH login confirmation

Now that the service is up, try logging in. Start the command prompt or PowerShell and enter the following command: (<> parts should be replaced) (It can be the ssh command because it is a connection confirmation.)

sftp <ユーザー名>@localhost

image

Enter yes.

image

Enter your password.

image

You will be able to log in because the display changes.

image

Try typing the dir command to see a list of folders. (It is a specification to garbitize)

image

SFTP sends and receives files to and from the server from the client side

Sign in to the client PC. To verify the transmission and reception of files, create a "C:\Temp" folder and place the "test.txt" file with the text entered. (If it is a Japanese file name, it will be an error in the transmission and reception, so leave it in alphanumeric characters.)

image

Start the command prompt or PowerShell.

image

Log in with SFTP with the following command: (<> parts should be replaced)

sftp <ユーザー名>@<サーバー名>

Type yes.

image

Enter your password and log in.

image

You can verify that you can log in with the pwd or dir commands.

image

Send the file with the put command.

put c:\temp\test.txt

image

If you look at the "C:\Users\sftptest" folder on the server side, you can see that the test.txt file has been sent.

image

Try get from the client.

get test.txt c:\temp\test2.txt

image

I was able to confirm that i was able to get the file.

image

Summary

You can verify that you can send and receive files on the client and server using SFTP. Because the contents of the communication are also encrypted, it is less likely to be intercepted by a third party.

However, we are doing password authentication as an authentication method this time, Security is a little weaker. Next time, I'd like to talk about public key authentication.