Set up and verify SFTP with password authentication on clients and servers
- Windows 10 Pro
- Windows Server 2019
- Windows 7
- Windows Server 2012 R2
- 8.1p1 - Beta
※ It works in other versions, but it is unconfirmed
This section describes the steps for sftp communication between the client and the server. The easiest way to authenticate is to authenticate your password, which is the easiest way to set it up.
Preparation in advance
- The client has an OpenSSH client installed
- The server has an OpenSSH server installed.
Prepare sftp servers on the server side
Log in to the server with an account with administrators.
Type the following command: (It can be the ssh command.)
You can see that you can't connect because you haven't set up anything yet.
Create a SFTP account
Create an account to log in with SFTP. The Windows account is treated as an SFTP login account.
Right-click on the Start menu and select Manage Your Computer.
Expand Local Users and Groups, right-click Users, and then select New Users.
Enter your user name and password. The user name is the user name to log in with SFTP. It is not case-sensitive.
You'll be signed in with public key authentication settings, but you don't need Admonistrators permissions. For remote environments, add remote desktop users permissions.
Port open for SSH
Open port 22. You can also use commands, but you'll use the GUI to set it up here. From the Start menu, in the Windows Management Tools folder⇒ choose Windows Defender Firewall with enhanced security.
Right-click Receive Rules and select New Rules.
Select Ports and Choose Next.
Select TCP and enter 22.
Select Allow connections.
Check "Domain" and "Private". In the case of a server on the Internet, check "Public", Please set it according to the environment.
The name can be anything, but make it easy to understand that you opened the port for SSH (SFTP).
Added to the list.
SSH service launch settings
You can also set it up with commands, but for now you'll use the GUI to set it up. Right-click on the Start menu and select Manage Your Computer.
Select Services ⇒ Services, and then openSSH SSH Server from the center list. You'll see the "Start Service" link on the left, so clicking the link will start the SSH server.
Now that SSH is available, you have to start windows manually when you restart it. Automatically starts the SSH server. Double-click OpenSSH SSH Server.
Set the startup type to Automatic and click the OK button.
SSH login verification
Now that the service is up, try logging in. Start the command prompt or PowerShell and type the following command: (Replace the <>) (It can be a ssh command because it is a connection confirmation)
Enter your password.
The display changes and you are able to log in.
If you enter the "dir" command as a trial, you can see a list of folders. (Garbled is a specification)
Send and receive files from the client side to the server via SFTP
Sign in to the client PC side. Create a "C:\Temp" folder to confirm that you want to send and receive files and place the "test.txt" file with text. (If it is a Japanese file name, it will be an error in sending and receiving, so leave it as alphanumeric)
Start the command prompt or PowerShell.
Log in with SFTP with the following command: (Replace the <>)
Enter your password and log in.
You can check that you are logged in with the pwd and dir commands.
Send the file with the put command.
If you look at the server-side C:\Users\sftptest folder, you can see that the test.txt file has been sent.
Try get from the client.
get test.txt c:\temp\test2.txt
I was able to confirm that the file was able to be obtained.
You can now verify that you can send and receive files on the client and server using SFTP. Since the contents of the communication are also encrypted, there is a low possibility that it will be intercepted by a third party.
However, we are doing password authentication as an authentication method this time, Because it becomes a little weak in terms of security Next time, I would like to talk about public key authentication.