Sftp

Set up and verify SFTP with password authentication on clients and servers

Page creation date :

environment

Windows
  • Windows 10 Pro
  • Windows Server 2019
  • Windows 7
  • Windows Server 2012 R2
OpenSSH
  • 7.7p1
  • 8.1p1 - Beta

※ It works in other versions, but it is unconfirmed

At first

This section describes the steps for sftp communication between the client and the server. The easiest way to authenticate is to authenticate your password, which is the easiest way to set it up.

Preparation in advance

  • The client has an OpenSSH client installed
  • The server has an OpenSSH server installed.

Prepare sftp servers on the server side

Log in to the server with an account with administrators.

Start PowerShell.

image

Type the following command: (It can be the ssh command.)

sftp localhost

You can see that you can't connect because you haven't set up anything yet.

image

Create a SFTP account

Create an account to log in with SFTP. The Windows account is treated as an SFTP login account.

Right-click on the Start menu and select Manage Your Computer.

image

Expand Local Users and Groups, right-click Users, and then select New Users.

image

Enter your user name and password. The user name is the user name to log in with SFTP. It is not case-sensitive.

image

You'll be signed in with public key authentication settings, but you don't need Admonistrators permissions. For remote environments, add remote desktop users permissions.

Port open for SSH

Open port 22. You can also use commands, but you'll use the GUI to set it up here. From the Start menu, in the Windows Management Tools folder⇒ choose Windows Defender Firewall with enhanced security.

image

Right-click Receive Rules and select New Rules.

image

Select Ports and Choose Next.

image

Select TCP and enter 22.

image

Select Allow connections.

image

Check "Domain" and "Private". In the case of a server on the Internet, check "Public", Please set it according to the environment.

image

The name can be anything, but make it easy to understand that you opened the port for SSH (SFTP).

image

Added to the list.

image

SSH service launch settings

You can also set it up with commands, but for now you'll use the GUI to set it up. Right-click on the Start menu and select Manage Your Computer.

image

Select Services ⇒ Services, and then openSSH SSH Server from the center list. You'll see the "Start Service" link on the left, so clicking the link will start the SSH server.

image

Now that SSH is available, you have to start windows manually when you restart it. Automatically starts the SSH server. Double-click OpenSSH SSH Server.

image

Set the startup type to Automatic and click the OK button.

image

SSH login verification

Now that the service is up, try logging in. Start the command prompt or PowerShell and type the following command: (Replace the <>) (It can be a ssh command because it is a connection confirmation)

sftp <ユーザー名>@localhost

image

Enter yes.

image

Enter your password.

image

The display changes and you are able to log in.

image

If you enter the "dir" command as a trial, you can see a list of folders. (Garbled is a specification)

image

Send and receive files from the client side to the server via SFTP

Sign in to the client PC side. Create a "C:\Temp" folder to confirm that you want to send and receive files and place the "test.txt" file with text. (If it is a Japanese file name, it will be an error in sending and receiving, so leave it as alphanumeric)

image

Start the command prompt or PowerShell.

image

Log in with SFTP with the following command: (Replace the <>)

sftp <ユーザー名>@<サーバー名>

Type yes.

image

Enter your password and log in.

image

You can check that you are logged in with the pwd and dir commands.

image

Send the file with the put command.

put c:\temp\test.txt

image

If you look at the server-side C:\Users\sftptest folder, you can see that the test.txt file has been sent.

image

Try get from the client.

get test.txt c:\temp\test2.txt

image

I was able to confirm that the file was able to be obtained.

image

Summary

You can now verify that you can send and receive files on the client and server using SFTP. Since the contents of the communication are also encrypted, there is a low possibility that it will be intercepted by a third party.

However, we are doing password authentication as an authentication method this time, Because it becomes a little weak in terms of security Next time, I would like to talk about public key authentication.

Set up an SFTP server on Windows by using OpenSSH
Set up and verify SFTP with public key authentication on clients and servers