Set up and verify SFTP using password authentication on clients and servers
- Windows 10 Pro
- Windows Server 2019
- Windows 7
- Windows Server 2012 R2
- 8.1p1 - Beta
※ Works in other versions, but is unconfirmed
This section provides step-by-step instructions for sftp communication between the client and the server. The easiest authentication method is to set up the password authentication.
- The client has an OpenSSH client installed.
- The server has an OpenSSH server installed
Prepare the SFTP server on the server side
Log in to the server with an account with administrative rights (administrators).
Enter the following command: (Can be the ssh command)
You can see that you can't connect because you haven't set up anything yet.
Create an SFTP account
Create an account to log in to with SFTP. The Windows account is treated as an SFTP login account.
Right-click the Start menu and select Computer Management.
Expand Local Users and Groups, right-click Users, and select New Users.
Enter your user name and password. The user name is the user name to log in to with SFTP. Case-insensitive.
You will sign in with public key authentication settings, but you do not need Admonistrators permissions. For remote environments, you should add Remote Desktop Users permissions.
SSH Port Open
Open port 22. You can do it with a command, but you can set it here using the GUI. From the Start menu, select the Windows Administration Tools folder ⇒ Windows Defender Firewall with Enhanced Security.
Right-click Inbound Rules and select New Rule.
Select Port and Next.
Select TCP and enter 22.
Select Allow connections.
Check Domain and Private. For servers on the Internet, check "Public" Set it according to your environment.
The name is fine, but make sure that you open the port for SSH (SFTP) and make it clear.
Added to the list.
Ssh service startup settings
You can also set it with a command, but you'll use the GUI to do it here. Right-click the Start menu and select Computer Management.
Select "Services and Applications" ⇒ "Services" and "OpenSSH SSH Server" from the central list. On the left side, you'll see the "Start Service" link, so click the link to start the SSH server.
Ssh is now available, but you have to start it manually again when you restart Windows. Make sure that the SSH server starts automatically. Double-click OpenSSH SSH Server.
Set the startup type to Automatic and click the OK button.
SSH login confirmation
Now that the service is up, try logging in. Start the command prompt or PowerShell and enter the following command: (<> parts should be replaced) (It can be the ssh command because it is a connection confirmation.)
Enter your password.
You will be able to log in because the display changes.
Try typing the dir command to see a list of folders. (It is a specification to garbitize)
SFTP sends and receives files to and from the server from the client side
Sign in to the client PC. To verify the transmission and reception of files, create a "C:\Temp" folder and place the "test.txt" file with the text entered. (If it is a Japanese file name, it will be an error in the transmission and reception, so leave it in alphanumeric characters.)
Start the command prompt or PowerShell.
Log in with SFTP with the following command: (<> parts should be replaced)
Enter your password and log in.
You can verify that you can log in with the pwd or dir commands.
Send the file with the put command.
If you look at the "C:\Users\sftptest" folder on the server side, you can see that the test.txt file has been sent.
Try get from the client.
get test.txt c:\temp\test2.txt
I was able to confirm that i was able to get the file.
You can verify that you can send and receive files on the client and server using SFTP. Because the contents of the communication are also encrypted, it is less likely to be intercepted by a third party.
However, we are doing password authentication as an authentication method this time, Security is a little weaker. Next time, I'd like to talk about public key authentication.