Installing SFTP (SSH FTP) Server on Windows with OpenSSH

You can use the official OpenSSH bundle for Windows to simply arrange a safe file switch between the consumer and Windows server utilizing the SFTP (Secure FTP) protocol. In this text, we are going to present the way to use the Win32-OpenSSH to run an SFTP server on Windows 10 or Windows Server 2016 / 2012R2.

What is SFTP?

SFTP (Secure File Transfer Protocol, Secure FTP or SSH FTP) is the extension of SSH protocol, being a normal on the earth of UNIX/Linux techniques. From the consumer viewpoint, it’s much like FTP, however actually, it’s a utterly completely different protocol, having nothing in widespread with . Data are transferred between a consumer and a server by the SSH tunnel (TCP port 22).

The fundamental benefits of SFTP:

  1. Files and instructions are transferred inside a safe SSH session;
  2. One connection is used to ship each information and instructions;
  3. Symbolic hyperlinks, interrupt/resume switch, file delete capabilities, and many others. are supported;
  4. As a rule, in channels the place FTP is sluggish or failing, SFTP connection is quicker and extra dependable;
  5. Possibility of authenticate utilizing SSH keys.
Do not confuse SFTP and FTPS protocols. is actually only a easy FTP with an SSL certificates, and SFTP is the protocol to ship the FTP knowledge and instructions contained in the SSH session.

SFTP Implementation in Windows

Historically, Windows operation techniques don’t present any built-in instruments to run a safe SFTP server. For these goal, open-source or proprietary options, like Core FTP, FileZilla, CYGWIN, OpenSSH, FTP Shell, IPSwitch, and many others., have been used. However, a number of years in the past Microsoft launched its model of the OpenSSH port for Win32. This mission known as Win32-OpenSSH.

Let’s contemplate the configuration of the SFTP server operating Windows 10 or Windows Server 2019/2016/2012 R2 utilizing the Win32 OpenSSH bundle.

Installing Win32 OpenSSH on Windows 10 1803+/Windows Server 2019

In Windows 10 construct 1803 and newer and in Windows Server 2019, the OpenSSH bundle is already included within the working system within the type of Feature on Demand (FoD) like .

You can set up the OpenSSH server on Windows 10 and Windows Server 2019 utilizing the next EnergyShell cmdlet:

Add-WindowsCapability -Online -Name OpenSSH.Server*

Or utilizing DISM:
dism /Online /Add-Capability /

Also you’ll be able to add OpenSSH server from Windows 10 GUI (Settings -> Apps -> Optional Features -> Add a function -> Open SSH Server -> Install).

  • OpenSSH executables are situated within the listing: c:windowssystem32OpenSSH;
  • The sshd_config configuration file is situated within the listing: C:ProgramDatassh (this listing is created after the primary begin of the sshd service);
  • Log file: c:windowssystem32OpenSSHlogssshd.log;
  • The authorized_keys file and keys are saved in a listing: %USERPROFILE%.ssh.

Install Win32 OpenSSH on Windows Server 2016/2012 R2

In the earlier variations of Windows 10 and in Windows Server 2016/2012 R2, you could obtain and set up OpenSSH from the GitHub ( You must obtain a bundle model for Windows x64: (three,5 MB).

  1. Extract the archive to the goal listing: C:OpenSSH-Win;
  2. Start the elevated EnergyShell cli and swap to the OpenSSH folder:Cd C:OpenSSH-Win
  3. Add the trail to the OpenSSH listing to the Path setting variable (System Properties -> Advanced tab -> Environment Variables -> Select and edit the Path system variable -> Add the trail to the OpenSSH folder);
  4. Install the OpenSSH server: .install-sshd.ps1 (a inexperienced message ought to seem “sshd and ssh-agent providers efficiently put in”);
  5. Generate SSH keys for the server (wanted to begin the sshd service):
    ssh-keygen.exe –Assh-keygen: producing new host keys: RSA DSA ECDSA ED25519
  6. Enable autostart for the SSHD service and begin it utilizing the next EnergyShell service administration instructions:
    Set-Service -Name sshd -StartupType ‘Automatic’
    Start-Service sshd
  7. Restart your laptop:
  8. Use the EnergyShell to open TCP port 22 within the Windows Firewall for incoming SSH visitors:New-WebFirewallRule -Protocol TCP -NativePort 22 -Direction Inbound -Action Allow -ShowName SSH

    Note. The earlier command gained’t work in outdated dscktop Windows variations. In this case one other command is used:netsh advfirewall firewall add rule title='SSH Port' dir=in motion=permit protocol=TCP localport=22

  9. Open the SSHD configuration file (C:ProgramDataSSHsshd_config) in any textual content editor.  Find and examine the worth of the Subsystem sftp directive. The sftp-server.exe file must be specified right here.
You can moreover configure the next parameters within the sshd_config configuration file:

AllowTeams corpsftp_users # permit to hook up with OpenSSH just for customers on this domaan group

AuthenticationMethods password # allow password authentication (SSH keys can’t be used)
ForceCommand internal-sftp
ChrootDirectory C:inetpubwwwrootftpfolder #default listing for SFTP customers

Testing SFTP Connection Using WinSCP

Let’s attempt to hook up with the created SSH server utilizing the SFTP protocol. To do it, use a free WinSCP consumer.

In the connection configuration window, choose the SFTP because the file switch protocol, specify the server title and the credentials of the Windows account, which is used for connection (additionally it is potential to configure key authentication).

When you attempt to join for the primary time, the next notification of the host key not discovered within the native cache seems.

If every thing is configured accurately, a consumer would connect with the SFTP server and show the listing of information within the consumer residence listing (by default, it’s the listing with the consumer profile).

Using the acquainted file supervisor interface (like Total Commander), you’ll be able to copy information between the server and the consumer. Files are transferred utilizing the safe SFTP.

How to Uninstall Win32 OpenSSH?

To uninstall Win32 OpenSSH out of your system accurately:

  1. Run the elevated EnergyShell session;
  2. Stop the SSHD service:
    Stop-Service sshd
  3. Uninstall the sshd service: .uninstall-sshlsa.ps1
    sshd efficiently uninstalled
    ssh-agent efficiently uninstalled

Check Also

How to Use Native SSH Client in Windows 10?

The built-in SSH shopper appeared in Windows 10 and Windows Server 2019. Ssh.exe can be …

Leave a Reply

Your email address will not be published. Required fields are marked *