How to Setup SFTP on Windows?
Windows provides FTP support that can be enabled from the Features section. The default Windows FTP feature has two modes of operations. Simple Plain text FTP and FTPS. However, configuring FTPS on a firewall can be a complex task because it requires opening up multiple ports. SFTP is a secure way of accessing remote servers easily.
Cygwin is a popular tool that provides a functionality similar to Linux distribution on Windows. It was developed by Cygnus Solutions, which was later acquired by RedHat. Cygwin installation includes a DLL (cygwin1.dll) which provides most of the POSIX API functionality. We will be using Cygwin to setup SFTP on Windows server. So let’s get started with the installation.
1. Installing Cygwin
Download the setup and install Cygwin from https://www.cygwin.com/install.html.
Install “OpenSSH” (Select from the “Net” group) and vim packages in addition to the packages which are already selected by default for installation.
By default Cygwin installation DIR is set as C:\cygwin\.
2. Launch Cygwin
Open C:\cygwin\cygwin.bat and enter the command mentioned below:
[js]set CYGWIN=binmode ntsec[/js]
Run Cygwin.bat ss Administrator. This will generate the Administrator home directory and necessary file skeleton.
3. The following steps below needs to be executed once the Cygwin installation is done
On the Cygwin terminal, run the following commands given below:
[js]$ mkpasswd – –local > /etc/passwd
$ mkgroup – –local > /etc/group
/bin/mkpasswd -l –u >> /etc/passwd (for example, /bin/mkpasswd -l -u ttnd >> /etc/passwd)
[/js]
4. Setup OpenSSH-serve as Service
Run the below command to initiate ssh server configuration.
[js]$ ssh-host-config[/js]
The process will ask some configuration related question. For example:
[js]*** Query: Should privilege separation be used? <yes/no>: yes
*** Query: New local account ‘sshd’? <yes/no>: yes
*** Query: Do you want to install sshd as a service?
*** Query: <Say "no" if it is already installed as a service> <yes/no>: yes
*** Query: Enter the value of CYGWIN for the deamon: [] binmode ntsec
*** Query: Do you want to use a different name? (yes/no) yes/no
*** Query: Create new privileged user account ‘cyg_server’? (yes/no) yes
*** Query: Please enter the password:
*** Query: Renter:
[/js]
5. Configure your sshd configuration
The configuration is similar to Linux (/etc/sshd_config)
[js]$ vim /etc/sshd_config[/js]
6. Start/Stop the SSH server.
[js]$ net start sshd[/js]
Ensure that the port 22 is open. You don’t need to open additional ports as in the case of passive or FTPS setup.
Adding a new user as SFTP on an existing Cygwin installation.
Before adding a new user to Cygwin setup you need to create a user on Windows as usual. For the further process, it is advisable to login on your Windows server as Administrator and open Cygwin Terminal.
Now run following command:
[js]mkpasswd –local> /etc/temp ( Please do not override the existing /etc/passwd)[/js]
Open the /etc/temp file and copy the line which contains the new user config and append at the end of /etc/passwd.
The Home directory of the new user is mentioned in the line copied from /etc/temp file created above. You can modify home directory manually after copying the setting from temp file above to the /etc/passwd. You can even setup the key based authentication for any user similar to Linux systems as Cygwin provides most of the Linux functions.