How To Setup A Secure FTP (SFTP) Site With OpenSSH on Windows

today I had to setup a secure FTP server on Windows Server 2003, and after researching for awhile on what software to use, I went for OpenSSH. I had in mind to go with FileZilla but after reviewing OpenSSH for windows I was drawn to it’s simplicity. so here is what you need to do to setup a SFTP server using OpenSSH for windows if you want to do it.

Stage 1

first, download the software from this link http://sshwindows.sourceforge.net/download/  you should download the binary installer. after you download the software, click on the executable file to launch the program:

openssh setup

the installation wizard should come  up:

openssh wizard

click on Next.

accept the license agreement:

openssh license

install the Client and Server on the following screen:

client and server install

click on Next.

select the destination path:

destination path

click on Next and then Install.

at this stage now the software should be installed on your server. so far, so good.

stage 2

from your server computer Management Console create a user, and a group. add the user to the group.

this is my setup:

user:

image

Group:

image

and remember to add the user to this group, so it should look like this:

image

Stage 3

now create a directory you want your sftp users to access. I created my on the following path:

C:sftpsftp

make sure the OpenSSH service is not running under services. if it is, stop it, otherwise leave it stopped.

image

go to RUN and type Regedit and click OK.

navigate to the following registry folder: HKEY_LOCAL_MACHINESOFTWARECygnus SolutionsCygwin expand the Mounts v2 folder, and click on /home right click the native file, and click on modify, and add the path of the directory you want your users to have access to. mine is C:sftpsftp:

image

get out of the registry.

are you still following the tutorial? good, we are almost there!

stage 4

make sure a file named group and passwrd are located at the following location:

C:Program FilesOpenSSHetc:

if they are not, create them. don’t put any extension on them.

it should look like this:

image

now, click on RUN and type CMD and then OK.

type the following command on the command prompt:

cd C:Program FilesOpenSSHbin

once you switch to the BIN directory type the following commands:

mkgroup -l >> ..etcgroup

and then:

mkpasswd -l -u username >> ..etcpasswd

on the username option, add the username we created above.

this is how my screen look like:

image

now is time to turn on the server.

still from the command prompt, execute the following command:

net start opensshd

as I told you, I like OpenSSH simplicity, don’t you? after you go through the steps you realize it is very simple to setup.

 well,now the server should be running, and ready to connect to. on the next post I will configure the client to connect to this server. till then now.