How to setup SFTP with Open SSH in Windows

2:02 PM

Installation and configuration of SFTP on Windows using OpenSSH software 
The setup requirements are as follows:
  1. Users should have full rights on their sftp home directory but not allowed to access other data or server data.
  2. Each user should be able to logon directly into their respective sftp home directory. 
This article describes steps to achieve above setup requirements. We can divide the complete process in following three steps: 
  1. OpenSSH software installation and configuration.
  2. Rights assignment on folders for users to achieve security.
  3. Create and configure user. 
  4. Change the default home dir
Step 1: Install OpenSSH
  1. Download OpenSSH for Windows v3.8.1p1-1. This is the direct download link
  2. Unzip the archive and then run the installer setupssh.exe
  3. Change the installation location to "C:\OpenSSH" instead of program files to avoid spaces in directory names
  4. Use the default settings as shown on the screen-shot below
  5. Done with the installation. However, the SSH server's passwd file must be configured before use.
Step 2: Configure OpenSSH
  1. On your computer, click Start-> Run-> Type in "cmd" (without quotes), and then hit the OK button.
  2. In the command window, cd to the "OpenSSH\bin" folder.
  3. (Optional step) OpenSSH uses port 22 by default. If for some reason you need to use another port, you can change the port assignment for OpenSSH to prevent port conflicts. In the command window, cd to "OpenSSH\etc\sshd_config" and change the following line (approx line 13 in the file - a text editor can also be used):
Port 22
to:
Port 5704
(note that "#" needs to be removed to change the port assignment. Any other unused port other than 5704 is also OK)
Save the file
  1. Enter the following in the command window. In the following commands, -l indicates local and -d indicates domain. Press Enter after each line; don't include quotes:
    1. "mkgroup -l >> ..\etc\group"### Creates a group file for local user accounts
    2. "mkpasswd -l  >> ..\etc\passwd"### Adds a local authorized user to passwd file for local user accounts.
  2. Enter net start opensshd to start the SSH server. It's installed as a service, so in the future, the server will automatically start each time the computer boots.
Step 3: Changing the Home Directory outside the default directory on the SSH Server
To place users outside the default directory for their Windows profile, you need to change the directory that (/home) corresponds to by editing the value of the "native" key in the registry under (HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/home). The value of "native" corresponds to the (/home) directory in the passwd file. For instance, if the "native" entry is changed to C:\Users, then all users will be placed under separate folders in that directory — e.g., C:\Users\username1, C:\Users\username2, etc. If you then change each user (/home/username) in the passwd file to just (/home), this puts those users under C:\Users. If you have a subdirectory such as "C:\Users\OpenSSH", you can place users there by changing the entries in the passwd file to (/home/OpenSSH).
For windows 64bit us the following registry path ( HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Cygnus Solutions\Cygwin\mounts v2\/home

You Might Also Like

0 comments

Contact Form

Name

Email *

Message *

Translate

Wikipedia

Search results