How to Install an SFTP Server on Windows Server – Tech2Tech

2023-05-11 12:54:49

In this article we will see together how to install an sftp server on windows server. I will use Windows Server 2022 here but you can do the same on previous versions. Here we will use the open source software OpenSSH to perform this task.

Why use an SFTP server?

An SFTP server is a secure and reliable way to transfer files between different systems. It may be useful when you want to share data securely over the network.

Prerequisites

Before starting the installation, make sure you have:

  1. A Windows Server with administrator access.
  2. An Internet connection to download the necessary installation files.

Step 1: Download and Install OpenSSH

Downloading OpenSSH

Several methods for downloading and installing OpenSSH. If your server does not have internet, you can download OpenSSH from the link below. However, if your server has internet, you can perform the method a little further.

Installation d’OpenSSH

If your server has internet, two methods to install OpenSSH, either via the following powershell command:

Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

Either directly from the Windows settings:

  1. From the Windows settings, click on “Applications”.
  2. Select “Optional Features”.
  3. Then click on “Add a feature”.
  4. In the search box, type “SSH”, then select “OpenSSH Server” and click “Install”.
  5. The installation will take a few seconds.

Now that the OpenSSH server is installed. We can talk regarding the configuration.

SFTP configuration with OpenSSH Server.

Now that OpenSSH Server is installed, a new service is available. However, by default, it is not started and not automatic either.

This means that it will not be started automatically with Windows. In my case, I want to start the service and have it start automatically with Windows. We can do this directly from the service itself or via powershell using the following commands: 

Set-Service -Name sshd -StartupType 'Automatic'
Start-Service sshd

Since we are under Powershell, take the opportunity to also open port 22, the default port for SSH and therefore for our SFTP. Be careful, if you want to run your SFTP server on another port, then adapt the command. Here we open port 22 on the Windows firewall: 

New-NetFirewallRule -Protocol TCP -LocalPort 22 -Direction Inbound -Action Allow -DisplayName SSH

Now that our OpenSSH server is started and authorized on the firewall, we will configure it according to our needs. For this, everything happens on the file sshd_config available in the following folder: C:ProgramDatassh

Edit file sshd_config with your favorite editor. In my case, notepad++.

Here we will see together the main parameters that you may be able to modify.

port change

#Port 22: Here, you can uncomment this line to change the default port to the one you want (then adapt your firewall configuration accordingly)

Connection authorization

There are several methods to authorize a connection on your server. In my case, I use a group dedicated to SFTP, so all users of this group can connect to it. So I add the following line to the configuration file: 

AllowGroups domainsftp_users

Change default folder

The default folder is the root folder of the user profile, if this is not your wish, then you can completely change this folder via the following command: 

ChrootDirectory C:SFTP

If you prefer to make a specific folder per user, it is also possible to add the following lines: 

Match User utilisateur1
ChrootDirectory c:SFTPutilisateur1
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no

Match User utilisateur2
ChrootDirectory c:SFTPutilisateur2
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no

Remove root/administrator access

If you want to remove access to the local administrator group as a security measure, you must comment out the following lines (at the end of the configuration file): 

#Match Group administrators
#      AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys

then add the following line: 

DenyGroups administrateurs

Once your configuration is complete, save the file then restart the openSSH server service so that the configuration file is read once more and applied. You can do this from the services manager or via powershell using the following command: 

Restart-Service "sshd"

And There you go ! You now know how to configure an SFTP server on Windows. You can test this with any SFTP client.

1683830752
#Install #SFTP #Server #Windows #Server #Tech2Tech

Leave a Replay

Recent Posts

Table of Contents

Tags
Belgium Boursorama Brazil car charm Xi'an cojp Crime daily Donald Trump Entertainment news fashion football Gaza General News gold price Hamas health Indonesia israel Lifestyle Malayalam Manchester United meeting Mobile game Mode News News Translated into Japanese offers OPEC Budget pakistan Palestine Politics Russia Saudi women soccer Sports News stock exchanges trackers Translated News Ukraine weather Weather forecast World Xi'an Daily Official Website Xi'an News Network

© 2024 All rights reserved