How to Install an SFTP Server on Windows Server – Tech2Tech

2023-05-11 12:54:49

In this article we will see together how to install an sftp server on windows server. I will use Windows Server 2022 here but you can do the same on previous versions. Here we will use the open source software OpenSSH to perform this task.

Why use an SFTP server?

An SFTP server is a secure and reliable way to transfer files between different systems. It may be useful when you want to share data securely over the network.

Prerequisites

Before starting the installation, make sure you have:

  1. A Windows Server with administrator access.
  2. An Internet connection to download the necessary installation files.

Step 1: Download and Install OpenSSH

Downloading OpenSSH

Several methods for downloading and installing OpenSSH. If your server does not have internet, you can download OpenSSH from the link below. However, if your server has internet, you can perform the method a little further.

Installation d’OpenSSH

If your server has internet, two methods to install OpenSSH, either via the following powershell command:

Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

Either directly from the Windows settings:

  1. From the Windows settings, click on “Applications”.
  2. Select “Optional Features”.
  3. Then click on “Add a feature”.
  4. In the search box, type “SSH”, then select “OpenSSH Server” and click “Install”.
  5. The installation will take a few seconds.

Now that the OpenSSH server is installed. We can talk about the configuration.

SFTP configuration with OpenSSH Server.

Now that OpenSSH Server is installed, a new service is available. However, by default, it is not started and not automatic either.

This means that it will not be started automatically with Windows. In my case, I want to start the service and have it start automatically with Windows. We can do this directly from the service itself or via powershell using the following commands: 

Set-Service -Name sshd -StartupType 'Automatic'
Start-Service sshd

Since we are under Powershell, take the opportunity to also open port 22, the default port for SSH and therefore for our SFTP. Be careful, if you want to run your SFTP server on another port, then adapt the command. Here we open port 22 on the Windows firewall: 

New-NetFirewallRule -Protocol TCP -LocalPort 22 -Direction Inbound -Action Allow -DisplayName SSH

Now that our OpenSSH server is started and authorized on the firewall, we will configure it according to our needs. For this, everything happens on the file sshd_config available in the following folder: C:ProgramDatassh

Edit file sshd_config with your favorite editor. In my case, notepad++.

Here we will see together the main parameters that you may be able to modify.

port change

#Port 22: Here, you can uncomment this line to change the default port to the one you want (then adapt your firewall configuration accordingly)

Connection authorization

There are several methods to authorize a connection on your server. In my case, I use a group dedicated to SFTP, so all users of this group can connect to it. So I add the following line to the configuration file: 

AllowGroups domainsftp_users

Change default folder

The default folder is the root folder of the user profile, if this is not your wish, then you can completely change this folder via the following command: 

ChrootDirectory C:SFTP

If you prefer to make a specific folder per user, it is also possible to add the following lines: 

Match User utilisateur1
ChrootDirectory c:SFTPutilisateur1
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no

Match User utilisateur2
ChrootDirectory c:SFTPutilisateur2
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no

Remove root/administrator access

If you want to remove access to the local administrator group as a security measure, you must comment out the following lines (at the end of the configuration file): 

#Match Group administrators
#      AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys

then add the following line: 

DenyGroups administrateurs

Once your configuration is complete, save the file then restart the openSSH server service so that the configuration file is read again and applied. You can do this from the services manager or via powershell using the following command: 

Restart-Service "sshd"

And There you go ! You now know how to configure an SFTP server on Windows. You can test this with any SFTP client.

1683830752
#Install #SFTP #Server #Windows #Server #Tech2Tech

Related posts:

Epic Games gives away 8 free games in the May Super Offers
The audio and video equipment involved in the hybrid experience
This is how I have watched Netflix for a whole year for less than what a month costs in Spain
This nasal spray was effective against the coronavirus in a clinical trial, and it is already on sal...
trip (round trip) to the Big Bang « Diario y Radio Universidad Chile
Experience Lightning-Fast Wi-Fi Speeds with the EFM ipTIME AX11000-6E Router
Diablo 4 Season 2 'Season of Blood' Leading the Way: Rumored First Major Expansion 'Lord of Hatred' ...
Samsung participates in the 27th Brazilian Congress of Ultrasonography SBUS, the largest event in th...

“National Tourism Rebounds Strongly Amid Global Crisis: A Look at Morocco’s Success Story”

Gas price at lowest point since 2021, energy bill possibly further down | Economy

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.