SFTP is a secure shell protocol used for transferring files and directories over the secure channel. By default, SFTP is installed in Linux operating system. Setting up an SFTP server on Windows is very difficult compared to the Linux system. You will need some third-party software to implement an SFTP server on Windows. This is the place where Cygwin comes into the picture. Cygwin allows you to run a UNIX shell on Windows.
Cygwin is a free and open-source tool that provides a Unix-like environment and toolset on the top of the Windows operating system. It consists of a Unix system emulation library, cygwin1.dll, and other free software applications organized into many optional packages. It helps developers to migrate applications from Linux to Windows operating system. Cygwin uses DLL to serves as a Linux emulator, and the toolsets provide a Linux environment.
Cygwin allows administrators to log in to a Windows system via SSH protocol and fix user problems. It makes it easier for developers to provide remote support for applications running on Windows operating system.
This post will show you how to set up an SFTP server using Cygwin on Windows Server.
Install Cygwin On Windows
First, you will need to download the latest version of Cygwin from their official website.
After downloading the Cygwin setup file, follow the below steps to install Cygwin on the Windows system.
Step 1 – Double click on the Cygwin setup file. You should see the following screen:
Step 2 – Click on the Next button. You will be asked to choose a download source as shown below:
Step 3 – Select Install from the Internet and click on the Next button. You will be asked to select the installation directory as shown below:
Step 4 – Provide the path of the Cygwin installation and click on the Next button. You will be asked to select Local Package Directory as shown below:
Step 5 – Click on the Next button. You will be asked to select your Internet connection as shown below:
Step 6 – Click on the Next button. You will be asked to choose a download site as shown below:
Step 7 – Choose your nearest site and click on the Next button. You will be asked to select a package as shown below:
Step 8 – Select the OpenSSH package and click on the Next button. You will be asked to review and confirm changes as shown below:
Step 9 – Click on the Next button. You will be asked to Create Icons as shown below:
Step 10 – Select your desired options and click on the Finish button to complete the installation.
After the installation, Cygwin creates a Linux like filesystem in the C: drive => cygwin64 directory as shown below:
Setup SFTP Server with Cygwin
At this point, Cygwin is installed in your Windows system. Next, you will need to create, launch the Cygwin, and set up an SFTP server.
Create Passwd and Group Files
First, right-click on the Cygwin Terminal and click on the run it as an Administrator to launch the Cygwin as shown below:
When you launch the Cygwin first time, it will create a home directory structure as shown below:
Next, you will need to create a passwd and group file inside /etc directory. Both files are critical because they store user account and group information.
On the Cygwin terminal, run the following command to create a group and passwd files:
mkgroup > /etc/group
mkpasswd -cl > /etc/passwd
Next, you will need to provide read/write permissions to passwd and group files. You can do it with the following command:
export CYGWIN=’ntsec tty’
chmod +rw /etc/group
chmod +rw /etc/passwd
chmod 0755 /var
At this point, both passwd and group files are created. You can now proceed to configure the SSH daemon.
Configure SSH Server
Next, you will need to configure the Cygwin SSH daemon to access the Windows system through SSH protocol.
Run the following command in the Cygwin terminal to configure SSH daemon:
You will be asked several questions as shown below to configure the SSH daemon:
After configuring the Cygwin SSH daemon, start the SSH service with the following command:
net start cygsshd
You should get the following output:
The CYGWIN cygsshd service is starting.
The CYGWIN cygsshd service was started successfully.
Create SFTP Users and Directories
First, you will need to create a user and home directory for SFTP. First, navigate to C: Drive => cygwin64 => home and build two guides named user1 and user2 as shown in the following screen:
Next, go to the Control Panel => Administrative Tools => Computer management => Local User and groups and create two users named user1 and user2 as shown below:
Next, you will need to add both user's details to Cygwin's passwd file.
Open the Cygwin terminal and run the mkpasswd command to add newly created users' details to the /etc/passwd file.
mkpasswd -cl > /etc/passwd
Next, set proper ownership to /home/user1 and /home/user2 directory:
chown -R user1 /home/user1
chown -R user2 /home/user2
Verify SFTP Connection from Localhost
At this point, Cygwin SFTP is installed and configured. Now, it's time to test it from the local system.
Open the Windows CMD and run the following command to test the SFTP connection:
You will be asked to provide a user1 password as shown below:
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is SHA256:b6Tr4vIS2pga9QsYHYPHjCYIP2d0TzA1/+DFsi0e1AM.
Are you sure you want to continue connecting (yes/no)?
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
Provide user1 password and hit Enter. Once you are connected to SFTP, you should see the following shell:
Connected to user1@localhost.
Configure Windows Firewall
Next, you will need to configure the Windows firewall and allow port 22 for the external network. Follow the below steps to configure the Firewall:
Step 1 – Open the Windows Defender Firewall with Advanced Security as shown below:
Step 2 – Click on New Rule. You should see the following screen:
Step 3 – Select Port and click on the Next button. You should see the following screen:
Step 4 – Select TCP, define port 22 and click on the Next button. You should see the following screen:
Step 5 – Select Allow the connection and click on the Next button. You should see the following screen:
Step 6 – Select all options and click on the Next button. You should see the following screen:
Step 7 – Specify the name and description of the firewall rule and click on the Finish button.
At this point, the Windows firewall is configured to allow incoming connection on port 22. Thus, you can now proceed to access the SFTP server from the remote machine.
Access SFTP Server from Linux System
This section will show you how to connect to the SFTP server from the Linux machine through CLI and GUI methods.
Access SFTP Server Using Linux Terminal
On the remote Linux machine, open the command-line terminal and run the following command to access the SFTP server:
You will be asked to enter user1 password as shown below:
The authenticity of host '184.108.40.206 (220.127.116.11)' can't be established.
ECDSA key fingerprint is 48:50:63:c5:a0:74:84:df:99:4b:2b:81:cd:db:ad:9f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '18.104.22.168' (ECDSA) to the list of known hosts.
Provide your password and hit Enter. Once you are connected to the SFTP server, you should see the SFTP shell in the following output:
Connected to 22.214.171.124.
Next, create some directories on the SFTP server using the following commands:
sftp> mkdir dir1
sftp> mkdir dir2
You can verify both directories using the following command:
sftp> ls -l
You should see both directories in the following output:
drwxr-xr-x 1 user1 None 0 Jul 30 11:05 dir1
drwxr-xr-x 1 user1 None 0 Jul 30 11:06 dir2
Access SFTP Server Using Linux GUI
This section will show you how to connect to the SFTP server from the Linux file manager.
On the Linux machine, open the file manager and type the SFTP URL as shown below:
You will be asked to provide SFTP user and password as shown below:
Provide SFTP username, password and click on the Connect button. Once you are connected to the SFTP server. You should see the Cygwin directory structure on the following screen:
Access SFTP Server from Windows System
You can also access the SFTP server from the Windows system using the WinSCP utility.
On the Windows system, launch the WinSCP utility. You should see the following screen:
Provide protocol details, IP address, Port, Username, Password and click on the Login button. Once you are connected to the SFTP server, you should see the following screen:
From here, you can download and upload any file and directory to and from the SFTP server.
Recommend SFTP Tools for Windows
There are a lot of tools available for setting up an SFTP server on Windows. However, I would recommend some best tools that are easy to implement and run on Windows.
SolarWinds provides a free SFTP tool for reliable and secure network file transfers. It allows you to push OS images and firmware and configuration updates, backup configuration files, and transfer files up to 4GB.
- Free, Powerful, Simple, and easy to use.
- It can be run as a service.
- Transfer files from multiple devices concurrently.
- Allows you to define a specific IP range for SFTP access.
Website Link: solarwinds.com/free-tools/free-sftp-server
Files.com provides a file-sharing solution for securely exchange files with external devices. It is a cloud-based platform that uses FTP and SFTP protocols.
- Supports active and passive mode FTP connections.
- Supports implicit FTP over TLS on ports 990 and 3990.
- Supports explicit FTP over TLS on ports 21 and 3021.
- Supports SSH File Transfer Protocol on ports 22 and 3022.
- Supports storing files in multiple geographic endpoints over a single FTP or SFTP connection.
7-day Free Trial: files.com/features/ftp-sftp-support
ExaVault is a cloud platform that offers storage space as well as file transfer services. Both transfer and storage systems are protected with encryption.
- Offers an SFTP server
- Provides an FTPS option for the file transfer server
- Compliance with HIPAA, GDPR, HIPAA, and PCI DSS
- User accounts and activity logging
- File sharing and mail-out link invites for external access
30-day Free Trial: https://www.exavault.com/order
In the above guide, you learned how to set up an SFTP server using Cygwin on a Windows server. Cygwin is a helpful tool that makes it easier to set up an SFTP server on a Windows system without using any third-party tools.
Creating an SFTP Server Using Cygwin FAQs
What is Cygwin?
Cygwin is an open-source software tool that provides a Unix-like environment on Windows systems. It allows users to run Unix commands and applications on a Windows platform.
What is SFTP?
SFTP (Secure File Transfer Protocol) is a secure file transfer protocol that uses SSH (Secure Shell) for authentication and encryption. It is commonly used for transferring files between computers on a network.
How can I create an SFTP server using Cygwin?
To create an SFTP server using Cygwin, you will need to install Cygwin and OpenSSH on your Windows system. You will also need to create user accounts and set up a directory for the files that will be transferred. Once these prerequisites are in place, you can configure the OpenSSH server to enable SFTP and specify the location of the directory to be used for file transfers.
What are the benefits of using SFTP?
SFTP provides a secure and encrypted method for transferring files between computers on a network. It is resistant to attacks like eavesdropping, tampering, and data interception. It is also a platform-independent protocol that can be used on a wide range of systems.
What are some best practices for securing an SFTP server?
Some best practices for securing an SFTP server include using strong passwords or SSH keys for user authentication, restricting access to the server to authorized users only, using encryption to protect data in transit, and regularly monitoring server logs for suspicious activity. It is also important to keep the SFTP server software up-to-date with security patches and updates.
Are there any commercial SFTP server solutions available?
Yes, there are many commercial SFTP server solutions available, including SolarWinds SFTP Server, Files.com, and Cerberus FTP Server. These solutions offer additional features and functionality beyond what is available with a DIY solution using Cygwin and OpenSSH, but they may come at a higher cost.