How to Set Up a Windows SFTP Server: A Step-by-Step Guide

Setting up a Windows Sftp Server enhances your file transfer security, providing a robust alternative to traditional FTP. SFTP, or SSH File Transfer Protocol, encrypts your data, protecting sensitive information during transfer. This guide will walk you through the process of enabling SFTP on Windows Server, ensuring a secure and reliable file sharing environment.

To begin, you’ll need to install the OpenSSH server, which is the foundation for SFTP functionality on Windows. Follow these straightforward steps to get started:

1. Navigate to Windows Settings by clicking on the Start Menu and selecting the gear icon.

2. In the Settings panel, click on Apps.

3. Within the Apps menu, find and click on “Optional features”. This section allows you to manage and add optional Windows features.

4. In the “Optional features” settings, look for “OpenSSH Server” in the list of installed features.

   If OpenSSH Server is already listed, it is likely already installed, and you can proceed to the configuration steps. If OpenSSH Server is not listed, you need to install it by clicking on the “Add a feature” button located at the top of the Optional features page. Search for “OpenSSH Server” and select it, then click “Install”. Windows will then download and install the OpenSSH Server on your system.

Once OpenSSH Server is installed, you might need to manually install the OpenSSH service to ensure it’s properly set up. Follow these steps if required:

1. Download OpenSSH: Obtain the latest version of OpenSSH for Windows from the official OpenSSH GitHub repository. Download the zip file corresponding to the latest release.
2. Extract the Archive: Once downloaded, extract the contents of the zip archive to the C:Program Files directory. This will create a folder named OpenSSH-Win64 (or similar, depending on the version).
3. Open PowerShell as Administrator: Search for “PowerShell” in the Start Menu, right-click on “Windows PowerShell”, and select “Run as administrator”.
4. Navigate to the OpenSSH Directory: In the Administrator PowerShell window, use the cd command to navigate to the extracted OpenSSH directory. Paste the following command and press Enter:

   cd "C:Program FilesOpenSSH-Win64"

5. Install SSH Services: Execute the installation script to install the sshd and ssh-agent services. Paste the following command into the PowerShell window and press Enter:

   powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1

   Upon successful installation, you should see a message confirming that “sshd and ssh-agent services successfully installed”.

6. Close PowerShell: You can now close the Administrator PowerShell window.

After installation, ensure the OpenSSH services are running.

1. Open the Services application. You can do this by searching for “Services” in the Start Menu or by running services.msc.
2. In the Services window, locate “OpenSSH SSH Server” and “OpenSSH Authentication Agent” in the list of services.
3. Start the Services: Right-click on “OpenSSH SSH Server” and select “Start”. Do the same for “OpenSSH Authentication Agent”.
4. Set to Automatic Startup (Optional but Recommended): To ensure the SFTP server starts automatically when your Windows Server boots, right-click on “OpenSSH SSH Server”, select “Properties”, and in the “Startup type” dropdown, choose “Automatic”. Repeat this for “OpenSSH Authentication Agent”.

Finally, you need to open the SSH port in the Windows Firewall to allow SFTP traffic to reach your server. By default, SSH uses port 22.

1. Search for “Windows Defender Firewall with Advanced Security” in the Start Menu and open it.
2. In the left pane, click on “Inbound Rules”.
3. In the right pane, click on “New Rule…”.
4. Select “Port” as the rule type and click “Next”.
5. Choose “TCP” and in the “Specific local ports” field, enter “22”. Click “Next”.
6. Select “Allow the connection” and click “Next”.
7. Choose the network profiles to which this rule applies (Domain, Private, and/or Public – select based on your server environment) and click “Next”.
8. Give the rule a name, such as “Allow SSH (SFTP)”, and optionally add a description. Click “Finish”.

To test your Windows SFTP server, you can use an SFTP client like WinSCP.

1. Download and install WinSCP if you don’t already have it.
2. Run WinSCP.
3. In the WinSCP login window, select “SFTP” as the File protocol.
4. Enter your Windows Server’s hostname or IP address in the “Hostname” field.
5. Enter your Windows username and password in the “Username” and “Password” fields.
6. Click “Login”.

If everything is configured correctly, WinSCP should connect to your Windows SFTP server, allowing you to securely transfer files.

By following these detailed steps, you can successfully set up a Windows SFTP server, enhancing the security and reliability of your file transfers. This setup ensures that your data is protected during transit, making it a valuable asset for secure data management on your Windows Server.