FTP over SSH on Windows

32,960 pts.
Tags:
FTP
FTP Over SSH
gene6
SSH
Windows Server
Has anyone ever set up a Windows server for FTP over SSH? The FTP server I use is Gene6 (hosts over 100 user accounts). If you have not used that particular FTP server application, which one do you use and why? Thanks!
ASKED: February 19, 2009  10:03 PM
UPDATED: February 20, 2009  6:39 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

You could use an SSH server, running on your Windows server to provide a Secure-FTP (SFTP) service. Google turns up several good descriptions on this, like this one:

http://www.digitalmediaminute.com/article/1487/setting-up-a-sftp-server-on-windows

I would recommend Van Dyke (http://www.vandyke.com) for one of many good commercial SSH server implementations for Windows. Open source alternatives include the SSHWindows project (http://sshwindows.sourceforge.net).

In any case, follow best practices for allowing access to your server, including:
- configure the SSH server to only allow the minimum access necessary, including restricting or disallowing interactive SSH command line access
- use distinct accounts for the fewest users possible, ideally an individual account per user
- use public key authentication where possible instead of username / passwords (requires out-of-band or secure distribution of the keys)
- enable SSH server logging and ensure your log monitoring tools are receiving events from the SSH server

Note this is an incomplete list, just off the top of my head.

Hopefully this helps.
Regards,
AP

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • petkoa
    Hi, it's quite tricky to set ssl/tls ftp - for the same reasons ftp is tricky for natting and firewalling: control channel, data channels on various ports, encryption of just control channel, but not data channels etc., etc... - but I believe you are aware of this. I'd agree with Edhacker, that most convenient way would be to set up ssh server instead of ftp server and use scp and sftp - there are some cool gui-clients for windows (winscp, sftp plugin for the Total Commander, etc.) If, however, your users insist on using their favorite ftp-clients, offer them ssh-tunneling option. You have again to set up ssh server on the ftp server host, and instruct users how to build and use ssh tunnels. Most ssh clients don't support ftp-tunneling - again because of "data channels" scheme, but some have "helpers" - just like in linux connection tracking. In fact, the only such client I have used is appgate's MindTerm. It is still alive, and if it's licensing is OK for you, your users are happy. Some years ago I had prepared presentation on this and some close topics, you can still can find it on: http://cose.math.bas.bg/CSE/M4/PAlovConnectivity.pdf pp. 19-20 deal with MindTerm setup for ftp tunneling. But anyway, ftp is outdated - better use scp/sftp. Good luck, Petko
    3,120 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following