Setup SFTP server in Windows using OpenSSH with public key authentication, folder jailing
Вставка
- Опубліковано 28 лип 2024
- Blog post for this video - nagasudhir.blogspot.com/2022/...
Playlist URL - • Python FTP skills
Setup local FTP server and FTP client in Windows using IIS, Filezilla server and WinSCP - • Setup local FTP server...
Iterating through files inside a folder using the glob module in python - • Iterating through file...
Setup Python Development Environment - • Install python and VS ...
Table of contents - nagasudhir.blogspot.com/2020/...
Please subscribe, like and share this video
00:00 - Intro
00:17 - OpenSSH installation
02:39 - SFTP server automatic start up
03:45 - OpenSSH in newer Windows
04:46 - WinSCP as SFTP client
06:20 - Drawbacks of Password authentication
07:47 - Setup Public key authentication
07:56 - ssh-keygen for public-private key pair
09:56 - puttygen for public-private key pair
11:22 - public key in authorized_keys file
13:04 - authorized_keys file ACL setting
15:05 - sshd_config file
18:06 - WinSCP with Public key authentication
19:51 - Folder jailing implementation
22:13 - Conclusion
#sftp #sftp_server #openssh #dev #tutorial #learning #beginners #taming_python - Наука та технологія
Extremely resourceful video, not only you fully explained what to do but you also informed us what everything means. Amazing work and straight to the point.
Thanks a lot 👍
Very organized and import , please keep up the good work !!!
Amazing!!!! I was struggling to setup a sftp server for days then came across your video ...
Very detailed and clear steps👍🔥.
Thank you
Thanks a lot for the encouraging feedback👍
Great video - Explains in detail everything I needed to know - thank you!!
@@Rehees-e1i you are welcome 👍
A superb way of explaining and nice documentation illustrating each step, Thanks
I have been setting up my Sftp server for a week now and this video has come through I appreciate 🙏
Thanks for the encouraging feedback👍
Very well organized and right to the point exceptional !!!!
Thanks for the amazing feedback 👍
Very useful! Thanks for the detailed video.
Hi, thanks for the feedback 👍
Very thankful to you for the video and the blog...hatsoff to the efforts...really wanted to understand ftp setup and your resources were of great help...👍not just the video but also your method of stepwise explaination is too god...keep making such detailed videos...
Thanks a lot for your amazing feedback 👍
After watching a lot of others this one got me setup! Very detailed and the instruction guide helped a lot! I had confusion about what name for username but figured it out it's a user profile name on server.
Thanks a lot for the amazing feedback 👍🙏
Hey man, very detailed video, i'm planning to use this for a group project in class once i figure how to open my lab to the net, one step you forgot to mention and would seem trivial to someone who deals with this often : restart the openssh services after editing sshd_config, otherwise you're still allowing credentials with or without keys
Thank you
This helped me out so much! Thank you!!!!!
Thank you for the encouraging comments 🙏👍
Great Explanation!!! Thank you
You are welcome! I am glad that it helped you 👍
excellent. it covered all the points
Thanks a lot for your encouraging feedback 👍
Very clear steps and great documentation .. thankyou Sir
Thank you for the encouraging feedback👍
This was really good. Thank you!
You are welcome 👍
Thank you.....Full of Information.....Awesome.....
Thank you 😀🙏
Good Guy! Thank you! 😀
Your are welcome 👍
Thanks!
You are welcome 👍🙏
Thanks
👍
You are welcome👍
ZABARDAST ZINDABAD 👍
Dhanyavaad 🙏👍
Thank you so much!! Save one point! But, after change ssh_config file, you need to restart OpenSSH on Services
Yes
great video - only question I have about folder jailing is how can i setup multiple SFTP usernames to jail to different folders @learning software
Hi, it's really simple. Create a new windows user and setup SFTP and folder jailing.
Hope this helps, cheers 👍
Hi
When i tried to Change the access control list (ACL) of the authorized_keys file in SFTP server. Its showing me Failed processing 1 files. Can you please help me on this?
Hi,
If after following provided step and your are still not able to connect through a third party app then please upgrade the ftp client.
For me I was facing authentication error for Filezilla and WinScp client bot.
I upgrade to Filezilla 3.60.2 and for WinScp 5.21.3 and it worked.
🙂
Wow, thanks for sharing your insights. It might be useful for others, Cheers 👍
Please assist am getting server refused our key error , when i check server logs sshd: Connection closed by authenticating user user ::1 port 50962 [preauth] . am only ably to log through password auth only but it's refusing keys
Hi,
Thank you for the Video, that was an Awesome Explanation. Still, I am facing a server refused our key problem. could you please help me on that.
Hi, this can be due to some file permissions issues. Please see the SFTP server logs to know what went wrong.
Please see this video on how to see SFTP logs ua-cam.com/video/YZwUBqDJFlQ/v-deo.html
Hope this helps, cheers 👍
Hi, thanks a lot for that video that help me solved a "server refused our key" problem after searching for days ! I still have one issue that I cannot solve thgouh, folder jailing does not work...
Hi, thanks for such an awesome feedback. Please mail the sshd_config file to learningsoftwareskills@gmail.com so that can I check it
Hope this helps, Cheers👍
Great Vid. Thanks for posting. When I try to connect to the SFTP server I get this error from WINSCP - "Cannot initialize SFTP protocol. Is the host running an SFTP server?". Any ideas why?
I've also tried it in FileZilla and it does connect briefly, but then disconnects immediately with an error. Is there a second layer of authentication happening somewhere I've missed?
@@MrJaMKat hi, it is a good idea that you have tried with filezilla to check the connectivity. Even if filezilla is unable to connect, I think it might be due to some firewall stopping the traffic. If possible please analyse if firewall is stopping the traffic. Also please re-verify if you have setup the SFTP server correctly
Hope this helps, Cheers 👍
Hey, thanks a lot for tutorial but I’m unable to find sshd_config file under Program Data.. Its a client machine.. Can we create manually?
Hi the program data ssh folder should not be empty actually. Please check if the openssh server is running. Also please see the openssh server windows logs if possible
Followed all the steps correctly but I have this error when I try to connect in sftp : FATAL ERROR: No supported authentication methods available (server sent: publickey,keyboard-interactive)
The pub key is well added in C:\Users\\.ssh\authorized_keys file...
Hi, were you trying password authentication or public key authentication?
In case of password authentication, 'PasswordAuthentication yes' should be present in the sshd_config file of the server
I have configured SFTP server on my win 2022 OS...on same server I'm able to connect using localhost....but when I'm trying to connect from my laptop using public IP of server...I'm unable to connect SFTP....(I have allowed port 22 on server's security group)...can help me know what can be the reason?
Hi, most probably the request would not have been reaching the SFTP server due to some firewall policy issues. You can check the SFTP server logs if the request is reaching the SFTP server. I have made a video on how to see SFTP server logs at ua-cam.com/video/YZwUBqDJFlQ/v-deo.htmlsi=zQ3IHuTI-AkqIfgV
Hope this helps, cheers👍
Great video! Is it possible to make a setup SFTP server in Linux?
Hi, thanks for your encouraging feedback.
Setting up SFTP server in Linux is easier than in windows.
You can find some help in the following links
linuxconfig.org/how-to-setup-sftp-server-on-ubuntu-20-04-focal-fossa-linux
linuxhint.com/setup-sftp-server-ubuntu/
Please help i created a self signed certificate. and ftp as my file protocol. encryption: tls/ssh implicit encryption. however when connecting and and logging in passpharese for client certification. i always incounter error stating:: No connection could be made because the target machine actively refused it.
Connection failed.
Hi, this video is about SFTP but not FTP. Please make sure you are setting up SFTP and not FTP. In case of errors in SFTP server, you can see the SFTP logs in windows event viewer to debug the issue. I have also made a video on this at ua-cam.com/video/YZwUBqDJFlQ/v-deo.html
Hope this helps, cheers 👍
❤
🙏
Hi brother, one doubt folder jailing is available when you are installing from github but it is not available when we install from windows features right?
Hi, folder jailing should be available when using windows OS SFTP server also. Cheers 👍
I need some help with this. I follow the step but still having a problem
Hi, please see the blogpost for this video at nagasudhir.blogspot.com/2022/03/setup-sftp-server-and-sftp-client-in.html
You can drop a mail at learningsoftwareskills@gmail.com. I can try to help.
Hope this helps 👍
I followed the steps, but my server is refusing the private key provided by WinSCP. It's the same private key we generated on the server, correct? Like, I would just copy the private key from the server to the .ssh folder on my own laptop, and import that into WinSCP?
Yes you are right
@@learningsoftwareskills ok thanks.
how to configurate that to login using ssh putty ?
Hi, just like winscp you can configure putty for ssh. But in this video, we have configured sshd_config to accept only sftp connections and reject ssh connections.
Hope this helps, cheers 👍
I keep getting a server refused key error when i try to log in im not sure if the username is incorrect or the key file is not located im lost
Hi, just see the logs in windows event viewer. Expand the left menu items to find an Event facility named Operational under the OpenSSH menu. I have also created a blog on how to see openssh logs at nagasudhir.blogspot.com/2022/10/setup-logging-for-sftp-server-in-windows.html. Most probably it would be wrong access rights to the SFTP hosted folder.
Hope this helps, Cheers👍
After doing this, my OpenSSH service will not start and gets an error message of "Error 1067: The process terminated unexpectedly". It worked before I followed these steps. I uninstalled OpenSSH and reinstalled it, but that didn't help. Any suggestions?
Never mind, I figured it out. In the sshd_config file, I put in 2 "Match User" commands and the system did not seem to like that for some reason. Removing one of the commands fixed the issue.
pls help how to add more chroot directory for one user .
Hi, I think only one folder can be associated with one user
Will i be able to login this sftp server from a linux box?
Yes, you can. You just need an SFTP client in the linux machine
i dont know if you would get this but i am not getting the "Restrict user to a folder (also called folder jailing)" its not restricting client to a folder
Hi please mail me the sshd_config file to learningsoftwareskills@gmail.com so that we can take a look at the configuration...
@@learningsoftwareskills Hi have sent you the email. thank you
Public and private keys are created on sftp server or sftp client ?
Hi, public and private keys should be generated on the server and only client and server should know the private key, any other person should not have access to private key, cheers 👍
Is this 100% secured??? even accessing it on public ip?? please advice?
Hi, this is openssh. So I think it should be secure in public IP also. Make the ssh configuration proper and use public key authentication. It should be fine for public hosting. Also make sure that only SFTP is accessible and ssh access is restricted as shown in the video.
Hope this helps, cheers 👍
in the existing setup, What if I change the domain would it work?
Hi, if you want to specify a user say "abcd" of a domain say "domain1" in the sshd_config file, you can write something like "Match User domain1\abcd"
While connecting in WinSCP, you have to write the username as "abcd@domain1"
While connecting through the command line, you have to write "sftp abcd@domain1@hostip"
Further documentation can be found in the official OpenSSH github docs at github.com/PowerShell/Win32-OpenSSH/wiki/sshd_config
Hope this helps
I have also learned something new while trying to solve for this query
Cheers👍
@@learningsoftwareskills yeah, i was migrating domain on ssh server.. and dont have perfect strategy... Still searching the solution.. will try as you suggested.. thanks..
at 19:30 , after following all the menthods till adding the private key, when I try to connect , It says "Server refused our key". what should i do?
Hi, the most common cause of "server refused our key" is wrong permissions of the "authorized_keys" file. Please re-check it.
The issue can also be in syntax errors or invalid username in the sshd_config file.
Logs of SFTP server can also be seen to easily trace reason for the problem.
I have also created a video on SFTP server logging at ua-cam.com/video/YZwUBqDJFlQ/v-deo.html
Hope this helps, Cheers👍
@@learningsoftwareskills Thank you, sir, It helped.
@@user-go5ir8bs2u Hi, I am glad you resolved ur issue...👍
Please help , what did you do to resolve the error ?@@user-go5ir8bs2u
absolutely amazing video very helpful, but i am still having a little problem in jalling if u have a discord and can help me if u have time, no probs if u can't.
Hi, you can mail me at learningsoftwareskills@gmail.com
Cheers 👍
1. Can I use SFTP from another computer while someone else is using RDP?
2. Can more than one user SFTP into the same server at the same time?
Hi, you can use SFTP while someone else is using RDP, since both are independent.
More than one user can SFTP into the same server.
You can even create multiple user accounts and they can access SFTP server simultaneously. In fact, I have made a video on this topic at ua-cam.com/video/G0AE4MmRSJI/v-deo.html
Hope this helps, Cheers👍
@@learningsoftwareskills Sounds good. I've never tried to use a Windows Workstation as a server before and my experience is with UNIX where of course they could care less how many log in. Thanks!
Make sure your sshd_config file is identical to his. I had a line:
"# Match Group administrators
# AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys"
that broke things as I was trying to login as an admin user and the server was looking for the public key in that directory instead of User/.ssh. I just commented that out and it worked.
Hello. I am using password based authentication. While connecting via WinSCP i am getting this error - cannot initialize FTP protocol. Is the host running a SFP server ? But I can connect via putty. Any idea why WinSCP is not working ? Thanks.
Hi, you are trying to connect with ftp protocol instead of SFTP. While entering the connection details, change the drop-down to SFTP instead of FTP.
Hope this helps, Cheers 👍
@@learningsoftwareskills I am definitely using SFTP as the protocol.
@@paraskumar5663 hi, please check if the port is 22
@@learningsoftwareskills Port is 22. I can connect via putty.
@@paraskumar5663 hi, did you keep the host as localhost. Please send me an image of the SFTP settings to learningsoftwareskills@gmail.com. let me see if i can help
Cheers 👍
How are we able to remote access with this method?
Hi, the method in this video was about accessing a remote folder via sftp using openssh in windows. Remote access of the system would be via SSH but not SFTP
Hope this helps, Cheers 👍
But, openssh can also be used for remote access via SSH also. See this article for more details learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse?tabs=gui
Cheers 👍
Username needs to be host name?
Getting "server refused our key" message
Username is the username with which you login to the computer
You can see the usernames in the C:\Users folder
Hope this helps, cheers 👍
@@KavitaVashitha Hi, just see the logs in windows event viewer. Expand the left menu items to find an Event facility named Operational under the OpenSSH menu. I have also created a blog on how to see openssh logs at nagasudhir.blogspot.com/2022/10/setup-logging-for-sftp-server-in-windows.html. Most probably it would be wrong access rights to the SFTP hosted folder.
Hope this helps, Cheers👍
server refused our key
Hi, the most common cause of "server refused our key" is wrong permissions of the "authorized_keys" file. Please re-check it.
The issue can also be in syntax errors or invalid username in the sshd_config file.
Logs of SFTP server can also be seen to easily trace reason for the problem.
I have also created a video on SFTP server logging at ua-cam.com/video/YZwUBqDJFlQ/v-deo.html
Hope this helps, Cheers👍
@@learningsoftwareskills error resolved thank you . but can you tell me where I can found my computer password ?. Also Your all videos are amazing !!
@@user-uq7ec4sd2r hi, I think you can reset the password but cannot view it.
Thanks for the encouraging comments. Cheers 👍