Secure FTP

What is SFTP?

SFTP stands for the Secure File Transfer Protocol. You use an SFTP client to send files from your computer to the our server, or to retrieve files from our server.

Why do I need to do this?

We are shutting off clear-text FTP access because when you log in with your username and password, people snooping on the network can capture all information sent. If someone captures your username and password, they can become you. For this reason, we are making it so you can only use an FTP client that uses encryption. Encryption means that all information sent on the network will be jumbled in a way that only your computer and the server can easily decode the information being sent.

What do I need to do?

In order to access our ftp servers you need to run Secure FTP (sftp from OpenSSH or similar). A suitable Windows client is the open source tool Winscp. The following notes provide a quick overview of how to use an sftp client.

1. Command Line Usage

If you wish to access the server via the sftp command line tool provided with OpenSSH on UNIX systems and Linux systems use

    sftp username@host

replacing username with your assigned user name for the account, and host with the designated hostname.

2. Instructions for Windows Users : Download and Install Winscp

Winscp is an Open Source tool available for download here

2.1 Initial Setup

When you first start winscp you should see a screen like this. Enter the designated host name in Host Name, Port Number should be left set to 22. Enter your account name in the User name box, and optionally enter your password. Leave Private key file blank, and ensure the Protocol is set to SFTP (allow SCP fallback). You should select Save to store the session to save having to rekey this each time you start winscp. You can also save multiple accounts this way.

If you do enter a password and save the setup you will see a Warning message about the potential problems of storing a password. We would recommend that you do not store passwords on your PC.

You are then prompted to give a name to the setup. We recommend using the default naming convention of Account Name@Host Name.

2.2 Connecting to the Server

Once you have saved a setup it will appear under Stored Sessions on the start screen.

If you select stored session and select Login you are then connected to the host. A password prompt will appear as below if you have not stored your password or your password is incorrect.

You may see a warning screen about trusting the remote host if you have not connected before. You can safely ignore this. Once connected a window showing two panes with the local and remote directory is shown.

2.3 Troubleshooting Winscp

How do I enable debugging in WinSCP?

WinSCP has built-in debugging that is available only if you check the "Advanced Options" checkbox. Then it is placed under Session -> Logging.

I can't connect with my firewall enabled. What ports are needed for SCP/SFTP?

Since SCP is essentially just SSH (SFTP is slightly different but uses the same port), TCP port 22 outbound is the only port that needs to be open for contacting the remote access server.

I start to connect but then get disconnected by the remote host

Please ensure that the host you are using has a DNS reverse lookup for its IP address. Our connection software will routinely reject hosts that it is unable to identify in the DNS.

2.4 Learn More about Winscp

Take a look at those pictures to learn more about WinSCP functionality. The screenshots are links to documentation on the Winscp site for the window shown.

Application Interface (Similar to Norton Commander)

Application Interface (Similar to Windows Explorer)

Window for Setting Upload Options

Changing Properties of Files and Folders

SSH Session Settings in Login Dialog

Stored Sessions List in Login Dialog