How to Install and Configure SSH / SFTP Server on Windows

SSH Server Configuration Install Pragma Fortress SSH software on your Windows server. (To download the 14-day trial version, please click here.) To configure the SSH Server settings, go to the Windows Start Menu > Pragma Server Management, then select "Fortress SSH Local Configuration". Once the application opens, click on the "InetD" option located at the bottom of the left pane of the configuration dialog. Make sure that the InetD service is running. If the InetD service is not running, you will not be able to make a SSH connection to the server. Expiry of trial period, higher number of processors (including virtual processors) than what your Pragma registration key supports are two of the frequently encountered reasons why the InetD service does not function. In that case, call us at 1-512-219-7270 or email us at: . [ SSH Server Screen Shots:   Default User |  Console Settings |  Access Control |  InetD] After making sure that the InetD service is running, click on "Users" > "Default" user. Select your default screen mode. The default is "Advanced Console" which allows Unix-like history scroll back among other features.  "Full Console" formats the data and is more efficient as it handles smaller data sets at a time for console screen redrawing. Thus, Full Console is recommended when running character based applications such as trident.exe and sapconsole.exe that display menus as part of the functionality. Select the "Stream" option if the application that you plan to launch via SSH does not format its data and the client can handle the unformatted data from the application. If you are not sure as to which screen mode to select, leave the default screen mode setting as is. Next, set your "Home Directory". This needs be the path where your application or batch file is located. If you leave this field empty, your user account profile will be used as the default home directory. Click on "Default" > "Console Settings". The most important and frequently configured setting under this configuration option is the '"Startup Program" field. Enter the name your application or your batch that you would like to launch via SSH in this field. Please note that in the previous step, in the Home Directory field, you entered the full path to this application or batch file. If you left the home directory field blank in the previous step, then provide the full path to your application or batch file. After making the configurations described so far, when you make a SSH connection to the server, your application or batch will automatically be launched / executed upon completing the SSH logon process successfully. SSH Logon / Authentication Type the following at the prompt of command line window: ssh user@localhost where the user can be the administrator or any other user. If you use an account other than the administrator account, please make sure that user has the appropriate privileges (including "Log on Locally Rights" under the Windows Administrative Tools > User Rights Assignments) to make an SSH connection to the server. [Please note that the users added under the SSH Server settings need to already exist on the server as local users or in the domain as domain users. New Windows user creation and password set/reset are completed via the Windows user management dialogs. When you make an SSH connection and enter a password as part of the logon process, that user authentication process is completed by the operating system in conjunction with the domain controller. SSH configurations made via the Local Fortress SSH Configuration dialog are only for SSH, SFTP and InetD settings.] Adding SSH Users [Please note that the users added under the SSH Server settings need to already exist on the server as local users or in the domain as domain users. New Windows user creation and password set/reset are completed via the Windows user management dialogs. When you make an SSH connection and enter a password as part of the logon process, that user authentication process is completed by the operating system in conjunction with the domain controller. SSH configurations made via the Local Fortress SSH Configuration dialog are only for SSH, SFTP and InetD settings.] Access Control and Restrict Users If you want to allow only certain users SSH access, add those users in the Local Fortress SSH Configuration pane by selecting "Users" and select the "Only Allow Configured Users Access to Server" checkbox. Logging To turn on logging, click on the "Logging" option on the Local Fortress SSH Configuration pane. Select your preferred log file type and specify a location where the log files will be created. If the SSH user needs to access different drives, then make sure to select the "Map User Drives" option for that user under "Users" > "Logon". Once the Pragma Fortress SSH server has been configured and the InetD service is running, you can connect to the server using any SSH clients such as Putty as well as Pragma's GUI SSH Client, FortressCL and Console SSH Client, ssh.exe (both clients are part of Pragma Fortress SSH Client Suite). If you need further assistance in configuring SSH Server settings, then please call the technical support number at 512-219-7270 or email us at: . To view the online help file, click here (best viewed with Internet Explorer).

SFTP Server Configuration Install Pragma Fortress SSH SFTP software on your Windows server. (To download the 14-day trial version, please click here.) To configure the SFTP Server settings, go to the Windows Start Menu > Pragma Server Management, then select "Fortress SSH Local Configuration". Once the application opens, click on the "InetD" option located at the bottom of the left pane of the configuration dialog. Make sure that the InetD service is running. If the InetD service is not running, you will not be able to make a SSH connection to the server. Expiry of trial period, higher number of processors (including virtual processors) than what your Pragma registration key supports are two of the frequently encountered reasons why the InetD service does not function. In that case, call us at 1-512-219-7270 or email us at: [ SFTP Server Screen Shots:     SFTP Users |  Default User |  Access Control |  InetD   ] After making sure that the InetD service is running, click on "SFTP Users" > "Default" user. Select your preferred home directory functionality from the three supported options. The default choice is to "Allow User to Traverse Above Home Directory". If you need to restrict the user to the home directory and its subfolders, select the first option ("Restrict User to Home Directory and Subdirectories). If you would like restrict the user to certain folders and virtualize the directory structure, select the third option (Use Virtual Directory Assignments). Now to test a basic sftp connection, open up a command line window and type of the following: sftp user@localhost where the user can be the administrator or any other user. If you use an account other than the administrator account, please make sure that user has the appropriate privileges (including "log on locally rights" under the Windows Administrative Tools > User Rights Assignments) to make an SFTP connection to the server. [Please note that the users added under the SFTP Server settings need to already exist on the server as local users or in the domain as domain users. New Windows user creation and password set/reset are completed via the Windows user management dialogs. When you make an SFTP connection and enter a password as part of the logon process, that user authentication processing is completed by the operating system in conjunction with the domain controller. SFTP configurations made via the Local Fortress SSH Configuration dialog are only for SSH, SFTP and InetD settings.] After a successful SFTP connection and user authentication process, you should arrive at a "SFTP>". Once at the prompt, you can enter various sftp commands such as "cd .." to move up the directory structure, "dir" to view the list of files and folder, etc. To confirm that the SFTP connection has been made, go to Windows Start Menu > Pragma Server Management and launch the Session Manager program. Once the Session Manger dialog comes up, connect to localhost and at this point, you should see your SFTP connection showing pertinent details about the SFTP session. Adding SFTP Users To add more sftp users, in the Local Fortress SSH Configuration pane click on the SFTP "Users" > "New Users" as needed. [Please note that the users added under the SFTP Server settings need to already exist on the server as local users or in the domain as domain users. New Windows user creation and password set/reset are completed via the Windows user management dialogs. When you make an SFTP connection and enter a password as part of the logon process, that user authentication processing is completed by the operating system in conjunction with the domain controller. SFTP configurations made via the Local Fortress SSH Configuration dialog are only for SSH, SFTP and InetD settings.] Access Control and Restrict Users If you want provide only SFTP access to your Windows server running Pragma Fortress SSH SFTP Server and deny other types of access such as ssh, scp, port forwarding, then click on the "Access Control" option in the Local Fortress SSH Configuration pane and select/de-select the checkboxes as needed. If you want to allow only certain users SFTP access, add those users in the Local Fortress SSH Configuration pane by selecting "Users" and select the "Only Allow Configured Users Access to Server" checkbox. SFTP Logging To turn on SFTP logging, use the drop down menu located under "SFTP Users" option and select the preferred level of logging and set/edit the location where the sftp log files will be created. If the SFTP user needs to access a different drives, then make sure the select "Map User Drives" option for that user. Once the Pragma Fortress SSH SFTP Server has been configured and the InetD service is running, you can connect to the server using any SFTP clients such as Putty, Filezilla as well as Pragma's GUI sftp client, FortressFX and console sftp client, sftp.exe (both clients are part of Pragma Fortress SSH Client Suite). If you need further assistance in configuring SFTP Server settings, then please call the technical support number at 512-219-7270 or email us at: . To view the online help file, click here (best viewed with Internet Explorer).