This is step by step guide to install and configure a SFTP server on Windows Server 2019 to achieve greater security in the communication from remote clients to File Servers over the internet
if you would like to check how to install File Server Role in Window Server 2019 then click here
- better to assign a static IP address
- Allow inbound connections for SFTP in windows defender firewall
- Run the following PowerShell command as the Administrator:
New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH SSH Server' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 -Program "C:\System32\OpenSSH\sshd.exe"
Now it is possible to install an SFTP server right from the Apps and Features section with windows server 2019
The following are the steps to enable SFTP on a Windows server 2019:
- Go to Windows Settings–>Apps
- Click on “Manage optional features” Under apps and features menu
- Look for OpenSSH Server, check if it’s already installed, if not click on “Add a feature” to install it.
Configuring OpenSSH server to start on Windows startup:
- Go to Windows services and look for “OpenSSH Authentication Agent ” and “OpenSSH SSH Server” services.
- Change both services startup type to “Automatic”, and make sure that they are both started.
Changing the root directory of OpenSSH server:
- Browse to directory “C:\ProgramData\ssh” and locate “sshd_config” file.
- Look for #ChrootDirectory and modify that line to:
ChrootDirectory “E:\SFTPRoot” and save the file. OR
sftp sftp-server.exe -d E:\SFTPRoot
- Restart the “OpenSSH SSH Server” service”.
Create a local user, on the Windows server 2019 or an active directory user if the server is joined to the domain, for instance:
Create a new site in FileZilla Client and test your SFTP server