- Server Requirements
- SFTP Requirements
- SCP Requirements
- Using WinSCP with Restricted Shell Environments
- Effect of Remote User Environment on WinSCP Sessions
- Client Requirements
Using WinSCP, you can connect to an SSH (Secure Shell) server with SFTP (SSH File Transfer Protocol) or SCP (Secure Copy Protocol) service, to an FTP (File Transfer Protocol) server or HTTP server with WebDAV service.
SFTP is a standard part of the SSH-2 package. SCP is a standard part of the SSH-1 package. You can also run both protocols on the latter SSH version. WinSCP supports both SSH-1 and SSH-2. For authentication, you can use user name and password or public key (RSA or DSA). Other authorization types include TIS, Cryptocard, Keyboard-interactive, and Kerberos.
For FTP, both the basic unencrypted variant and FTPS are supported. Compressed transfers (Zlib) are not supported.
For WebDAV, both the basic unencrypted variant and WebDAVS are supported. Compressed transfers (Zlib) are not supported.
For SFTP, the only requirement beyond the server requirements above is to run SFTP on the server. It is best to run it as an SSH-2 subsystem. If you select SFTP-only on the Login dialog and the SFTP subsystem is not found, WinSCP will try to find the SFTP server in some common directories (
/usr/local/lib/sftp-server, etc.). This way, it is possible to use SFTP even with SSH-1, which does not support subsystems.
As the SCP protocol implements file transfers only, WinSCP must use other means to implement the additional functionality (like directory listing). WinSCP uses Unix-like shell commands to do that. This in turn means that when using the SCP protocol, it can connect to servers that run Unix-like or its emulation only1.
To transfer files,
scp1 is used (it is called from within
scp). If only
scp2 is allowed on your server, check the Use scp2 with scp1 compatibility option on the SCP/Shell page on the Advanced Site Settings dialog.
For correct functionality, you must do the following. The
bash shell is recommended for working with WinSCP. If your default shell doesn’t work with WinSCP, you can make WinSCP use other shell.
For its operation, WinSCP needs several commands:
unset. These commands have to be placed in the path and the user must have sufficient permissions to execute them. WinSCP expects “standard” behavior of these commands. You can avoid needing these commands by not using some of the WinSCP functions (
ln, etc.) or by changing some configuration options (
Just after establishing the connection with a server, all aliases on the above commands are cleared. This helps avoid unexpected behavior.
Another precondition is that the output of all commands be in English. This mostly concerns names of months in directory listings (
ls -la). Because of this, WinSCP clears all user variables that govern command output after login. If command output also reflects some other server settings, it may be necessary to change this before WinSCP can be used.
The last necessary condition is the proper output of the
ls -la command, particularly the standard number and ordering of the columns. If the default output does not satisfy the needs of WinSCP you can use Listing command option on the SCP/Shell page on the Advanced Site Settings dialog to modify it.
WinSCP will attempt detect support for the
--full-time switch of the
ls command. If the detection causes you problems, you can disable it.
A number of restricted shell environments exist for supporting SFTP/SCP only accounts. These systems restrict an user to a small subset of commands needed to manipulate files, while denying an ability to execute arbitrary commands. Some of these environments create incompatibilities with WinSCP, particularly if using SCP.
Most shells nowadays offer options to make the user experience better. Unfortunately many of these options make the shell incompatible with WinSCP.
This mainly affects the SCP protocol. An example is colorized output from the
ls command that includes ANSI color sequences which WinSCP cannot parse.
Also, the SFTP protocol can be affected. A typical example is where some message is printed from a start-up script. WinSCP (and any other SFTP client) will attempt to parse the message as an SFTP packet, which will obviously fail.
You should configure your start-up scripts to conform to non-interactive sessions (like WinSCP). Some shells call different profile/start-up scripts for interactive and non-interactive sessions. You can also use some environment variables, such as
TERM to distinguish interactive and non-interactive sessions.
WinSCP runs on Microsoft Windows XP SP2/Windows Server 2003 SP1 and newer, up to Windows 10/Windows Server 2016. It runs both on client and server editions of Microsoft Windows. We know of no reason why WinSCP should not continue to work on future versions of Microsoft Windows.
While there is 32-bit version of WinSCP available only, it runs on 64-bit editions of Microsoft Windows.
On Windows Server, WinSCP runs both in “Server with Desktop Experience” (“Server with a GUI”) and “Server Core” installation options.
WinSCP requires 35-70 MB of free disk space.
We take care to make WinSCP an accessible application, particularly to visually impaired people. WinSCP can be used on systems with screen readers.