This is an old revision of the document!
WinSCP Technical Requirements
- Server Requirements
- SFTP Requirements
- SCP Requirements
- Using WinSCP with Restricted Shell Environments
- Configuring WinSCP Sessions
- Client Requirements
Advertisement
Server Requirements
Using WinSCP, it is possible to connect to a SSH (Secure Shell) server with SFTP (SSH File Transfer Protocol) or SCP (Secure Copy Protocol) service, mainly to UNIX machines. SFTP is a standard part of SSH-2 package. SCP is a standard part of SSH-1 package. Both protocols can be run even on the latter SSH version. WinSCP supports both SSH-1 and SSH-2. For authentication, the user can use username and password or public key (RSA or DSA). Other supported means of authorization include TIS, Cryptocard and Keyboard-interactive..
To generate a public key file, use the PuTTYgen application. Also read how to use the Pageant (PuTTY’s SSH authentication agent) application for public key authentication. You can find links to download these programs in the Download section. The installation package of WinSCP already includes these applications.
Advertisement
The user can specify his/her encryption algorithm preferences. Options are: AES (SSH-2-only), Blowfish, 3DES and DES (SSH-1-only). It is possible to enable compression. A connection can be established through a Proxy (HTTP, SOCKS 4/5 or Telnet).
SFTP Requirements
For SFTP, the only requirement beyond the server requirements above is to run SFTP on the server. It is best to run it as a SSH-2 subsystem. If you select SFTP-only on the login screen and the SFTP subsystem is not found, WinSCP will try to find the SFTP server in some common directories (/usr/lib/sftp-server
, /usr/local/lib/sftp-server
, etc.). This way, it is possible to use SFTP even with SSH-1, which does not support subsystems.
SCP Requirements
To transfer files, scp1
is used (it is called from within scp
). If only scp2
is allowed on your server, check the Use scp2 with scp1 compatibility option on the SCP tab in the Login dialog.
For correct functionality, it is necessary to satisfy a few conditions. The bash
shell is recommended for working with WinSCP. If your default shell doesn’t work with WinSCP, you can make WinSCP use other shell.
For its operation, WinSCP needs several commands: alias
, cd
, chgrp
, chmod
, chown
, echo
, groups
, ls
, mkdir
, mv
, pwd
, scp
, rm
, ln
, unalias
and unset
. These commands have to be placed in the path and user must have sufficient permissions to execute them. WinSCP expects “standard” behaviour of these commands. You can avoid needing these commands by not using some of WinSCP functions (mkdir
, chown
, ln
, etc.) or by changing some configuration options (alias
, groups
, unalias
and unset
).
Just after establishing the connection with server, all aliases on the above commands are cleared. This is done to avoid unexpected behaviour.
Another precondition is that the output of all commands is in English. This mostly concerns names of months in directory listings (ls -la
). Because of this, WinSCP clears all user variables that govern command output after login. If command output also reflects some other server settings, it may be necessary to change this before WinSCP can be used.
The last necessary condition is the proper output of ls -la
command, which is supposed to include file group name! If the group name is absent, it can be temporarily added using the Alias LS to display group name option on the SCP tab in the Login dialog. WinSCP will attempt detect support for --full-time
switch of the ls
command. If the detection causes you problems, you can disable it.
Using WinSCP with Restricted Shell Environments
A number of restricted shell enviroments exist for supporting SCP/SFTP only accounts. These systems restrict the user to a small subset of commands needed to manipulate files while denying the ability to execute arbitrary commands. Some of these enviroments create incompatabilities with WinSCP, particularly if using SCP instead of SFTP.
Configuring WinSCP Sessions
Most shells nowadays offer options to make user experience better. Unfortunatelly many of these options makes the shell incompatible with WinSCP.
This mostly affects SCP protocol. Example is colorised output on ls
command that puts ANSI color sequences to the command output that WinSCP cannot parse.
Advertisement
Also SFTP protocol can be affected. Typical example is printing some message from startup scripts. WinSCP (and any other SFTP client) will attempt to parse the message as SFTP packet, which obviously fails.
You should configure your startup scripts to conform to non-interactive sessions (like WinSCP). Some shells calls different profile/startup scripts for interactive and non-interactive sessions. You can use also some environment variables, like TERM
to distinguish interactive and non-interactive sessions.
Client Requirements
WinSCP should run on any system running Windows 95 or later.