This is an old revision of the document!

Documentation » Setting up WinSCP »

WinSCP Technical Requirements

Advertisement

Server Requirements

Using WinSCP, it is possible to connect to a SSH (Secure Shell) server with SFTP (SSH File Transfer Protocol) or SCP (Secure Copy Protocol) service, mainly to UNIX machines. SFTP is a standard part of SSH-2 package. SCP is a standard part of SSH-1 package. Both protocols can be run even on the latter SSH version. WinSCP supports both SSH-1 and SSH-2. For authentication, the user can use user name and password or public key (RSA or DSA). Other supported means of authorization include TIS, Cryptocard and Keyboard-interactive.

The user can specify his / her encryption algorithm preferences. Options are: AES (SSH-2-only), Blowfish, 3DES and DES (SSH-1-only). It is possible to enable compression. A connection can be established through a Proxy (HTTP, SOCKS 4/5 or Telnet).

Advertisement

SFTP Requirements

For SFTP, the only requirement beyond the server requirements above is to run SFTP on the server. It is best to run it as a SSH-2 subsystem. If you select SFTP-only on the login screen and the SFTP subsystem is not found, WinSCP will try to find the SFTP server in some common directories (/usr/lib/sftp-server, /usr/local/lib/sftp-server, etc.). This way, it is possible to use SFTP even with SSH-1, which does not support subsystems.

SCP Requirements

To transfer files, scp1 is used (it is called from within scp). If only scp2 is allowed on your server, check the Use scp2 with scp1 compatibility option on the SCP tab in the Login dialog.

For correct functionality, it is necessary to satisfy a few conditions. The bash shell is recommended for working with WinSCP. If your default shell doesn’t work with WinSCP, you can make WinSCP use other shell.

For its operation, WinSCP needs several commands: alias, cd, chgrp, chmod, chown, echo, groups, ls, mkdir, mv, pwd, scp, rm, ln, unalias and unset. These commands have to be placed in the path and user must have sufficient permissions to execute them. WinSCP expects “standard” behaviour of these commands. You can avoid needing these commands by not using some of WinSCP functions (mkdir, chown, ln, etc.) or by changing some configuration options (alias, groups, unalias and unset).

Just after establishing the connection with server, all aliases on the above commands are cleared. This is done to avoid unexpected behaviour.

Another precondition is that the output of all commands is in English. This mostly concerns names of months in directory listings (ls -la). Because of this, WinSCP clears all user variables that govern command output after login. If command output also reflects some other server settings, it may be necessary to change this before WinSCP can be used.

The last necessary condition is the proper output of ls -la command, which is supposed to include file group name! If the group name is absent, it can be temporarily added using the Alias LS to display group name option on the SCP tab in the Login dialog. WinSCP will attempt detect support for --full-time switch of the ls command. If the detection causes you problems, you can disable it.

Using WinSCP with Restricted Shell Environments

A number of restricted shell environments exist for supporting SFTP/SCP only accounts. These systems restrict the user to a small subset of commands needed to manipulate files while denying the ability to execute arbitrary commands. Some of these environments create incompatibilities with WinSCP, particularly if using SCP instead of SFTP.

Configuring WinSCP Sessions

Most shells nowadays offer options to make the user experience better. Unfortunately many of these options make the shell incompatible with WinSCP.

This mainly affects the SCP protocol. An example is colorized output with the ls command that outputs ANSI color sequences to the command output which WinSCP is unable to parse.

Also, the SFTP protocol can be affected. A typical example is where some message is printed from a start-up script. WinSCP (and any other SFTP client) will attempt to parse the message as an SFTP packet, which will obviously fail.

Advertisement

You should configure your start-up scripts to conform to non-interactive sessions (like WinSCP). Some shells call different profile/start-up scripts for interactive and non-interactive sessions. You can also use some environment variables, such as TERM to distinguish interactive and non-interactive sessions.

Client Requirements

WinSCP should run on any system running Windows 95 or later.

WinSCP also runs on Linux platforms where Crossover 4.x or later is running. Crossover is the commercial development of the Wine project.

WinSCP must handle two remote sessions (instead of one remote session + the local filesystem).

Last modified: by 217.111.53.98