Information Technology Services
Information Technology Services
Using WinSCP
Using SCP / SFTP
By: Wes Dean x7143 Introduction
This document will discuss the use of SCP (Secure Copy) and SFTP (Secure FTP) for securely transferring files from one system to another, mainly from a Microsoft Windows (win32) system to a UNIX system. This tool--SCP--allows for a variety of improvements over the older FTP-based tools, primarily in the area of security.
Why use SCP?
Many people feel comfortable with their old tools such as WS_FTP which, for the most part, get the job done. Why learn a new tool that will, essentially, do the same thing as the last tool? Well, from a strictly end-user point of view, SCP and FTP look pretty much the same; the real differences are in how the tools do their job in the background.
For example, when an FTP client (such as WS_FTP) connects to an FTP server, everything the user sends--including username and password are sent unencrypted (in what's called "plain text"). Any system between the FTP server and the FTP client can read anything that goes by, insert data, and otherwise be intrusive. For most people, that's not a big concern; besides, what are they going to do, read your (public) web pages on the way by? Well, once a "bad guy" has your username and password, they can log in as you. Once they're logged in as you, they can search for additional security holes through which to further their goals.
So, by avoiding FTP and it's associated servers and client software packages, a more secure environment is created which protects both our users as well as our systems.
In addition to being more secure, SCP applications such as WinSCP provide additional features such as verifying the identity of a remote system that you're connecting with, a scriptable interface for uploading and downloading files automatically, and provides a graphical tool that you can use to manipulate files the same way you would local files.
WinSCP
WinSCP is a free SCP and SFTP client that runs on Microsoft Windows systems such as Windows 95 / 98 / ME, Windows NT / 2000 / 2003, and Windows XP. This product will allow you to securely log into SUNYIT systems and transfer (both upload and download) files.
WinSCP is available at http://winscp.sourceforge.net/.
Installing WinSCP
Installation of WinSCP is fairly simple and can be accomplished in a few short steps:
- Download the WinSCP archive from http://winscp.sourceforge.net/eng/download.php to your local system. You will want to download the WinSCP Installation Package. At the time of writing, this was labeled as the "WinSCP 3.6.6 installation package" and was roughly one and a half megabytes in size (about an 8 minute download on a 56k connection).
- For Windows NT, 2000, 2003, and XP Professional platforms, you will need to log in to your system using the 'administrator' account (or another account that allows you to install software). Windows 95, 98, ME, and XP Home do not have to perform this step.
- Launch the application by clicking on the icon of the downloaded file. If you can not find the icon, you can find it by going to Start then Find (files) and typing in "winscp*setup.exe".
- The installation program will lead you through the various steps for installing WinSCP. The installation default values are acceptable and do not need to be changed.
- You're done--WinSCP is installed.
Starting WinSCP
Upon starting the WinSCP program, you will be presented with a screen similar to this one:
Starting WinSCP. You may use the following values to log into your account:
- Host name : ftp.sunyit.edu
- User name : (your SUNYIT username / userid that you use to log into ampere / MySUNYIT)
- Password : (your password that you use to log into ampere / MySUNYIT)
- Protocol : SFTP (allow SCP fallback)
You may leave the Advanced options box unchecked.
You may also wish to have WinSCP's interface function similarly to that of the Windows Explorer. To do this, click on Preferences and a window like the following will pop up:
WinSCP Preferences Dialog Select Interface, then select Explorer-like, then click on OK.
The explorer interface will allow you to easily drag and drop files to and from your system including to your desktop and local folders / directories.
Connecting
You may hit the
Login button to instruct WinSCP to log into your SUNYIT account.
The first time that you log in, you may be presented with a prompt asserting that the server's host key is not cached in the registry.
New Server Host Key. This is normal--it is not the sign of a problem.
Accessing your files
After a short time, you will be connected to your account at SUNYIT. You will see a display that looks like this (but, obviously, with your files):
Directory Browsing. From here, you may interact with your files at SUNYIT the same way that you would interact with them on your local system. You may double-click files to open/execute them, drag files to different locations, and copy / move files to and from your local system.
Transferring files
To copy a file from your SUNYIT account to your local system, select the files that you wish to transfer, and drag them from the WinSCP window to the folder / directory that you would like to copy to.
Note that you may select multiple files in WinSCP as you can under Windows--hold down the Control key while selecting (generally with a single click) each file.
To initiate the copy, drag the selected file(s) to your desired destination. For example, to copy the files to your desktop, place your mouse cursor over the selected files, press the left mouse button down, move the mouse cursor over a blank area of your desktop, and release the left mouse button.
Also note that if you hold the control button down while dropping the files to their destination, WinSCP will be forced to -COPY- files (thereby leaving the source files in place); holding the shift button while dropping the files will force WinSCP to -MOVE- (thereby removing the source files after the file transfer has completed).
You will then be prompted with a dialog like this:
Dialog for copying files. Here, you will be able to confirm where the file(s) will be copied to.
You may also select the More button to bring up more options:
More file copy options. Once you press Copy, a dialog will open displaying the progress of the file transfer. The top progress bar represents the progress of the entire transfer; the bottom bar represents the progress for the current file. When you're only copying a single file, these two progress bars represent the progress of the file's transfer.
File copy progress. If a file that you're attempting to copy should already exist at the specified destination, you will be provided with a prompt asking how to resolve the situation:
Duplicate filename handling. You're provided with the sizes and dates/times of last modification for both the destination file and the file being transferred. Clicking on Yes will overwrite the file at the destination with the new file.
Disconnecting
Once you've completed your file transfers, you may disconnect either by going to the
File menu or by closing the WinSCP window.
Useful notes
Here are a few useful points which may help you get the most out of using WinSCP:
- Holding control while dropping files will force WinSCP to copy the files.
- Holding shift while dropping files will force WinSCP to move the files.
- Connections made with WinSCP are encrypted--neither your login credentials nor your files are sent in plain text.
- Creating and saving sessions from public computers may share your account access information with people who use the computer after you. For maximum security, only use sessions on personal (i.e. non-public) systems.
- Your public_html folder in your home directory is where the SUNYIT web server looks when somebody access your personal web space (that is, http://www.sunyit.edu/~username/ or http://people.sunyit.edu/~username/ ).
- Your public_html file must be readable (read permission) and searchable (execute permission) by the "other" group in order to be accessible over the web.
- You may change file and directory permissions the same way you would change properties for a file under Windows--right click on the file.
Obtaining Help
If you require additional assistance with WinSCP, please contact the Help Desk at extension x7440.
Using WinSCP at SUNYIT by Wesley Dean.
Last updated: 8/26/04
