Solved

Windows FTP over SSL using WinScp

Posted on 2013-05-20
14
1,819 Views
Last Modified: 2013-05-27
I'm running Windows 2008 FTP Server and have configured the ftp server to allow SSL connections. I have created my self-sign certificate and done all of the configs on the server side.

I want to be able to in to the ftp server securely and upload a file. I need help with a winscp script file that connects to my server using encrypted authentication along with encrypted data transfer.
0
Comment
Question by:abgtemp
  • 4
  • 4
  • 2
  • +2
14 Comments
 
LVL 8

Expert Comment

by:jpgobert
ID: 39180262
I'm not clear on what exactly you need help with..?  You say you've already done the server side configuration so that FTPs is working, right?

What part of the WinSCP script do you need help with?  What exactly do you want the script to do?

Need more details to be able to help...
0
 
LVL 19

Expert Comment

by:bevhost
ID: 39180268
There is a command line utility that works like WinSCP,

You can download from this page
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

or using this link
http://the.earth.li/~sgtatham/putty/latest/x86/pscp.exe

for docs and howto info
http://the.earth.li/~sgtatham/putty/0.62/htmldoc/Chapter5.html#pscp
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 39180366
WinSCP and related programs use SSH, not SSL.  SSH is a different and incompatible encryption method.  To use WinSCP, you need an SSH server installed on your machine.  The Filezilla client and server support FTPS (FTP over SSL): https://filezilla-project.org/
0
 
LVL 19

Expert Comment

by:bevhost
ID: 39180381
0
 
LVL 8

Expert Comment

by:jpgobert
ID: 39180496
Sorry DavidBaldwin but that's not true... WinSCP has support for FTP over SSL... it's just not in the GUI.  I just used the WinSCP command line version and opened a connection to my FTPS server and it worked fine.
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 39180996
I believe basic FTPS support was added to WinSCP in version 4.2.  I don't know if it is scriptable like the SFTP engine.

You said that you need "encrypted authentication along with encrypted data transfer."

In terms of FTPS, this means you want both the control channel and the data channel to be protected.  Different FTPS clients have different default behaviors in this regard... some default to only protecting the control channel because that runs faster.  You'll have to check the WinSCP docs to be sure.

I use RoboFTP for scripting FTPS transfers and it has the /trust option you can add to your script so that it won't choke the first time it sees your self-signed certificate... so look for an option like that in winscp if you are going to distribute the script and don't want to support users that complain about having to acknowledge and accept the cert...  in RoboFTP the connection command syntax would be something like:

FTPLOGON "svr.mydomain.tld" /user="UserID" /pw="secret" /servertype=FTPS /trust=all
0
Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

 

Author Comment

by:abgtemp
ID: 39181106
I want to run it from the command line using the following command and script file for it to process.


 winscp.exe /console /script=c:\ftpcmds


**********************
FTPCMDS
**********************

option confirm off
open ftp://ftpuser@myserver.com:21 -certificate="xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx" 
option transfer binary
put d:\file.txt
close
exit

Open in new window





What I'm not clear on is the following questions when connecting

1. Should I be using ftps:// or ftp://
2. Which other flags should I be using to ensure my credentials are encrypted and the data I am sending?  (-explicitssl -explicittls)?
0
 

Author Comment

by:abgtemp
ID: 39181292
I was able to figure out the commands I needed. My final command was:

C:\winscp.com /console /script=c:\ftpcmds


**********************
FTPCMDS File Contents
**********************
option batch abort
option confirm off
open ftp://ftpuser:password@myserver.com -explicitssl -explicittls -certificate="xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx" 
option transfer binary
put d:\file.txt
close
exit

Open in new window



I set the FTP server on my Windows box to Require that the Control Path and Data Path be encrypted.
0
 

Author Comment

by:abgtemp
ID: 39183080
I've requested that this question be closed as follows:

Accepted answer: 0 points for abgtemp's comment #a39181292

for the following reason:

No one else answered my question
0
 

Accepted Solution

by:
abgtemp earned 0 total points
ID: 39181435
One correction. I used ftps:// instead of ftp://

C:\winscp.com /console /script=c:\ftpcmds


**********************
FTPCMDS File Contents
**********************
option batch abort
option confirm off
open ftps://ftpuser:password@myserver.com -explicitssl -explicittls -certificate="xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx" 
option transfer binary
put d:\file.txt
close
exit

Open in new window

0
 
LVL 19

Expert Comment

by:bevhost
ID: 39183081
Well if you asked the question correctly maybe you would have got the answer you seeked
0
 
LVL 19

Expert Comment

by:bevhost
ID: 39183198
0

Featured Post

Too many email signature changes to deal with?

Are you constantly being asked to update your organization's email signatures? Do they take up too much of your time? Wouldn't you love to be able to manage all signatures from one central location, easily design them and deploy them quickly to users. Well, you can!

Join & Write a Comment

Workplace bullying has increased with the use of email and social media. Retain evidence of this with email archiving to protect your employees.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now